25,980
社区成员
发帖
与我相关
我的任务
分享Spring security3.1.0实现登陆后跳转至登录前页面
@Service
public class AuthenticationSuccessHandler extends
SavedRequestAwareAuthenticationSuccessHandler {
该类中的onAuthenticationSuccess方法如下:
每次获取为空:SavedRequest savedRequest = this.requestCache.getRequest(request, response);
saveRequest为Null,求解,大神帮忙呀!
@Override
public void onAuthenticationSuccess(HttpServletRequest request,
HttpServletResponse response, Authentication authentication)
throws ServletException, IOException {
bindUserToSession(request);
User user = (User) request.getSession().getAttribute(
ConstValueUtil.CUR_USER);
SavedRequest savedRequest = this.requestCache.getRequest(request, response);
if (savedRequest == null) {
super.onAuthenticationSuccess(request, response, authentication);
return;
}
if (isAlwaysUseDefaultTargetUrl()
|| StringUtils.hasText(request
.getParameter(getTargetUrlParameter()))) {
this.requestCache.removeRequest(request, response);
super.onAuthenticationSuccess(request, response, authentication);
return;
}
// List<User> onlineLawyers = userService.getOnlineLawyers();
// request.getSession().setAttribute("onlineLawyers", onlineLawyers);
saveLoginHistory(user, request);
clearAuthenticationAttributes(request);
if (user.isClientRole()) {
response.sendRedirect(loginSuccessUrl
.get(ConstValueUtil.CUR_CLIENT));
} else if (user.isLawyerRole()) {
response.sendRedirect(loginSuccessUrl
.get(ConstValueUtil.CUR_LAWYER));
} else if (user.isAgentRole()) {
response.sendRedirect(loginSuccessUrl.get(ConstValueUtil.CUR_AGENT));
} else if (user.isAdminRole()) {
response.sendRedirect(loginSuccessUrl.get(ConstValueUtil.CUR_ADMIN));
} else {
response.sendRedirect("home");
}
}
public class AuthenticationSuccessHandler extends
SavedRequestAwareAuthenticationSuccessHandler {
该类中的onAuthenticationSuccess方法如下:
每次获取为空:SavedRequest savedRequest = this.requestCache.getRequest(request, response);
saveRequest为Null,求解,大神帮忙呀!
@Override
public void onAuthenticationSuccess(HttpServletRequest request,
HttpServletResponse response, Authentication authentication)
throws ServletException, IOException {
bindUserToSession(request);
User user = (User) request.getSession().getAttribute(
ConstValueUtil.CUR_USER);
SavedRequest savedRequest = this.requestCache.getRequest(request, response);
if (savedRequest == null) {
super.onAuthenticationSuccess(request, response, authentication);
return;
}
if (isAlwaysUseDefaultTargetUrl()
|| StringUtils.hasText(request
.getParameter(getTargetUrlParameter()))) {
this.requestCache.removeRequest(request, response);
super.onAuthenticationSuccess(request, response, authentication);
return;
}
// List<User> onlineLawyers = userService.getOnlineLawyers();
// request.getSession().setAttribute("onlineLawyers", onlineLawyers);
saveLoginHistory(user, request);
clearAuthenticationAttributes(request);
if (user.isClientRole()) {
response.sendRedirect(loginSuccessUrl
.get(ConstValueUtil.CUR_CLIENT));
} else if (user.isLawyerRole()) {
response.sendRedirect(loginSuccessUrl
.get(ConstValueUtil.CUR_LAWYER));
} else if (user.isAgentRole()) {
response.sendRedirect(loginSuccessUrl.get(ConstValueUtil.CUR_AGENT));
} else if (user.isAdminRole()) {
response.sendRedirect(loginSuccessUrl.get(ConstValueUtil.CUR_ADMIN));
} else {
response.sendRedirect("home");
}
}
...全文
请发表友善的回复…
发表回复
bobo20143 2012-05-08
- 打赏
- 举报
SavedRequestAwareAuthenticationSuccessHandler 有個property "defaultTargetUrl"
請再spring security.xml 設定 加
<property name="defaultTargetUrl" value="/xxxxx.htm" />
請再spring security.xml 設定 加
<property name="defaultTargetUrl" value="/xxxxx.htm" />
returnnnulll 2012-02-19
- 打赏
- 举报
package cc.fadu.enterprise.util;
import java.io.IOException;
import java.util.Date;
import java.util.Map;
import javax.inject.Inject;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.context.SecurityContext;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.security.web.authentication.SavedRequestAwareAuthenticationSuccessHandler;
import org.springframework.security.web.savedrequest.HttpSessionRequestCache;
import org.springframework.security.web.savedrequest.RequestCache;
import org.springframework.security.web.savedrequest.SavedRequest;
import org.springframework.stereotype.Service;
import org.springframework.util.StringUtils;
import cc.fadu.enterprise.domain.Lawyer.LawyerStatus;
import cc.fadu.enterprise.domain.Login;
import cc.fadu.enterprise.domain.User;
import cc.fadu.enterprise.service.LawyerService;
import cc.fadu.enterprise.service.UserService;
@Service
public class AuthenticationSuccessHandler extends
SavedRequestAwareAuthenticationSuccessHandler {
private static final Logger logger = LoggerFactory
.getLogger(AuthenticationSuccessHandler.class);
public AuthenticationSuccessHandler(){
this.requestCache = new HttpSessionRequestCache();
}
@Inject
private UserService userService;
@Inject
private LawyerService lawyerService;
private Map<String, String> loginSuccessUrl;
private RequestCache requestCache;
private void bindUserToSession(HttpServletRequest request) {
SecurityContext sc = SecurityContextHolder.getContext();
String userName = sc.getAuthentication().getName();
User user = userService.getUserByUserName(userName);
if (user != null) {
request.getSession().invalidate();
HttpSession session = request.getSession();
AuthenticationSuccessHandler.logger.debug("Bind curCur: " + user);
session.setAttribute(ConstValueUtil.CUR_USER, user);
if (user.isAdminRole()) {
session.setAttribute(ConstValueUtil.CUR_ADMIN, user.getAgent());
} else if (user.isClientRole()) {
session.setAttribute(ConstValueUtil.CUR_CLIENT,
user.getClient());
} else if (user.isLawyerRole()) {
session.setAttribute(ConstValueUtil.CUR_LAWYER,
user.getLawyer());
} else if (user.isAgentRole()) {
session.setAttribute(ConstValueUtil.CUR_AGENT, user.getAgent());
}
}
}
@Override
public void onAuthenticationSuccess(HttpServletRequest request,
HttpServletResponse response, Authentication authentication)
throws ServletException, IOException {
bindUserToSession(request);
User user = (User) request.getSession().getAttribute(
ConstValueUtil.CUR_USER);
setLawyerOnline(user);
SavedRequest savedRequest = this.requestCache.getRequest(request, response);
if (savedRequest == null) {
super.onAuthenticationSuccess(request, response, authentication);
return;
}
if (isAlwaysUseDefaultTargetUrl()
|| StringUtils.hasText(request
.getParameter(getTargetUrlParameter()))) {
this.requestCache.removeRequest(request, response);
super.onAuthenticationSuccess(request, response, authentication);
return;
}
// List<User> onlineLawyers = userService.getOnlineLawyers();
// request.getSession().setAttribute("onlineLawyers", onlineLawyers);
saveLoginHistory(user, request);
clearAuthenticationAttributes(request);
if (user.isClientRole()) {
response.sendRedirect(loginSuccessUrl
.get(ConstValueUtil.CUR_CLIENT));
} else if (user.isLawyerRole()) {
response.sendRedirect(loginSuccessUrl
.get(ConstValueUtil.CUR_LAWYER));
} else if (user.isAgentRole()) {
response.sendRedirect(loginSuccessUrl.get(ConstValueUtil.CUR_AGENT));
} else if (user.isAdminRole()) {
response.sendRedirect(loginSuccessUrl.get(ConstValueUtil.CUR_ADMIN));
} else {
response.sendRedirect("home");
}
}
private void saveLoginHistory(User user, HttpServletRequest request) {
if (user != null) {
Login login = new Login();
login.setIp(HttpUtil.getIpAddr(request));
login.setLoginTime(new Date());
login.setUser(user);
userService.login(login);
}
}
private void setLawyerOnline(User user) {
if (!user.isLawyerRole()) {
return;
}
user.getLawyer().setStatus(LawyerStatus.ONLINE);
lawyerService.saveLawyer(user.getLawyer());
}
public void setLoginSuccessUrl(Map<String, String> loginSuccessUrl) {
this.loginSuccessUrl = loginSuccessUrl;
}
}
zuxianghuang 2012-02-19
- 打赏
- 举报
我配置的,没你怎么复杂,也没继承SavedRequestAwareAuthenticationSuccessHandler 类。
你这个
<beans:entry key="CUR_LAWYER" value="lawyer/index" />
<beans:entry key="CUR_AGENT" value="agent/index" />
<beans:entry key="CUR_CLIENT" value="client/index" />
<beans:entry key="CUR_ADMIN" value="admin/index" />
是CUR_ADMIN权限跳到admin/index,CUR_CLIENT跳到client/index,这样吗?
我做了个简单例子
SavedRequest savedRequest = this.requestCache.getRequest(request, response);
savedRequest 不会为null呀。
你继承这个SavedRequestAwareAuthenticationSuccessHandler 的目的是什么?
