手动向Spring Security提供引荐URL [英] Manually Supply Referral URL to Spring Security

问题描述

我们有一些购物车页面，可以与来宾和用户路径一起工作。我们希望允许用户在此过程中随时登录，但并不想真正创建另一个登录页面。我更喜欢我们可以简单地将用户重定向到现有的登录名，并告诉Spring Security要返回的URL。

我知道这会在会话超时和/或受保护的页面在没有会话的情况下被请求，但是有没有一种方法可以让我自己给Spring Security的URL？

解决方案

如果您只需要一个简单的返回URL来检索购物车，那么您最好自己在一个 AuthenticationSuccessHandler 。您可以查看 SimpleUrlAuthenticationSuccessHandler 及其父母的源代码获取灵感。
$ b 默认登录机制使用 RequestCache 和一个 SavedRequest ，但是这样做的目的是实际重放一个不会被授权的请求。这可能是你的情况矫枉过正。

We have some shopping cart pages which work with both guest and user paths. We want to allow a user to login at any time during the process but don't really want to create yet another login page. I'd prefer that we can simply redirect the user to the existing login and tell Spring Security what URL to come back to.

I know this happens automatically when sessions timeout and/or protected pages are requested without a session, but is there a way I can give the URL to Spring Security myself?

解决方案

If you just need a simple return-to URL to retrieve the cart, then you are probably best to implement that yourself in an AuthenticationSuccessHandler. You can look at the source for SimpleUrlAuthenticationSuccessHandler and its parent for inspiration.

The default login mechanism uses the RequestCache and a SavedRequest, but that is intended to actually replay a request which would not otherwise be authorised. That's probably overkill in your case.

这篇关于手动向Spring Security提供引荐URL的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！