我在JBoss上有一个java Web应用程序。 问题是在会话超时后重新登录后,您不会被重定向到请求的页面。 示例:
注意:
我的 web.xml :
<web-app xmlns="http://java.sun.com/xml/ns/j2ee"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://java.sun.com/xml/ns/j2ee http://java.sun.com/xml/ns/j2ee/web-app_2_4.xsd"
version="2.4">
<display-name>My Application</display-name>
<security-constraint>
<web-resource-collection>
<web-resource-name>CSS</web-resource-name>
<url-pattern>/styles/*</url-pattern>
<url-pattern>/fonts/*</url-pattern>
<url-pattern>/assets/images/*</url-pattern>
</web-resource-collection>
</security-constraint>
<security-constraint>
<web-resource-collection>
<web-resource-name>Protected Area</web-resource-name>
<description>These pages are only accessible by authorized administrators.</description>
<url-pattern>/*</url-pattern>
</web-resource-collection>
<auth-constraint>
<description>These are the roles who have access</description>
<role-name>*</role-name>
</auth-constraint>
</security-constraint>
<login-config>
<auth-method>FORM</auth-method>
<form-login-config>
<form-login-page>/login.jsp</form-login-page>
<form-error-page>/login.jsp?error=error</form-error-page>
</form-login-config>
</login-config>
<error-page>
<error-code>403</error-code>
<location>/login.jsp?unauthorized=unauthorized</location>
</error-page>
<welcome-file-list>
<welcome-file>index.html</welcome-file>
</welcome-file-list>
</web-app>
我的 login.jsp 有一个简单的表单,其中包含j_security_check操作:
<form id="loginForm" name="loginForm" method="post" action="/j_security_check">
<fieldset>
<!-- Username input-->
<div class="form-group">
<input id="usernameInput" name="j_username" type="text" placeholder="Username" class="form-control" required="">
</div>
<!-- Password input-->
<div class="form-group">
<input id="password" name="j_password" type="password" placeholder="Password" class="form-control" required="">
</div>
<button class="btn btn-primary sign-in-btn" type="submit">
Sign in
</button>
</fieldset>
</form>
我认为这是一个服务器问题:应该有一种方法来指示应用程序返回上一页,而不是index.html。正确?
答案 0 :(得分:0)
首先,您应该创建一个扩展WebSecurityConfigurerAdapter类的类 这是一个例子
@Configuration
@EnableWebSecurity
public class SecurityConfig extends WebSecurityConfigurerAdapter {
@Override
protected void configure(HttpSecurity http) throws Exception {
http.authorizeRequests().antMatchers("/", "/home").permitAll()
.and()
.addFilterAfter(new CsrfHeaderFilter(), CsrfFilter.class).formLogin().loginPage("/login")
.successHandler(new AuthenticationSuccessHandler() {
@Override
public void onAuthenticationSuccess(HttpServletRequest request, HttpServletResponse response, Authentication authentication) throws IOException, ServletException {
//In this you can Redirect your desired view
}
}).failureUrl("/loginError");
}
}
答案 1 :(得分:0)
j_security_check工作正常。问题是服务器没有在hashbang(#)之后保存部件以进行重定向(#在Angularjs中用于路由)。 当会话超时时,服务器将我发送到登录页面,但地址栏中的URL仍然指向所请求的页面。所以我在localStorage中保存了url,在成功登录时调用的主控制器中,我检查了该变量:
login.jsp :中的
if(window.localStorage) {
localStorage.setItem("redirectToUrl", window.location.hash);
}
在Angular main.controller.js :
中angular.module('myappp')
.controller('MainViewCtrl', ['$scope', '$state', function($scope, $state) {
if (window.localStorage && localStorage.redirectToUrl) {
window.location = window.location.pathname + localStorage.redirectToUrl;
localStorage.removeItem("redirectToUrl");
} else {
$state.go('app.instances.list');
}
}]);