Spring 3.1：登录后重定向不起作用 [英] Spring 3.1: Redirect after login not working

问题描述

我有一个页面，其中包含指向应用程序中其他页面的多个链接。当用户访问网站时，系统页面会显示，即使用户未登录也可以访问。但是，如果用户点击其他链接，则需要用户登录，用户才能正确地重定向到登录页面。但是，登录后，用户不会被重定向到被点击的链接，而是用户进入系统页面（系统页面是默认目标网址）。

I have a page which has multiple links to other pages in the application. When a user visits the website, the systems page is shown which is accessible even if user is not logged in. However, if user clicks on some other link, that expects the user to be logged in, user is rightly redirected to the login page. However, after login, the user is not redirected to link that was clicked, instead the user is taken to the systems page (systems page is the default target url).

这是来自spring配置文件的片段 -

Here is snippet from spring config file -

<logout logout-url="/logout"
    logout-success-url="/login"
    invalidate-session="true" />

<form-login login-page="/login"
    login-processing-url="/j_security_check"

    always-use-default-target="false"
    authentication-failure-url="/login?failure=true"
    username-parameter="username"
    password-parameter="password"/>

我尝试使用 authentication-success-handler-ref 属性引用 SavedRequestAwareAuthenticationSuccessHandler 实例，但是，它也不起作用。

I tried using authentication-success-handler-ref property to refer a SavedRequestAwareAuthenticationSuccessHandler instance, however, that did not work either.

任何输入？

推荐答案

在Spring中，有 requestCache （它将SavedRequest存储在HttpSession）确定用于在身份验证过程中保存请求的策略，以便在用户进行身份验证后可以检索并重复使用该策略。

In the Spring, there is requestCache (which stores the SavedRequest in the HttpSession) which determines the strategy used to save a request during the authentication process in order that it may be retrieved and reused once the user has authenticated.

因此，当用户请求时打开一个页面，但该页面需要用户登录，你必须在 requestCache 中存储该请求，一旦身份验证成功，你必须得到之前的请求已存储在requestCatch中并将用户重定向到该请求下面的信息可帮助您实现此目的。

So when user request to open a page but that page expects the user to be logged in In that you have to store that request in requestCache and once Authentication will be successful then you have to get that previous request which is already stored in the requestCatch and redirect user to that request Below information help you to achieve this.

请参阅此示例，其中说明了您要查找的相同概念

好文章也用一点点不同的方式详细解释了相同的概念

SavedRequestAwareAuthenticationSuccessHandler ：

在您的情况下，您必须使用身份验证成功策略，该策略可以使用 DefaultSavedRequest ，可能已由 ExceptionTranslationFilter 。当拦截这样的请求并且需要认证时，存储请求数据以在认证过程开始之前记录原始目的地，并且当重定向到相同URL时允许重建请求。如果合适，此类负责执行重定向到原始URL。

In your case you have to use authentication success strategy which can make use of the DefaultSavedRequest which may have been stored in the session by the ExceptionTranslationFilter. When such a request is intercepted and requires authentication, the request data is stored to record the original destination before the authentication process commenced, and to allow the request to be reconstructed when a redirect to the same URL occurs. This class is responsible for performing the redirect to the original URL if appropriate.

• 如果 alwaysUseDefaultTargetUrl property设置为 true ， defaultTargetUrl 将用于目标。将删除存储在会话中的任何 DefaultSavedRequest 。

• If the alwaysUseDefaultTargetUrl property is set to true, the defaultTargetUrl will be used for the destination. Any DefaultSavedRequest stored in the session will be removed.

如果 targetUrlParameter 已在请求中设置，该值将用作目标。任何DefaultSavedRequest都将被删除。

If the targetUrlParameter has been set on the request, the value will be used as the destination. Any DefaultSavedRequest will again be removed.

如果在RequestCache中找到 DefaultSavedRequest （由在验证过程开始之前记录原始目的地的 ExceptionTranslationFilter ，将对该原始目的地的Url执行重定向。 DefaultSavedRequest 对象将保持缓存状态，并在收到重定向请求时被选中（参见 SavedRequestAwareWrapper ）。

If a DefaultSavedRequest is found in the RequestCache (as set by the ExceptionTranslationFilter to record the original destination before the authentication process commenced), a redirect will be performed to the Url of that original destination. The DefaultSavedRequest object will remain cached and be picked up when the redirected request is received (See SavedRequestAwareWrapper).

如果找不到 DefaultSavedRequest ，它将委托给基类。

If no DefaultSavedRequest is found, it will delegate to the base class.

这篇关于Spring 3.1：登录后重定向不起作用的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！