Spring Oauth 2 Facebook身份验证将用户重定向到我的主页 [英] Spring Oauth 2 Facebook Authentication Redirects User To My Home Page

问题描述

我正在尝试将已通过身份验证的用户重定向到主页以外的其他页面.我正在使用Spring Boot 1.5.6和Oauth2.用户已通过身份验证，但已重定向到主页.我不明白为什么会这样.拜托，有人应该帮我.一些有关stackoverflow和互联网的相关问题的答案并没有帮助我.

I am trying to redirect a user who have been authenticated to another page other than the home page. I am using spring boot 1.5.6 and Oauth 2. User is authenticated but was redirected to the home page. I don't understand why this is happening. Please, someone should help me. Some answers to related problem on stackoverflow and the internet didn't help me.

这是我的SecurityConfig文件

Here is my SecurityConfig file

@Configuration
@EnableGlobalAuthentication
@EnableOAuth2Client
@EnableGlobalMethodSecurity(prePostEnabled = true)
@Order(2)
public class SecurityConfig extends WebSecurityConfigurerAdapter{

protected final Log logger = LogFactory.getLog(getClass());

@Autowired
private OAuth2ClientContext oauth2ClientContext;

@Autowired
private UserDetailsService userDetailsService;

@Autowired
private GeneralConfig generalConfig;

@Override
public void configure(WebSecurity web) throws Exception {
    super.configure(web);
}

@Override
public void configure(HttpSecurity http) throws Exception {

   http.authorizeRequests()
   .antMatchers("/user*")
   .access("hasRole('CUSTOMER')")
   .and()

   .formLogin()
   .loginPage("/loginUser")
   .loginProcessingUrl("/user_login")
   .failureUrl("/loginUser?error=loginError")
   .defaultSuccessUrl("/customer/dashboard")

   .and()
   .logout()
   .logoutUrl("/user_logout")
   .logoutSuccessUrl("/loginUser").permitAll()
   .deleteCookies("JSESSIONID")

   .and()
   .exceptionHandling()
   .accessDeniedPage("/403")

   .and()
   .csrf().disable()
   .addFilterBefore(ssoFilter(), BasicAuthenticationFilter.class);  

}

@Override
protected void configure(AuthenticationManagerBuilder auth) throws               Exception {
    auth.userDetailsService(userDetailsService).
    passwordEncoder(bCryptPasswordEncoder());
}

@Autowired
public void configureGlobal(AuthenticationManagerBuilder auth) throws 
Exception {
    auth.userDetailsService(userDetailsService);
}

@Bean
public FilterRegistrationBeanoauth2ClientFilterRegistration
(OAuth2ClientContextFilter filter) {
    FilterRegistrationBean registration = new FilterRegistrationBean();
    registration.setFilter(filter);
    registration.setOrder(-100);
    return registration;
}

private Filter ssoFilter(ClientResources client, String path) {
    OAuth2ClientAuthenticationProcessingFilter filter = new      
    OAuth2ClientAuthenticationProcessingFilter(path);
    OAuth2RestTemplate template = new  
    OAuth2RestTemplate(client.getClient(), oauth2ClientContext);
    filter.setRestTemplate(template);
    UserInfoTokenServices tokenServices = new  
         UserInfoTokenServices(client.getResource().getUserInfoUri(),
         client.getClient().getClientId());
    tokenServices.setRestTemplate(template);
    filter.setTokenServices(tokenServices);
    return filter;
}

private Filter ssoFilter() {
    CompositeFilter filter = new CompositeFilter();
    List<Filter> filters = new ArrayList<>();
    filters.add(ssoFilter(facebook(), "/signin/facebook"));
    filters.add(ssoFilter(google(), "/signin/google"));
    filter.setFilters(filters);
    return filter;
}

@Bean
public BCryptPasswordEncoder bCryptPasswordEncoder() {
    return new BCryptPasswordEncoder();
}

@Bean
@ConfigurationProperties("google")
public ClientResources google() {
    return new ClientResources();
}

@Bean
@ConfigurationProperties("facebook")
public ClientResources facebook() {
    return new ClientResources();
}

}

我希望从SecurityConfig中将成功通过身份验证的用户重定向到客户/仪表板，以便我可以进行进一步的处理.我知道用户已通过身份验证，因为我可以访问他们的数据.不仅仅是重定向到正确的页面

From the SecurityConfig I expect the user upon successful authentication to be redirected to customer/dashboard so that I can do further processing. I know the user is authenticated because I can access their data. It's not just redirecting to the right page

但是，它会继续将用户重定向到主页.我究竟做错了什么?我也有另一个用于管理员的安全配置文件.如果需要，我可以提供.

But instead it keep redirecting the user to the home page. What am I doing wrong? I also have another Security Config File for admin. I can provide it if required.

推荐答案

要更改默认策略，您必须设置 AbstractAuthenticationProcessingFilter#setAuthenticationSuccessHandler :

To change the default strategy, you have to set an AuthenticationSuccessHandler, see AbstractAuthenticationProcessingFilter#setAuthenticationSuccessHandler:

设置用于处理成功身份验证的策略.默认情况下，使用SavedRequestAwareAuthenticationSuccessHandler.

您修改的代码:

private Filter ssoFilter(ClientResources client, String path) {
    OAuth2ClientAuthenticationProcessingFilter filter = new OAuth2ClientAuthenticationProcessingFilter(path);
    OAuth2RestTemplate template = new OAuth2RestTemplate(client.getClient(), oauth2ClientContext);
    filter.setRestTemplate(template);
    UserInfoTokenServices tokenServices = new UserInfoTokenServices(client.getResource().getUserInfoUri(),client.getClient().getClientId());
    tokenServices.setRestTemplate(template);
    filter.setTokenServices(tokenServices);
    filter.setAuthenticationSuccessHandler(new SimpleUrlAuthenticationSuccessHandler("/customer/dashboard")‌​;
    return filter;
}

这篇关于Spring Oauth 2 Facebook身份验证将用户重定向到我的主页的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！