个人中心
文章发布
退出
作者热门文章
- html - 出于某种原因,IE8 对我的 Sass 文件中继承的 html5 CSS 不友好?
- JMeter 在响应断言中使用 span 标签的问题
- html - 在 :hover and :active? 上具有不同效果的 CSS 动画
- html - 相对于居中的 html 内容固定的 CSS 重复背景?
26
4
这是我的 AuthSuccessHandlerClass
public class AuthSuccessHandler implements AuthenticationSuccessHandler {
public void onAuthenticationSuccess(HttpServletRequest request,
HttpServletResponse response, Authentication auth) throws IOException, ServletException {
response.sendRedirect("http://google.com");
}}
这是...-security.xml
<security:http use-expressions="true" auto-config="true" create-session="always" access-decision-manager-ref="accessDecisionManager">
<security:intercept-url pattern="/app/Censor.html" access="hasRole('ROLE_CENSOR')"/>
<security:intercept-url pattern="/**" filters="none"/>
<security:form-login login-page="/auth/Login.html"
authentication-success-handler-ref="authenticationSuccessHandler"/>
<security:custom-filter position="FIRST" ref="customX509Filter" />
</security:http>
<beans:bean id="authenticationSuccessHandler" class="com.test.services.security.handlers.AuthSuccessHandler"/>
<authentication-manager alias="authenticationManager">
<security:authentication-provider ref="authenticationProvider">
</security:authentication-provider>
</authentication-manager>
对于某些对我来说不可见的原因,登录操作浏览器不会在 google.com 上重定向我,并且在 Debug模式下它会跳过此 hadler。为什么?我的错误在哪里?
谢谢!
UPD第二次登录后登录spring security(自动授权)
19:48:18,690 DEBUG [http-8000-3] [security.web.FilterChainProxy]: Converted URL to lowercase, from: '/service/censorservice'; to: '/service/censorservice'
19:48:18,690 DEBUG [http-8000-2] [security.web.FilterChainProxy]: Converted URL to lowercase, from: '/service/messageservice'; to: '/service/messageservice'
19:48:18,690 DEBUG [http-8000-3] [security.web.FilterChainProxy]: Candidate is: '/service/censorservice'; pattern is /**; matched=true
19:48:18,690 DEBUG [http-8000-3] [security.web.FilterChainProxy]: /service/censorservice at position 1 of 11 in additional filter chain; firing Filter: 'CustomX509Filter'
19:48:18,690 DEBUG [http-8000-2] [security.web.FilterChainProxy]: Candidate is: '/service/messageservice'; pattern is /**; matched=true
19:48:18,692 DEBUG [http-8000-3] [security.web.FilterChainProxy]: /service/censorservice at position 2 of 11 in additional filter chain; firing Filter: 'SecurityContextPersistenceFilter'
19:48:18,692 DEBUG [http-8000-2] [security.web.FilterChainProxy]: /service/messageservice at position 1 of 11 in additional filter chain; firing Filter: 'CustomX509Filter'
19:48:18,692 DEBUG [http-8000-3] [web.context.HttpSessionSecurityContextRepository]: Obtained a valid SecurityContext from SPRING_SECURITY_CONTEXT: 'org.springframework.security.core.context.SecurityContextImpl@a48448b4: Authentication: org.springframework.security.authentication.UsernamePasswordAuthenticationToken@a48448b4: Principal: com.exigenservices.letter.entity.Censor@73a3d5c3; Credentials: [PROTECTED]; Authenticated: true; Details: null; Granted Authorities: ROLE_CENSOR'
19:48:18,692 DEBUG [http-8000-2] [security.web.FilterChainProxy]: /service/messageservice at position 2 of 11 in additional filter chain; firing Filter: 'SecurityContextPersistenceFilter'
19:48:18,693 DEBUG [http-8000-3] [security.web.FilterChainProxy]: /service/censorservice at position 3 of 11 in additional filter chain; firing Filter: 'LogoutFilter'
19:48:18,693 DEBUG [http-8000-3] [security.web.FilterChainProxy]: /service/censorservice at position 4 of 11 in additional filter chain; firing Filter: 'UsernamePasswordAuthenticationFilter'
19:48:18,693 DEBUG [http-8000-2] [web.context.HttpSessionSecurityContextRepository]: Obtained a valid SecurityContext from SPRING_SECURITY_CONTEXT: 'org.springframework.security.core.context.SecurityContextImpl@a48448b4: Authentication: org.springframework.security.authentication.UsernamePasswordAuthenticationToken@a48448b4: Principal: com.exigenservices.letter.entity.Censor@73a3d5c3; Credentials: [PROTECTED]; Authenticated: true; Details: null; Granted Authorities: ROLE_CENSOR'
