成功注册后自动登录在Spring中不起作用

时间:2018-07-06 10:47:02

标签: spring spring-security registration autologin

我想在Spring Security中成功注册后进行自动登录。 当我尝试以下代码时,Spring Security会将用户转发到登录页面。

@RequestMapping(value = "/registration", method = RequestMethod.POST)
public String registration(@ModelAttribute("user") User user, BindingResult bindingResult, Model model) {
    userValidator.validate(user, bindingResult);

    if (bindingResult.hasErrors()) {
        return "registration";          
    }

    userService.createRegistration(user);

    securityService.autologin(user.getUsername(), user.getPassword());

    return "redirect:/dashboard";        
}


public void autologin(String username, String password) {
    logger.debug("starting autologin process");
    UserDetails userDetails = userDetailsService.loadUserByUsername(username);

    UsernamePasswordAuthenticationToken usernamePasswordAuthenticationToken = new UsernamePasswordAuthenticationToken(userDetails, password, userDetails.getAuthorities());        

    authenticationManager.authenticate(usernamePasswordAuthenticationToken);

    if (usernamePasswordAuthenticationToken.isAuthenticated()) {
        SecurityContextHolder.getContext().setAuthentication(usernamePasswordAuthenticationToken);
        logger.debug(String.format("Auto login %s successfully!", username));
    }
    else {
        logger.debug(String.format("Auto login %s failed!", username));
    }
}

成功注册后,下面的记录器执行良好,但是Spring Security不会将用户重定向到dashborad,而是将用户转发到登录页面。

logger.debug(String.format("Auto login %s successfully!", username));

这是我的spring安全配置:

<security:http auto-config="true" use-expressions="true">

    <security:http-basic/>

    <security:csrf disabled="true" />

    <security:session-management invalid-session-url="/login.htm" />

    <security:intercept-url pattern="/dashboard*" access="hasRole('ROLE_USER')" />
    <security:intercept-url pattern="/**" access="hasAnyRole('ROLE_USER','ROLE_USER')" />       
    <security:intercept-url pattern="/registration*" access="permitAll" />              

    <security:remember-me remember-me-cookie="rvm-track-rm" remember-me-parameter="remember-me" token-repository-ref="tokenRepository"
        token-validity-seconds="864000" key="rvm-track-web-html" user-service-ref="userDetailsServiceImpl"/>

    <security:custom-filter ref="requestContextFilter" before="FORM_LOGIN_FILTER"/>

    <security:form-login login-page="/login.htm" login-processing-url="/j_spring_security_check" authentication-failure-url="/login.htm?error=1" default-target-url="/dashboard" />      

    <security:logout logout-url="/logout.htm" logout-success-url="/login.htm" />
</security:http>

0 个答案:

没有答案
相关问题
最新问题