Spring 安全性:提交响应后无法调用 sendRedirect() [英] Spring security: Cannot call sendRedirect() after the response has been committed

问题描述

我使用以下代码注销:

public class LogoutHandler extends SimpleUrlLogoutSuccessHandler {


@Override
public void onLogoutSuccess(HttpServletRequest request, HttpServletResponse response, Authentication authentication)
        throws IOException, ServletException {
    if(!response.isCommitted()) {
        String targetURL = "myUrl";
        response.setContentType(MediaType.TEXT_PLAIN_VALUE);
        response.getWriter().write(target);
        response.getWriter().flush();
        response.getWriter().close();
        getRedirectStrategy().sendRedirect(request, response, targetURL);
    }

 }

}

但是在调用/logout WS 时出现以下异常:

But when calling /logout WS I got the following exception:

 java.lang.IllegalStateException: Cannot call sendRedirect() after the response has been committed
at org.apache.catalina.connector.ResponseFacade.sendRedirect(ResponseFacade.java:494)
at javax.servlet.http.HttpServletResponseWrapper.sendRedirect(HttpServletResponseWrapper.java:138)
at org.springframework.security.web.firewall.FirewalledResponse.sendRedirect(FirewalledResponse.java:26)
at javax.servlet.http.HttpServletResponseWrapper.sendRedirect(HttpServletResponseWrapper.java:138)

推荐答案

不，您不能在编写正文后使用 sendRedirect，因为响应是提交"的.

No, you can't use sendRedirect after you have written a body because then the response is "committed".

如果你想要一个带有自定义正文的重定向，你可以设置相当于在编写响应正文之前进行重定向:

If you want a redirect with custom body, you can set the equivalent of doing a redirect before writing the response body:

response.setStatus(HttpServletResponse.SC_TEMPORARY_REDIRECT);
response.setHeader("Location", targetURL);

这篇关于Spring 安全性:提交响应后无法调用 sendRedirect()的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！