19:48:18,694 DEBUG [http-8000-3] [security.web.FilterChainProxy]: /service/censorservice at position 5 of 11 in additional filter chain; firing Filter: 'BasicAuthenticationFilter'
19:48:18,694 DEBUG [http-8000-2] [security.web.FilterChainProxy]: /service/messageservice at position 3 of 11 in additional filter chain; firing Filter: 'LogoutFilter'
19:48:18,695 DEBUG [http-8000-3] [security.web.FilterChainProxy]: /service/censorservice at position 6 of 11 in additional filter chain; firing Filter: 'RequestCacheAwareFilter'
19:48:18,695 DEBUG [http-8000-2] [security.web.FilterChainProxy]: /service/messageservice at position 4 of 11 in additional filter chain; firing Filter: 'UsernamePasswordAuthenticationFilter'
19:48:18,696 DEBUG [http-8000-2] [security.web.FilterChainProxy]: /service/messageservice at position 5 of 11 in additional filter chain; firing Filter: 'BasicAuthenticationFilter'
19:48:18,695 DEBUG [http-8000-3] [security.web.FilterChainProxy]: /service/censorservice at position 7 of 11 in additional filter chain; firing Filter: 'SecurityContextHolderAwareRequestFilter'
19:48:18,696 DEBUG [http-8000-2] [security.web.FilterChainProxy]: /service/messageservice at position 6 of 11 in additional filter chain; firing Filter: 'RequestCacheAwareFilter'
19:48:18,696 DEBUG [http-8000-3] [security.web.FilterChainProxy]: /service/censorservice at position 8 of 11 in additional filter chain; firing Filter: 'AnonymousAuthenticationFilter'
19:48:18,697 DEBUG [http-8000-2] [security.web.FilterChainProxy]: /service/messageservice at position 7 of 11 in additional filter chain; firing Filter: 'SecurityContextHolderAwareRequestFilter'
19:48:18,697 DEBUG [http-8000-2] [security.web.FilterChainProxy]: /service/messageservice at position 8 of 11 in additional filter chain; firing Filter: 'AnonymousAuthenticationFilter'
19:48:18,697 DEBUG [http-8000-3] [web.authentication.AnonymousAuthenticationFilter]: SecurityContextHolder not populated with anonymous token, as it already contained: 'org.springframework.security.authentication.UsernamePasswordAuthenticationToken@a48448b4: Principal: com.exigenservices.letter.entity.Censor@73a3d5c3; Credentials: [PROTECTED]; Authenticated: true; Details: null; Granted Authorities: ROLE_CENSOR'
19:48:18,698 DEBUG [http-8000-3] [security.web.FilterChainProxy]: /service/censorservice at position 9 of 11 in additional filter chain; firing Filter: 'SessionManagementFilter'
19:48:18,698 DEBUG [http-8000-2] [web.authentication.AnonymousAuthenticationFilter]: SecurityContextHolder not populated with anonymous token, as it already contained: 'org.springframework.security.authentication.UsernamePasswordAuthenticationToken@a48448b4: Principal: com.exigenservices.letter.entity.Censor@73a3d5c3; Credentials: [PROTECTED]; Authenticated: true; Details: null; Granted Authorities: ROLE_CENSOR'
19:48:18,699 DEBUG [http-8000-2] [security.web.FilterChainProxy]: /service/messageservice at position 9 of 11 in additional filter chain; firing Filter: 'SessionManagementFilter'
19:48:18,699 DEBUG [http-8000-3] [security.web.FilterChainProxy]: /service/censorservice at position 10 of 11 in additional filter chain; firing Filter: 'ExceptionTranslationFilter'
19:48:18,700 DEBUG [http-8000-3] [security.web.FilterChainProxy]: /service/censorservice at position 11 of 11 in additional filter chain; firing Filter: 'FilterSecurityInterceptor'
19:48:18,700 DEBUG [http-8000-2] [security.web.FilterChainProxy]: /service/messageservice at position 10 of 11 in additional filter chain; firing Filter: 'ExceptionTranslationFilter'
