Spring Security登录页面URL参数
[英]Spring Security login page url parameters
问题描述
I am trying to localize my application which is fairly easy to implement through Spring localization and url params which works fine on every page except for the login page where Spring Security strips the mandatory "lang" parameter and the page defaults to English. 
我正在尝试对我的应用程序进行本地化,该应用程序很容易通过Spring本地化和url参数实现,除了登录页面(登录页面中Spring Security剥离了必填的“ lang”参数,并且该页面默认为英语)之外,该应用程序在每个页面上都可以正常运行。 I have tried implementing a custom login filter through LoginUrlAuthenticationEntryPoint, overriding determineUrlToUseForThisRequest like so: 我尝试通过LoginUrlAuthenticationEntryPoint实现自定义登录过滤器,像这样覆盖了defineUrlToUseForThisRequest:
@Override
protected String determineUrlToUseForThisRequest(HttpServletRequest request, HttpServletResponse response,
AuthenticationException exception) {
String url = super.determineUrlToUseForThisRequest(request, response, exception);
return url + "?" + request.getQueryString();
}
However this ends in a permanent redirect loop. 但是,这以永久重定向循环结束。 Note my spring security config class does in theory allow request params on login page: 请注意,我的spring security config类在理论上确实允许登录页面上的请求参数:
http
.and().formLogin().loginPage("/user").permitAll()
but I want to achieve "/user?lang=en" which in current state redirects to "/user" thus "lang" param is ignored. 但是我想实现“ / user?lang = en”,它在当前状态下会重定向到“ / user”,因此“ lang”参数将被忽略。
Thanks in advance for any tips. 在此先感谢您提供任何提示。
1 个解决方案
解决方案1
0 2018-07-31 09:14:41
I have managed to find a solution by simply removing all restrictions on the login page like so: 我设法通过简单地删除登录页面上的所有限制来找到解决方案,如下所示:
.authorizeRequests().antMatchers("/user").permitAll()
This way no custom LoginUrlAuthenticationEntryPoint is required and the url params are all retained! 这样就不需要自定义LoginUrlAuthenticationEntryPoint,并且保留所有url参数!
Thanks for all the input. 感谢所有的投入。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.