1. 首页
  2. 问答
  3. 两个登录页面,但错误的重定向在春季应用程序

两个登录页面,但错误的重定向在春季应用程序

2016-02-29 73 views
0

我试图在我的应用程序上创建其他登录页面。 第二个工作正常,但我刚刚添加的第一个没有正确捕捉URL,也没有重定向到好页面。
第二个HTTP配置总是使用。两个登录页面,但错误的重定向在春季应用程序

<security:http pattern="/vcrequest/**" use-expressions="true" realm="NETMG Spring Security" authentication-manager-ref="authenticationManager"> 
    <security:logout logout-url="/resources/j_spring_security_logout" /> 

    <security:form-login 
     login-processing-url="/resources/j_spring_security_check" 
     login-page="/vcrequest/view/loginVCR" 
     default-target-url="/vcrequest/controller/vcrequest/my-request" 
     authentication-failure-url="/vcrequest/view/loginVCR?login_error=t" /> 

    <security:intercept-url pattern="/vcrequest/view/loginVCR" access="permitAll" /> 
    <security:intercept-url pattern="/vcrequest/**" access="isAuthenticated()" /> 
    <security:http-basic/> 
</security:http> 

<security:http use-expressions="true" realm="NETMG Spring Security" authentication-manager-ref="authenticationManager"> 
    <security:session-management session-fixation-protection="newSession"/> 
    <security:logout logout-url="/resources/j_spring_security_logout" /> 

    <security:form-login 
     login-processing-url="/resources/j_spring_security_check" 
     login-page="/view/login" 
     default-target-url="/view/home#agregateShowMode=site" 
     authentication-failure-url="/view/login?login_error=t" /> 

    <security:intercept-url pattern="/controller/users/**" access="hasRole('ROLE_ADD_USERS')" /> 
    <security:intercept-url pattern="/controller/export/**" access="hasRole('ROLE_EXPORT')" /> 
    <security:intercept-url pattern="/controller/stocks/**" access="hasRole('ROLE_STOCKS')" /> 
    <security:intercept-url pattern="/controller/home/site/edit/**" access="hasAnyRole('ROLE_EDIT_SITE')" /> 
    <security:intercept-url pattern="/controller/home/site/create*" access="hasRole('ROLE_ADD_SITE')" /> 
    <security:intercept-url pattern="/controller/home/site/save*" access="hasAnyRole('ROLE_EDIT_SITE')" /> 
    <security:intercept-url pattern="/controller/home/site/change*" access="hasRole('ROLE_CLOSE_SITE')" /> 

    <security:intercept-url pattern="/controller/home/service/add/**" access="hasRole('ROLE_ADD_SERVICE')" /> 
    <security:intercept-url pattern="/controller/home/service/add*" access="hasRole('ROLE_ADD_SERVICE')" /> 
    <security:intercept-url pattern="/controller/home/service/link/**" access="hasRole('ROLE_LINK_SERVICE')" /> 
    <security:intercept-url pattern="/controller/home/service/edit/**" access="hasAnyRole('ROLE_EDIT_SERVICE')" /> 
    <security:intercept-url pattern="/controller/home/service/save/**" access="hasAnyRole('ROLE_EDIT_SERVICE')" /> 
    <security:intercept-url pattern="/controller/home/service/close/**" access="hasRole('ROLE_CLOSE_SERVICE')" /> 

    <security:intercept-url pattern="/controller/home/link/add/**" access="hasAnyRole('ROLE_ADD_LINK', 'ROLE_ADD_LINK_FOR_REQUEST')" /> 
    <security:intercept-url pattern="/controller/home/link/link*" access="hasRole('ROLE_ADD_LINK')" /> 
    <security:intercept-url pattern="/controller/home/link/edit/**" access="hasAnyRole('ROLE_EDIT_LINK')" /> 
    <security:intercept-url pattern="/controller/home/link/save/**" access="hasAnyRole('ROLE_EDIT_LINK')" /> 
    <security:intercept-url pattern="/controller/home/link/close/**" access="hasRole('ROLE_CLOSE_LINK')" /> 


    <security:intercept-url pattern="/controller/home/device/add/**" access="hasAnyRole('ROLE_ADD_DEVICE', 'ROLE_ADD_DEVICE_FOR_REQUEST')" /> 
    <security:intercept-url pattern="/controller/home/device/link/**" access="hasRole('ROLE_LINK_DEVICE')" /> 
    <security:intercept-url pattern="/controller/home/device/link*" access="hasRole('ROLE_LINK_DEVICE')" /> 
    <security:intercept-url pattern="/controller/home/device/edit/**" access="hasAnyRole('ROLE_EDIT_DEVICE')" /> 
    <security:intercept-url pattern="/controller/home/device/save/**" access="hasAnyRole('ROLE_EDIT_DEVICE')" /> 
    <security:intercept-url pattern="/controller/home/device/close/**" access="hasRole('ROLE_CLOSE_DEVICE')" /> 

    <security:intercept-url pattern="/pages/private/**" access="isAuthenticated()" /> 

    <!-- URLs not secured --> 
    <security:intercept-url pattern="/resources/**" access="permitAll" /> 
    <security:intercept-url pattern="/css/**" access="permitAll" /> 
    <security:intercept-url pattern="/img/**" access="permitAll" /> 
    <security:intercept-url pattern="/js/**" access="permitAll" /> 
    <security:intercept-url pattern="/view/login" access="permitAll" /> 
    <security:intercept-url pattern="/view/loginVCR" access="permitAll" /> 
    <security:intercept-url pattern="/jamon/**" access="permitAll" /> 
    <security:intercept-url pattern="/view/js-dynamic/**" access="permitAll" /> 

    <!-- All others URLs need at least that the user is authenticated --> 
    <security:intercept-url pattern="/**" access="isAuthenticated()" /> 
</security:http>

我使用下面的文章,但没有成功: Two realms in same application with Spring Security? 有谁知道如何解决这个问题?

来源

2016-02-29 Jerome Campeaux

回答

0

也许在这两个领域拥有相同的登录处理url会带来麻烦。有你试图改变第一领域登录处理-URL到另一个映射,例如:

<security:form-login 
     login-processing-url="/anotherresource/j_spring_security_check"

注意:如果将此参数设置为第一境界匹配图案,如

/vcrequest/j_spring_security_check

请记住在安全领域绕过它

<security:intercept-url pattern="/vcrequest/j_spring_security_check"` access="permitAll" />

来源

2016-02-29 11:22:43 jlumietu

+0

感谢您的回答,我会尝试你的解决方案,似乎是一个很好的 –

相关问题

 相关问题