gpt4 book ai didi

java - 如何使用 Spring Security 允许转发到外部 URL

转载 作者:行者123 更新时间:2023-11-30 08:01:52 25 4
gpt4 key购买 nike

我想知道如何使我的“重定向:”与 Spring Security 一起工作。所有/auth* 路径都正常工作。但当到达 [1] 时,它就不会重定向。 Spring Security 4.0.2.RELEASE、Spring MVC 4.0.8.RELEASE

@Controller
@RequestMapping(value = "/auth")
public class SomeAuthController {

@RequestMapping(value = "/external")
public String externalAuth(...) {
if(someCondition) return "redirect:" + someExternalUrl; // [1] https://external-service.com
else return "redirect:/"
}

}



@Configuration
@EnableWebSecurity
@EnableGlobalMethodSecurity(securedEnabled = true)
public class SecurityConfig extends WebSecurityConfigurerAdapter {


@Autowired
public void registerGlobalAuthentication(AuthenticationManagerBuilder auth,
ShaPasswordEncoder shaPasswordEncoder,
List<AuthenticationProvider> authProviders)
throws Exception {
for(AuthenticationProvider provider : authProviders) auth.authenticationProvider(provider);
}

@Bean(name="myAuthenticationManager")
@Override
public AuthenticationManager authenticationManagerBean() throws Exception {
return super.authenticationManagerBean();
}

@Override
protected void configure(HttpSecurity http) throws Exception {
http.csrf().disable().authorizeRequests().antMatchers("/resources/**").permitAll();

http.authorizeRequests().antMatchers("/auth/**", "/").permitAll().anyRequest().authenticated();

http.formLogin()
.loginPage("/auth/login")
.loginProcessingUrl("/j_spring_security_check")
.usernameParameter("j_username")
.passwordParameter("j_password")
.failureUrl("/auth/login?error")
.permitAll();

http.logout()
.permitAll()
.logoutUrl("/auth/logout")
.logoutSuccessUrl("/")
.invalidateHttpSession(true);
}


}

最佳答案

好吧,伙计们。这是我的答案。希望它能帮助某人。第一件事是在安全配置 bean 中启用 JSR250。

@EnableGlobalMethodSecurity(securedEnabled = true, jsr250Enabled = true)
public class SecurityConfig extends WebSecurityConfigurerAdapter {

之后我为包含重定向的方法添加了 @PermitAll 注释。

@PermitAll
@RequestMapping(value = "/external")
public String externalAuth(...) {
if(someCondition) return "redirect:" + someExternalUrl; // [1] https://external-service.com
else return "redirect:/"
}

仅此而已。祝调试愉快 J

关于java - 如何使用 Spring Security 允许转发到外部 URL,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/31796370/

25 4 0
Copyright 2021 - 2024 cfsdn All Rights Reserved 蜀ICP备2022000587号
广告合作:1813099741@qq.com 6ren.com