19:48:18,700 DEBUG [http-8000-3] [access.expression.ExpressionBasedFilterInvocationSecurityMetadataSource]: Converted URL to lowercase, from: '/service/censorservice'; to: '/service/censorservice'
19:48:18,701 DEBUG [http-8000-2] [security.web.FilterChainProxy]: /service/messageservice at position 11 of 11 in additional filter chain; firing Filter: 'FilterSecurityInterceptor'
19:48:18,701 DEBUG [http-8000-3] [access.expression.ExpressionBasedFilterInvocationSecurityMetadataSource]: Candidate is: '/service/censorservice'; pattern is /app/censor.html; matched=false
19:48:18,701 DEBUG [http-8000-2] [access.expression.ExpressionBasedFilterInvocationSecurityMetadataSource]: Converted URL to lowercase, from: '/service/messageservice'; to: '/service/messageservice'
19:48:18,702 DEBUG [http-8000-3] [access.expression.ExpressionBasedFilterInvocationSecurityMetadataSource]: Candidate is: '/service/censorservice'; pattern is /**; matched=true
19:48:18,702 DEBUG [http-8000-3] [access.intercept.FilterSecurityInterceptor]: Secure object: FilterInvocation: URL: /service/censorservice; Attributes: [permitAll]
19:48:18,702 DEBUG [http-8000-2] [access.expression.ExpressionBasedFilterInvocationSecurityMetadataSource]: Candidate is: '/service/messageservice'; pattern is /app/censor.html; matched=false
19:48:18,703 DEBUG [http-8000-3] [access.intercept.FilterSecurityInterceptor]: Previously Authenticated: org.springframework.security.authentication.UsernamePasswordAuthenticationToken@a48448b4: Principal: com.exigenservices.letter.entity.Censor@73a3d5c3; Credentials: [PROTECTED]; Authenticated: true; Details: null; Granted Authorities: ROLE_CENSOR
19:48:18,703 DEBUG [http-8000-2] [access.expression.ExpressionBasedFilterInvocationSecurityMetadataSource]: Candidate is: '/service/messageservice'; pattern is /**; matched=true
19:48:18,704 DEBUG [http-8000-2] [access.intercept.FilterSecurityInterceptor]: Secure object: FilterInvocation: URL: /service/messageservice; Attributes: [permitAll]
19:48:18,704 DEBUG [http-8000-3] [access.vote.AffirmativeBased]: Voter: org.springframework.security.access.vote.RoleVoter@235b4804, returned: 0
19:48:18,704 DEBUG [http-8000-3] [access.vote.AffirmativeBased]: Voter: org.springframework.security.access.vote.AuthenticatedVoter@6f3e49a8, returned: 0
19:48:18,704 DEBUG [http-8000-2] [access.intercept.FilterSecurityInterceptor]: Previously Authenticated: org.springframework.security.authentication.UsernamePasswordAuthenticationToken@a48448b4: Principal: com.exigenservices.letter.entity.Censor@73a3d5c3; Credentials: [PROTECTED]; Authenticated: true; Details: null; Granted Authorities: ROLE_CENSOR
19:48:18,705 DEBUG [http-8000-2] [access.vote.AffirmativeBased]: Voter: org.springframework.security.access.vote.RoleVoter@235b4804, returned: 0
19:48:18,705 DEBUG [http-8000-2] [access.vote.AffirmativeBased]: Voter: org.springframework.security.access.vote.AuthenticatedVoter@6f3e49a8, returned: 0
19:48:18,705 DEBUG [http-8000-3] [access.vote.AffirmativeBased]: Voter: org.springframework.security.web.access.expression.WebExpressionVoter@4019eb89, returned: 1
19:48:18,706 DEBUG [http-8000-3] [access.intercept.FilterSecurityInterceptor]: Authorization successful
19:48:18,706 DEBUG [http-8000-2] [access.vote.AffirmativeBased]: Voter: org.springframework.security.web.access.expression.WebExpressionVoter@4019eb89, returned: 1
19:48:18,706 DEBUG [http-8000-2] [access.intercept.FilterSecurityInterceptor]: Authorization successful
19:48:18,706 DEBUG [http-8000-2] [access.intercept.FilterSecurityInterceptor]: RunAsManager did not change Authentication object
19:48:18,707 DEBUG [http-8000-2] [security.web.FilterChainProxy]: /service/messageservice reached end of additional filter chain; proceeding with original chain
