如何在Spring Security中將未找到標頭重定向到登錄頁面

Question

我正在使用Spring Security Siteminder實施解決方案。 我可以檢查標頭中的SM_USER，如果在請求中找不到標頭，我想將請求重定向到登錄頁面。我該怎么做？

配置為：

    <security:intercept-url pattern="/Login" access="permitAll"/>
    <security:intercept-url pattern="/**" />
    <security:custom-filter position="PRE_AUTH_FILTER" ref="siteminderFilter" />
</security:http>

<bean id="siteminderFilter" class="arunkumar.sso.preauth.RequestHeaderFilterAuth">
    <property name="principalRequestHeader" value="SM_USER"/>
    <property name="authenticationManager" ref="authenticationManager" />
</bean>

<bean id="preauthAuthProvider" class="arunkumar.sso.preauth.PreAuthenticatedProvider">
    <property name="preAuthenticatedUserDetailsService">
        <bean id="userDetailsServiceWrapper"  class="org.springframework.security.core.userdetails.UserDetailsByNameServiceWrapper">
            <property name="userDetailsService" ref="customUserDetailsService"/>
        </bean>
    </property>
</bean>

<security:authentication-manager alias="authenticationManager">
    <security:authentication-provider ref="preauthAuthProvider" />
</security:authentication-manager>  

<bean id="customUserDetailsService" class="arunkumar.sso.preauth.CustomUserDetailsService"></bean>
<bean id="http403EntryPoint" class="org.springframework.security.web.authentication.Http403ForbiddenEntryPoint"></bean>

Answer 1

在RequestHeaderFilterAuth嘗試以下操作：

public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain)
            throws IOException, ServletException {

       String header = ((HttpServletRequest)request).getHeader(headerName);
       if(header == null){
           ((HttpServletResponse) response).sendRedirect(loginUrl);
       }  
}