说详细一点你想要实现的东西
你这个
<beans:entry key="CUR_LAWYER" value="lawyer/index" />
<beans:entry key="CUR_AGENT" value="agent/index" />
<beans:entry key="CUR_CLIENT" value="client/index" />
<beans:entry key="CUR_ADMIN" value="admin/index" />
是CUR_ADMIN权限跳到admin/index,CUR_CLIENT跳到client/index,这样吗?
我做了个简单例子
SavedRequest savedRequest = this.requestCache.getRequest(request, response);
savedRequest 不会为null呀。
你继承这个SavedRequestAwareAuthenticationSuccessHandler 的目的是什么?
说详细一点你想要实现的东西
returnnnulll 2012-02-19
- 打赏
- 举报
<?xml version="1.0" encoding="UTF-8"?>
<beans:beans xmlns="http://www.springframework.org/schema/security"
xmlns:beans="http://www.springframework.org/schema/beans" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://www.springframework.org/schema/beans
http://www.springframework.org/schema/beans/spring-beans-3.1.xsd
http://www.springframework.org/schema/security
http://www.springframework.org/schema/security/spring-security-3.1.xsd"
default-autowire="byName" default-lazy-init="true">
<global-method-security pre-post-annotations="enabled">
</global-method-security>
<http pattern="/index" security="none" />
<http auto-config="true" use-expressions="true">
<intercept-url pattern="/home" access="isAuthenticated()" />
<intercept-url pattern="/**/*" access="denyAll" />
<form-login login-page="/user/login"
authentication-success-handler-ref="authenticationDispatcher"
default-target-url="/home" authentication-failure-url="/user/login?error=true" />
<anonymous />
<access-denied-handler error-page="/error/accessdeny" />
<remember-me key="efaduremembermekey" />
<logout invalidate-session="true" logout-success-url="/index" />
<http-basic />
<session-management session-fixation-protection="none"
invalid-session-url="/error/invalidsession">
<concurrency-control max-sessions="2" />
</session-management>
</http>
<beans:bean id="authenticationDispatcher"
class="cc.fadu.enterprise.util.AuthenticationSuccessHandler">
<beans:property name="loginSuccessUrl">
<beans:map>
<beans:entry key="CUR_LAWYER" value="lawyer/index" />
<beans:entry key="CUR_AGENT" value="agent/index" />
<beans:entry key="CUR_CLIENT" value="client/index" />
<beans:entry key="CUR_ADMIN" value="admin/index" />
</beans:map>
</beans:property>
</beans:bean>
<authentication-manager alias="authenticationManager">
<authentication-provider>
<password-encoder hash="md5" />
<jdbc-user-service data-source-ref="dataSource"
users-by-username-query="SELECT username AS username, password AS password, enabled AS enabled FROM user WHERE username = ?"
authorities-by-username-query="SELECT u.username AS username,r.name AS authority
FROM user u
JOIN role r
ON r.id=u.roleid
WHERE u.username=?" />
</authentication-provider>
</authentication-manager>
</beans:beans>
returnnnulll 2012-02-19
- 打赏
- 举报
如何配置呀,我不知道那个配置是管这个的!我看了那个文档上说配置,不知道这个跳转是要配置那个,可以给我明确指导吗?
[Quote=引用 3 楼 zuxianghuang 的回复:]
你怎么搞了这么多代码,
spring-securty不是配置一下就好了吗?
Spring security3.1.0实现登陆后跳转至登录前页面 、
这个功能不用自己搞呀,spring-securty只要通过认证了就会跳到前一个页面呀。
我也是用spring-securty的
[/Quote]
[Quote=引用 3 楼 zuxianghuang 的回复:]
你怎么搞了这么多代码,
spring-securty不是配置一下就好了吗?
Spring security3.1.0实现登陆后跳转至登录前页面 、
这个功能不用自己搞呀,spring-securty只要通过认证了就会跳到前一个页面呀。
我也是用spring-securty的
[/Quote]
zuxianghuang 2012-02-19
- 打赏
- 举报
你怎么搞了这么多代码,
spring-securty不是配置一下就好了吗?
Spring security3.1.0实现登陆后跳转至登录前页面 、
这个功能不用自己搞呀,spring-securty只要通过认证了就会跳到前一个页面呀。
我也是用spring-securty的
spring-securty不是配置一下就好了吗?
Spring security3.1.0实现登陆后跳转至登录前页面 、
这个功能不用自己搞呀,spring-securty只要通过认证了就会跳到前一个页面呀。
我也是用spring-securty的
returnnnulll 2012-02-19
- 打赏
- 举报
求解,自己顶
