成功登录后的 Spring Boot Security 重定向 - 未定义 [英] Spring Boot Security redirect after successful login - undefined

问题描述

我遵循了spring boot 安全教程，但最终结果有问题成功登录后，浏览器将重定向到/undefined.

I have followed the spring boot security tutorial but the end result has an issue consisting in that after successful login the browser is redirect to /undefined.

我什至克隆了教程中引用的代码，以为我输入错误，或者忘记添加组件什么的.不，还有同样的问题.

I have even cloned the code referenced in the tutorial, thinking I have typed something wrong, or forgot to add a component or something. No, the same issue is there.

在 Stackoverflow 上搜索我发现您需要在 WebSecurityConfigurerAdapter 的 configure 方法中定义默认的成功 URL，如下所示:

Searching on Stackoverflow I found out that you need to define the default success URL in the configure method of the WebSecurityConfigurerAdapter like so:

.defaultSuccessUrl("/")

但还是不行.访问受保护的资源会导致登录页面，成功登录后，我不会被重定向到受保护的资源.我进入/未定义"页面.然而，强迫成功是有效的:

but still no go. Accessing a protected resource leads to the login page and upon successful login I don't get redirected to the protected resource. I get to the '/undefined' page. Forcing the success works, however:

.defaultSuccessUrl("/", true)

...但这不是我需要的，因为在成功登录后，用户应该被重定向到(最初)请求的安全资源.

... but this is not what I would need because after successful login the user should be redirected to secured resource (initially) requested.

这是项目的相关部分:

网络安全配置:

package ro.rinea.andrei.Security;

import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;

@Configuration
@EnableWebSecurity
public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
    @Override
    protected void configure(HttpSecurity http) throws Exception {
        http.authorizeRequests()
                .antMatchers("/").permitAll()
                .anyRequest().authenticated()
                .and()
            .formLogin()
                .loginPage("/login")
                .defaultSuccessUrl("/")
                .permitAll()
                .and()
            .logout()
                .permitAll();
    }

    @Autowired
    public void configureGlobal(AuthenticationManagerBuilder auth) throws Exception {
        auth.inMemoryAuthentication()
            .withUser("user").password("password").roles("USER");
    }
}

控制器:

package ro.rinea.andrei.Controllers;

import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.RequestMapping;

@Controller
public class WebController {

    @RequestMapping("/")
    public String index() {
        return "index";
    }

    @RequestMapping("/salut")
    public String salut() {
        return "salut";
    }

    @RequestMapping("/login")
    public String login() {
        return "login";
    }
}

为index、login 和salut 定义了视图(如果需要，我会添加它们的内容)

There are views defined for index, login and salut (if needed I will add their contents)

和 build.gradle 文件:

and the build.gradle file:

buildscript {
    ext {
        springBootVersion = '1.4.0.RELEASE'
    }
    repositories {
        mavenCentral()
    }
    dependencies {
        classpath("org.springframework.boot:spring-boot-gradle-plugin:${springBootVersion}")
    }
}

apply plugin: 'java'
apply plugin: 'idea'
apply plugin: 'spring-boot'

jar {
    baseName = 'tstBut'
    version = '0.0.1-SNAPSHOT'
}
sourceCompatibility = 1.8
targetCompatibility = 1.8

repositories {
    mavenCentral()
}


dependencies {
    compile('org.springframework.boot:spring-boot-devtools')
    compile('org.springframework.boot:spring-boot-starter-jdbc')
    compile('org.springframework.boot:spring-boot-starter-jersey')
    compile('org.springframework.boot:spring-boot-starter-mobile')
    compile('org.springframework.boot:spring-boot-starter-thymeleaf')
    compile('org.springframework.boot:spring-boot-starter-validation')
    compile('org.springframework.boot:spring-boot-starter-web')
    compile('org.springframework.boot:spring-boot-starter-web-services')
    compile('org.springframework.boot:spring-boot-starter-security')
    runtime('org.postgresql:postgresql')
    testCompile('org.springframework.boot:spring-boot-starter-test')
    testCompile('org.springframework.restdocs:spring-restdocs-mockmvc')
}

推荐答案

你可以像这样添加一个 successHandler 来重定向:

You can add a successHandler to redirect like this:

private RedirectStrategy redirectStrategy = new DefaultRedirectStrategy();
   ...
   .formLogin()
   .loginPage("/login")
   .successHandler(new AuthenticationSuccessHandler() {
    @Override
    public void onAuthenticationSuccess(HttpServletRequest request, HttpServletResponse response,
            Authentication authentication) throws IOException, ServletException {
        redirectStrategy.sendRedirect(request, response, "/");
    }
})

这篇关于成功登录后的 Spring Boot Security 重定向 - 未定义的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！