19:48:18,706 DEBUG [http-8000-3] [access.intercept.FilterSecurityInterceptor]: RunAsManager did not change Authentication object
19:48:18,707 DEBUG [http-8000-3] [security.web.FilterChainProxy]: /service/censorservice reached end of additional filter chain; proceeding with original chain
19:48:18,707 DEBUG [http-8000-2] [intercept.aopalliance.MethodSecurityInterceptor]: Secure object: ReflectiveMethodInvocation: public abstract com.extjs.gxt.ui.client.data.PagingLoadResult com.exigenservices.letter.censormodule.client.service.MessageDTOService.getAllNewIncomingMessageByCensor(java.util.Date); target is of class [com.exigenservices.letter.censormodule.server.MessageDTOServiceImpl]; Attributes: [ROLE_CENSOR]
19:48:18,707 DEBUG [http-8000-3] [intercept.aopalliance.MethodSecurityInterceptor]: Secure object: ReflectiveMethodInvocation: public abstract com.exigenservices.letter.censormodule.client.dto.UpdateResult com.exigenservices.letter.censormodule.client.service.CensorService.checkForNewLetters(java.util.Date) throws com.exigenservices.letter.commonmodule.client.exceptions.AccessDeniedException; target is of class [com.exigenservices.letter.censormodule.server.CensorServiceImpl]; Attributes: [ROLE_CENSOR]
19:48:18,708 DEBUG [http-8000-2] [intercept.aopalliance.MethodSecurityInterceptor]: Previously Authenticated: org.springframework.security.authentication.UsernamePasswordAuthenticationToken@a48448b4: Principal: com.exigenservices.letter.entity.Censor@73a3d5c3; Credentials: [PROTECTED]; Authenticated: true; Details: null; Granted Authorities: ROLE_CENSOR
19:48:18,708 DEBUG [http-8000-3] [intercept.aopalliance.MethodSecurityInterceptor]: Previously Authenticated: org.springframework.security.authentication.UsernamePasswordAuthenticationToken@a48448b4: Principal: com.exigenservices.letter.entity.Censor@73a3d5c3; Credentials: [PROTECTED]; Authenticated: true; Details: null; Granted Authorities: ROLE_CENSOR
19:48:18,709 DEBUG [http-8000-2] [access.vote.AffirmativeBased]: Voter: org.springframework.security.access.vote.RoleVoter@55a07c1c, returned: 1
19:48:18,709 DEBUG [http-8000-2] [intercept.aopalliance.MethodSecurityInterceptor]: Authorization successful
19:48:18,709 DEBUG [http-8000-3] [access.vote.AffirmativeBased]: Voter: org.springframework.security.access.vote.RoleVoter@55a07c1c, returned: 1
19:48:18,710 DEBUG [http-8000-3] [intercept.aopalliance.MethodSecurityInterceptor]: Authorization successful
19:48:18,710 DEBUG [http-8000-2] [intercept.aopalliance.MethodSecurityInterceptor]: RunAsManager did not change Authentication object
19:48:18,710 DEBUG [http-8000-3] [intercept.aopalliance.MethodSecurityInterceptor]: RunAsManager did not change Authentication object
19:48:18,711 DEBUG [http-8000-2] [web.access.ExceptionTranslationFilter]: Chain processed normally
19:48:18,711 DEBUG [http-8000-2] [web.context.SecurityContextPersistenceFilter]: SecurityContextHolder now cleared, as request processing completed
19:48:18,715 DEBUG [http-8000-3] [web.access.ExceptionTranslationFilter]: Chain processed normally
19:48:18,715 DEBUG [http-8000-3] [web.context.SecurityContextPersistenceFilter]: SecurityContextHolder now cleared, as request processing completed
19:48:19,359 DEBUG [http-8000-3] [security.web.FilterChainProxy]: Converted URL to lowercase, from: '/app/censor.html'; to: '/app/censor.html'
19:48:19,359 DEBUG [http-8000-3] [security.web.FilterChainProxy]: Candidate is: '/app/censor.html'; pattern is /**; matched=true
19:48:19,359 DEBUG [http-8000-3] [security.web.FilterChainProxy]: /app/Censor.html at position 1 of 11 in additional filter chain; firing Filter: 'CustomX509Filter'
19:48:19,359 DEBUG [http-8000-3] [security.web.FilterChainProxy]: /app/Censor.html at position 2 of 11 in additional filter chain; firing Filter: 'SecurityContextPersistenceFilter'
