SpringSecurity successHandler方法使用自定义Handler登录成功,302问题

一开始我自定义了成功和失败两个Handler,在进行调试的时候发现失败的没有问题,但是登录成功的话走的是某人的重定向而不是我自定义的

protected void configure(HttpSecurity http) throws Exception {
    http.csrf().disable()
            .headers().frameOptions().disable()
            .and()
            .formLogin()
            .usernameParameter("userName")
            .passwordParameter("password")
            .loginPage("/index")
            .loginProcessingUrl("/login")
            .successHandler(loginSuccessHandler)
            .failureHandler(loginFailureHandler)
            .and()
            .authorizeRequests()
            .antMatchers("/index","/login","/welcome").permitAll()
            .anyRequest().authenticated();

}
 
package com.std.www.erp_admin.config;

import com.fasterxml.jackson.databind.ObjectMapper;
import com.std.www.erp_admin.model.RespBean;
import org.springframework.security.core.Authentication;
import org.springframework.security.web.authentication.AuthenticationSuccessHandler;
import org.springframework.security.web.authentication.SavedRequestAwareAuthenticationSuccessHandler;
import org.springframework.security.web.authentication.SimpleUrlAuthenticationSuccessHandler;
import org.springframework.stereotype.Component;

import javax.servlet.FilterChain;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;

@Component
public class LoginSuccessHandler extends SavedRequestAwareAuthenticationSuccessHandler {
    private static ObjectMapper objectMapper=new ObjectMapper();

    @Override
    public void onAuthenticationSuccess(HttpServletRequest request, HttpServletResponse response, Authentication authentication) throws IOException, ServletException {
        System.out.println("=====================成功=====================");
        response.setContentType("application/json;charset=UTF-8");
        response.getWriter().write(objectMapper.writeValueAsString(RespBean.success("登录成功")));
    }
}

我很是奇怪,为什么成功的就不行呢,通过后台输出发现,根本没有走我自定义的handler,于是我走进源码一探究竟

这是源码里调用的方法


public final T successHandler(AuthenticationSuccessHandler successHandler) {
    this.successHandler = successHandler;
    return this.getSelf();
}

然后我发现问题所在了,我这里继承的类型为SavedRequestAwareAuthenticationSuccessHandler,这是从网上借鉴的,于是我把类型替换了一下

package com.std.www.erp_admin.config;

import com.fasterxml.jackson.databind.ObjectMapper;
import com.std.www.erp_admin.model.RespBean;
import org.springframework.security.core.Authentication;
import org.springframework.security.web.authentication.AuthenticationSuccessHandler;
import org.springframework.security.web.authentication.SavedRequestAwareAuthenticationSuccessHandler;
import org.springframework.security.web.authentication.SimpleUrlAuthenticationSuccessHandler;
import org.springframework.stereotype.Component;

import javax.servlet.FilterChain;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;

@Component
public class LoginSuccessHandler implements AuthenticationSuccessHandler {
    private static ObjectMapper objectMapper=new ObjectMapper();
    
    @Override
    public void onAuthenticationSuccess(HttpServletRequest request, HttpServletResponse response, Authentication authentication) throws IOException, ServletException {
        System.out.println("=====================成功=====================");
        response.setContentType("application/json;charset=UTF-8");
        response.getWriter().write(objectMapper.writeValueAsString(RespBean.success("登录成功")));
    }
}

发现成功跳转,因此顺利解决

posted @ 2023-11-11 19:38  突破铁皮  阅读(228)  评论(0编辑  收藏  举报