java - authentication-success-handler-ref 与 login-processing-url 不兼容？

Question

spring-security.xml:

<form-login        
        login-page="/admin/login"
        login-processing-url="/admin/postlogin"
        authentication-failure-url="/admin/login?error=true"
        default-target-url="/admin/dashboard"
        username-parameter="username" 
        password-parameter="password"
        authentication-success-handler-ref="customAuthenticationSuccessHandler"/>

自定义身份验证成功处理程序:

@Override
public void onAuthenticationSuccess(HttpServletRequest httpServletRequest,HttpServletResponse httpServletResponse, Authentication authentication) 
        throws IOException,ServletException {

     HttpSession session = httpServletRequest.getSession(); 

     session.setAttribute("countTodayInterviews", interviewService.countTodayInterviews()); 
     session.setAttribute("countNewCandidates", jobSeekerService.countNewCandidates());

}

如果没有authentication-success-handler-ref，它工作正常，我会被重定向到仪表板，但使用authentication-success-handler-ref，我会到达链接/admin/poSTLogin上的空白页面。我在 session 中需要这些属性，并且像这样它应该只调用一次。有什么想法吗？

Answer 1

您需要从自定义处理程序的 onAuthenticationSuccess() 方法重定向到正确的 URL。

private RedirectStrategy redirectStrategy = new DefaultRedirectStrategy();

@Override
public void onAuthenticationSuccess(HttpServletRequest request, 
  HttpServletResponse response, Authentication authentication) throws IOException {
    //Your custom stuff
    handle(request, response, authentication);
}

protected void handle(HttpServletRequest request, 
    HttpServletResponse response, Authentication authentication) throws IOException {
    String targetUrl = "";//Place your target url detection logic here. 

    redirectStrategy.sendRedirect(request, response, targetUrl);
}