19:48:19,359 DEBUG [http-8000-3] [web.context.HttpSessionSecurityContextRepository]: Obtained a valid SecurityContext from SPRING_SECURITY_CONTEXT: 'org.springframework.security.core.context.SecurityContextImpl@a48448b4: Authentication: org.springframework.security.authentication.UsernamePasswordAuthenticationToken@a48448b4: Principal: com.exigenservices.letter.entity.Censor@73a3d5c3; Credentials: [PROTECTED]; Authenticated: true; Details: null; Granted Authorities: ROLE_CENSOR'
19:48:19,359 DEBUG [http-8000-3] [security.web.FilterChainProxy]: /app/Censor.html at position 3 of 11 in additional filter chain; firing Filter: 'LogoutFilter'
19:48:19,359 DEBUG [http-8000-3] [security.web.FilterChainProxy]: /app/Censor.html at position 4 of 11 in additional filter chain; firing Filter: 'UsernamePasswordAuthenticationFilter'
19:48:19,359 DEBUG [http-8000-3] [security.web.FilterChainProxy]: /app/Censor.html at position 5 of 11 in additional filter chain; firing Filter: 'BasicAuthenticationFilter'
19:48:19,359 DEBUG [http-8000-3] [security.web.FilterChainProxy]: /app/Censor.html at position 6 of 11 in additional filter chain; firing Filter: 'RequestCacheAwareFilter'
19:48:19,359 DEBUG [http-8000-3] [security.web.FilterChainProxy]: /app/Censor.html at position 7 of 11 in additional filter chain; firing Filter: 'SecurityContextHolderAwareRequestFilter'
19:48:19,360 DEBUG [http-8000-3] [security.web.FilterChainProxy]: /app/Censor.html at position 8 of 11 in additional filter chain; firing Filter: 'AnonymousAuthenticationFilter'
19:48:19,360 DEBUG [http-8000-3] [web.authentication.AnonymousAuthenticationFilter]: SecurityContextHolder not populated with anonymous token, as it already contained: 'org.springframework.security.authentication.UsernamePasswordAuthenticationToken@a48448b4: Principal: com.exigenservices.letter.entity.Censor@73a3d5c3; Credentials: [PROTECTED]; Authenticated: true; Details: null; Granted Authorities: ROLE_CENSOR'
19:48:19,360 DEBUG [http-8000-3] [security.web.FilterChainProxy]: /app/Censor.html at position 9 of 11 in additional filter chain; firing Filter: 'SessionManagementFilter'
19:48:19,360 DEBUG [http-8000-3] [security.web.FilterChainProxy]: /app/Censor.html at position 10 of 11 in additional filter chain; firing Filter: 'ExceptionTranslationFilter'
19:48:19,360 DEBUG [http-8000-3] [security.web.FilterChainProxy]: /app/Censor.html at position 11 of 11 in additional filter chain; firing Filter: 'FilterSecurityInterceptor'
19:48:19,360 DEBUG [http-8000-3] [access.expression.ExpressionBasedFilterInvocationSecurityMetadataSource]: Converted URL to lowercase, from: '/app/censor.html'; to: '/app/censor.html'
19:48:19,360 DEBUG [http-8000-3] [access.expression.ExpressionBasedFilterInvocationSecurityMetadataSource]: Candidate is: '/app/censor.html'; pattern is /app/censor.html; matched=true
19:48:19,360 DEBUG [http-8000-3] [access.intercept.FilterSecurityInterceptor]: Secure object: FilterInvocation: URL: /app/Censor.html; Attributes: [hasRole('ROLE_CENSOR')]
19:48:19,360 DEBUG [http-8000-3] [access.intercept.FilterSecurityInterceptor]: Previously Authenticated: org.springframework.security.authentication.UsernamePasswordAuthenticationToken@a48448b4: Principal: com.exigenservices.letter.entity.Censor@73a3d5c3; Credentials: [PROTECTED]; Authenticated: true; Details: null; Granted Authorities: ROLE_CENSOR
19:48:19,360 DEBUG [http-8000-3] [access.vote.AffirmativeBased]: Voter: org.springframework.security.access.vote.RoleVoter@235b4804, returned: 0
19:48:19,360 DEBUG [http-8000-3] [access.vote.AffirmativeBased]: Voter: org.springframework.security.access.vote.AuthenticatedVoter@6f3e49a8, returned: 0
19:48:19,360 DEBUG [http-8000-3] [access.vote.AffirmativeBased]: Voter: org.springframework.security.web.access.expression.WebExpressionVoter@4019eb89, returned: 1
