原先代码:
@Override
protected void configure(HttpSecurity http) throws Exception {
http.authorizeRequests()
.anyRequest().authenticated()
// 自定义登录页面
.and()
.formLogin()
.loginPage("/login.html")
.successHandler((req, resp, auth) -> {
Object principal = auth.getPrincipal();
resp.setContentType("application/json;charset=utf-8");
PrintWriter out = resp.getWriter();
out.write(new ObjectMapper().writeValueAsString(principal));
out.flush();
out.close();
})
.permitAll()
// 关闭 csrf
.and()
.csrf().disable();
}
以上代码运行之后,无论怎么测试,successHandler
都无效,只会返回原来的登录页面,但是,加入自定义登录接口url
之后,successHandler
又生效:
@Override
protected void configure(HttpSecurity http) throws Exception {
http.authorizeRequests()
.anyRequest().authenticated()
// 自定义登录页面
.and()
.formLogin()
.loginPage("/login.html")
// 自定义登录接口
.loginProcessingUrl("/doLogin")
.successHandler((req, resp, auth) -> {
Object principal = auth.getPrincipal();
resp.setContentType("application/json;charset=utf-8");
PrintWriter out = resp.getWriter();
out.write(new ObjectMapper().writeValueAsString(principal));
out.flush();
out.close();
})
.permitAll()
// 关闭 csrf
.and()
.csrf().disable();
}