spring security 认证通过后跳转原始路径
默认情况下,通过认证后会自动跳转到原始访问路径,也可通过设置跳转到原始访问路径
***********************
相关类及接口
RequestCache
public interface RequestCache {
void saveRequest(HttpServletRequest var1, HttpServletResponse var2);
SavedRequest getRequest(HttpServletRequest var1, HttpServletResponse var2);
HttpServletRequest getMatchingRequest(HttpServletRequest var1, HttpServletResponse var2);
void removeRequest(HttpServletRequest var1, HttpServletResponse var2);
}
HttpSessionRquestCache
public class HttpSessionRequestCache implements RequestCache {
static final String SAVED_REQUEST = "SPRING_SECURITY_SAVED_REQUEST";
protected final Log logger = LogFactory.getLog(this.getClass());
private PortResolver portResolver = new PortResolverImpl();
private boolean createSessionAllowed = true;
private RequestMatcher requestMatcher;
private String sessionAttrName;
public HttpSessionRequestCache() {
this.requestMatcher = AnyRequestMatcher.INSTANCE;
this.sessionAttrName = "SPRING_SECURITY_SAVED_REQUEST";
}
public void saveRequest(HttpServletRequest request, HttpServletResponse response) {
if (this.requestMatcher.matches(request)) {
DefaultSavedRequest savedRequest = new DefaultSavedRequest(request, this.portResolver);
if (this.createSessionAllowed || request.getSession(false) != null) {
request.getSession().setAttribute(this.sessionAttrName, savedRequest);
this.logger.debug("DefaultSavedRequest added to Session: " + savedRequest);
}
} else {
this.logger.debug("Request not saved as configured RequestMatcher did not match");
}
}
public SavedRequest getRequest(HttpServletRequest currentRequest, HttpServletResponse response) {
HttpSession session = currentRequest.getSession(false);
return session != null ? (SavedRequest)session.getAttribute(this.sessionAttrName) : null;
}
public void removeRequest(HttpServletRequest currentRequest, HttpServletResponse response) {
HttpSession session = currentRequest.getSession(false);
if (session != null) {
this.logger.debug("Removing DefaultSavedRequest from session if present");
session.removeAttribute(this.sessionAttrName);
}
}
public HttpServletRequest getMatchingRequest(HttpServletRequest request, HttpServletResponse response) {
SavedRequest saved = this.getRequest(request, response);
if (!this.matchesSavedRequest(request, saved)) {
this.logger.debug("saved request doesn't match");
return null;
} else {
this.removeRequest(request, response);
return new SavedRequestAwareWrapper(saved, request);
}
}
private boolean matchesSavedRequest(HttpServletRequest request, SavedRequest savedRequest) {
if (savedRequest == null) {
return false;
} else if (savedRequest instanceof DefaultSavedRequest) {
DefaultSavedRequest defaultSavedRequest = (DefaultSavedRequest)savedRequest;
return defaultSavedRequest.doesRequestMatch(request, this.portResolver);
} else {
String currentUrl = UrlUtils.buildFullRequestUrl(request);
return savedRequest.getRedirectUrl().equals(currentUrl);
}
}
public void setRequestMatcher(RequestMatcher requestMatcher) {
public void setCreateSessionAllowed(boolean createSessionAllowed) {
public void setPortResolver(PortResolver portResolver) {
public void setSessionAttrName(String sessionAttrName) {
SavedRequest
public interface SavedRequest extends Serializable {
String getRedirectUrl();
List<Cookie> getCookies();
String getMethod();
List<String> getHeaderValues(String var1);
Collection<String> getHeaderNames();
List<Locale> getLocales();
String[] getParameterValues(String var1);
Map<String, String[]> getParameterMap();
}
***********************
示例
*****************
service 层
CustomUserDetailsService
@Service
public class CustomUserDetailsService implements UserDetailsService {
@Resource
private PasswordEncoder passwordEncoder;
@Override
public UserDetails loadUserByUsername(String s) throws UsernameNotFoundException {
String username="gtlx";
String password=passwordEncoder.encode("123456");
List<GrantedAuthority> authorities=new ArrayList<>();
authorities.add(new SimpleGrantedAuthority("ROLE_USER"));
return new User(username,password,authorities);
}
}
*****************
config 层
WebConfig
@Configuration
public class WebConfig implements WebMvcConfigurer {
@Override
public void addViewControllers(ViewControllerRegistry registry) {
registry.addViewController("/login/form").setViewName("login");
}
}
WebSecurityConfig
@Configuration
public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
@Resource
private UserDetailsService userDetailsService;
@Override
protected void configure(HttpSecurity http) throws Exception {
http.formLogin().loginPage("/login/form").loginProcessingUrl("/login")
.successHandler((httpServletRequest, httpServletResponse, authentication) -> {
httpServletResponse.setContentType("application/json;charset=utf=8");
RequestCache requestCache=new HttpSessionRequestCache();
SavedRequest savedRequest=requestCache.getRequest(httpServletRequest,httpServletResponse);
String redirectUrl=savedRequest.getRedirectUrl();
System.out.println("初始访问路径:"+redirectUrl);
httpServletResponse.sendRedirect(redirectUrl);
});
http.authorizeRequests()
.antMatchers("/hello").hasAuthority("ROLE_USER")
.antMatchers("/**").permitAll();
}
@Override
protected void configure(AuthenticationManagerBuilder auth) throws Exception {
auth.userDetailsService(userDetailsService)
.passwordEncoder(initPasswordEncoder());
}
@Bean
public PasswordEncoder initPasswordEncoder(){
return new BCryptPasswordEncoder();
}
}
*****************
controller 层
HelloController
@RestController
public class HelloController {
@RequestMapping("/hello")
public String hello(Principal principal){
return "hello "+principal.getName();
}
}
*****************
前端页面
login.html
<!DOCTYPE html>
<html lang="en" xmlns="http://www.w3.org/1999/xhtml"
xmlns:th="http://www.thymeleaf.org" xmlns:sec="https://www.thymeleaf.org/thymeleaf-extras-springsecurity4">
<head>
<meta charset="UTF-8">
<title>Title</title>
</head>
<body>
<form th:action="@{/login}" method="post" th:align="center">
用户名:<input type="text" name="username"><br>
密码 :<input type="text" name="password"><br>
<button>提交</button>
</form>
</body>
</html>
***********************
使用测试
localhost:8080/hello,认证通过后,控制台输出
2020-06-03 18:53:43.364 INFO 5424 --- [nio-8080-exec-1] o.a.c.c.C.[Tomcat].[localhost].[/] : Initializing Spring DispatcherServlet 'dispatcherServlet'
2020-06-03 18:53:43.364 INFO 5424 --- [nio-8080-exec-1] o.s.web.servlet.DispatcherServlet : Initializing Servlet 'dispatcherServlet'
2020-06-03 18:53:43.368 INFO 5424 --- [nio-8080-exec-1] o.s.web.servlet.DispatcherServlet : Completed initialization in 4 ms
初始访问路径:http://localhost:8080/hello