stackoom
  简体   繁体   中英

Spring security not hitting default-target-url after successful authtication

 原文  2012-03-12 18:38:23       java/ spring/ spring-security

Question

I have implemented spring-security in my application, my spring-security.xml has following form-login tag. 

<form-login login-page="/login.htm" default-target-url="/dashboard.htm"
            authentication-failure-url="/login.htm?error=true"
            authentication-success-handler-ref="authenticationSuccessHandler" />

I want to login from /login.htm and after successful authetication I want user to hit dashboard.htm. Everythig is working fine except for the fact that after successfull authetication it doesn't hit /dashboard.htm but hits the context..but if I manually type dashboard.htm in url then everything works fine...Yes..I have the implementation of authticationSuccessHandler.

4 answers

solution1
 14 ACCPTED  2012-03-13 14:37:26

Try removing the default-target-url attribute and add the following: 

<b:bean id="authenticationSuccessHandler" class="com.example.CustomSimpleURLAuthenticationSuccessHandler">
    <b:property name="defaultTargetUrl" value="/dashboard.htm"/>
</b:bean>

solution2
 8  2013-05-02 08:07:55

<beans:bean id="loginSuccessHandler" class="com.example.LoginSuccessHandler">
    <beans:property name="defaultTargetUrl" value="/security/success"/>
    <beans:property name="alwaysUseDefaultTargetUrl" value="true"/>
</beans:bean>

public class LoginSuccessHandler extends SavedRequestAwareAuthenticationSuccessHandler {

     @Override
     public void onAuthenticationSuccess(HttpServletRequest request, HttpServletResponse response,
                                    Authentication authentication) throws ServletException, IOException {
         request.getSession().setMaxInactiveInterval(60 * 60); //one hour
         System.out.println("Session set up for 60min");
         super.onAuthenticationSuccess(request, response, authentication);
      }
}

solution3
 6  2013-07-24 07:00:50

I use this suggestion from the question spring is not redirecting to default target url? . I tried this and it is working. 

<form-login login-page="/login.htm" 
default-target-url="/dashboard.htm" 
always-use-default-target="true"/>

solution4
 0  2015-09-10 17:23:27

As you can see in the image, there is some kind of bad design (IMO It always redirect to the default-target-url ). When you go to the login form from a forbidden resource, it will redirect you to that URL and not going thru the default-target-url

http://i.stack.imgur.com/fj9ou.png

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question Spring Security conditional default-target-url https in default-target-url spring security Spring security default-target-url does not work Spring Security - Always Redirect to default-target-url Spring security custom login form action vs default-target-url Hitting login url after logging in, in spring security Why does I always get “GET: 403 Forbidden ” for default-target-url and AJAX call? Appium scripts are getting failed, after hitting url successful Spring security occasionally redirects to default page instead of pre-login page after successful login Spring Security returning anonymous user after successful authenticaiton
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM