Infinite Loop in spring security login
Question
I have a Spring MVC 3.1.0 web application, and I am implementing Spring Security for the first time.
secure-config.xml:
<http>
<intercept-url pattern="/lhome" access="ROLE_USER" />
<access-denied-handler error-page="/WEB-INF/views/403.jsp"/>
<form-login login-page="/login" default-target-url="/home" authentication-failure-url="/login.jsp" always-use-default-target="true"/>
<anonymous username="guest" granted-authority="ROLE_GUEST" />
<logout logout-success-url="/home"/>
</http>
<authentication-manager alias="authenticationManager" >
<authentication-provider user-service-ref="customMongoSecurityService" />
</authentication-manager>
I am using AJAX based login. When I give correct credentials or hit /lhome it redirects to the /login page instead of the home page.
How can I solve the problem?
1 answers
solution1
1 2014-07-08 17:34:01
Once Spring grants you an access, it will return your request with a session key. You will need to carry the session key for the subsequent requests.
Or you can configure the Spring to use http basic
<http>
...
<http-basic/>
</http>
By this way, you have to send the user name and password over for each request (less secure for public web site).
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.