最近遇到shiro校验框架成功后不进行自动跳转到指定页面;
相关配置如下:
<bean id="shiroFilter" class="org.apache.shiro.spring.web.ShiroFilterFactoryBean"> <property name="securityManager" ref="securityManager" /> <property name="loginUrl" value="/login" /> <property name="successUrl" value="/account/user/current" /> <property name="filterChainDefinitions"> <value> /login = authc /test = authc /logout = logout /static/** = anon /** = authc </value> </property> </bean>
我使用的是验证过滤器是authc;逻辑上只要登录成功即可跳转至“/account/user/current”实际上不行;
主要原因是successUrl配置只是做为一种附加配置,只有session中没有用户请求地址时才会使用successUrl;
系统默认登录成功后首次跳转的地址为,访问系统时初次使用地址,例:如果用户首次访问的是http://****/aa/aa.html;
那么shiro校验成功后跳转的地址即可http://****/aa/aa.html; 否则shiro将跳转到默认虚拟路径:“/”;
对于应用中,如果没有注册/路径,则默认使用web.xml中配置的<welcom-list>配置;
shiro源码逻辑如下:
String successUrl = null;
boolean contextRelative = true;
SavedRequest savedRequest = WebUtils.getAndClearSavedRequest(request);
if (savedRequest != null &&
savedRequest.getMethod().equalsIgnoreCase(AccessControlFilter.GET_METHOD)) {
successUrl = savedRequest.getRequestUrl();
contextRelative = false;
}
if (successUrl == null) {
successUrl = fallbackUrl;
}
if (successUrl == null) {
throw new IllegalStateException("Success URL not available via saved request or via the " +
"successUrlFallback method parameter. One of these must be non-null for " +
"issueSuccessRedirect() to work.");
}
WebUtils.issueRedirect(request, response, successUrl, null, contextRelative);
上述代码红色部分表明,对于成功后地址指向,会依据会话SESSION中保留的请求地址;