19:48:19,360 DEBUG [http-8000-3] [access.intercept.FilterSecurityInterceptor]: Authorization successful
19:48:19,361 DEBUG [http-8000-3] [access.intercept.FilterSecurityInterceptor]: RunAsManager did not change Authentication object
19:48:19,361 DEBUG [http-8000-3] [security.web.FilterChainProxy]: /app/Censor.html reached end of additional filter chain; proceeding with original chain
19:48:19,361 DEBUG [http-8000-3] [web.access.ExceptionTranslationFilter]: Chain processed normally
19:48:19,361 DEBUG [http-8000-3] [web.context.SecurityContextPersistenceFilter]: SecurityContextHolder now cleared, as request processing completed
19:48:19,955 DEBUG [http-8000-3] [security.web.FilterChainProxy]: Converted URL to lowercase, from: '/app/app.nocache.js'; to: '/app/app.nocache.js'
19:48:19,955 DEBUG [http-8000-3] [security.web.FilterChainProxy]: Candidate is: '/app/app.nocache.js'; pattern is /**; matched=true
19:48:19,955 DEBUG [http-8000-3] [security.web.FilterChainProxy]: /app/app.nocache.js at position 1 of 11 in additional filter chain; firing Filter: 'CustomX509Filter'
19:48:19,955 DEBUG [http-8000-3] [security.web.FilterChainProxy]: /app/app.nocache.js at position 2 of 11 in additional filter chain; firing Filter: 'SecurityContextPersistenceFilter'
19:48:19,959 DEBUG [http-8000-3] [web.context.HttpSessionSecurityContextRepository]: Obtained a valid SecurityContext from SPRING_SECURITY_CONTEXT: 'org.springframework.security.core.context.SecurityContextImpl@a48448b4: Authentication: org.springframework.security.authentication.UsernamePasswordAuthenticationToken@a48448b4: Principal: com.exigenservices.letter.entity.Censor@73a3d5c3; Credentials: [PROTECTED]; Authenticated: true; Details: null; Granted Authorities: ROLE_CENSOR'
19:48:19,959 DEBUG [http-8000-3] [security.web.FilterChainProxy]: /app/app.nocache.js at position 3 of 11 in additional filter chain; firing Filter: 'LogoutFilter'
19:48:19,960 DEBUG [http-8000-3] [security.web.FilterChainProxy]: /app/app.nocache.js at position 4 of 11 in additional filter chain; firing Filter: 'UsernamePasswordAuthenticationFilter'
19:48:19,960 DEBUG [http-8000-3] [security.web.FilterChainProxy]: /app/app.nocache.js at position 5 of 11 in additional filter chain; firing Filter: 'BasicAuthenticationFilter'
19:48:19,960 DEBUG [http-8000-3] [security.web.FilterChainProxy]: /app/app.nocache.js at position 6 of 11 in additional filter chain; firing Filter: 'RequestCacheAwareFilter'
19:48:19,961 DEBUG [http-8000-3] [security.web.FilterChainProxy]: /app/app.nocache.js at position 7 of 11 in additional filter chain; firing Filter: 'SecurityContextHolderAwareRequestFilter'
19:48:19,961 DEBUG [http-8000-3] [security.web.FilterChainProxy]: /app/app.nocache.js at position 8 of 11 in additional filter chain; firing Filter: 'AnonymousAuthenticationFilter'
19:48:19,961 DEBUG [http-8000-3] [web.authentication.AnonymousAuthenticationFilter]: SecurityContextHolder not populated with anonymous token, as it already contained: 'org.springframework.security.authentication.UsernamePasswordAuthenticationToken@a48448b4: Principal: com.exigenservices.letter.entity.Censor@73a3d5c3; Credentials: [PROTECTED]; Authenticated: true; Details: null; Granted Authorities: ROLE_CENSOR'
19:48:19,961 DEBUG [http-8000-3] [security.web.FilterChainProxy]: /app/app.nocache.js at position 9 of 11 in additional filter chain; firing Filter: 'SessionManagementFilter'
19:48:19,962 DEBUG [http-8000-3] [security.web.FilterChainProxy]: /app/app.nocache.js at position 10 of 11 in additional filter chain; firing Filter: 'ExceptionTranslationFilter'
19:48:19,962 DEBUG [http-8000-3] [security.web.FilterChainProxy]: /app/app.nocache.js at position 11 of 11 in additional filter chain; firing Filter: 'FilterSecurityInterceptor'
19:48:19,962 DEBUG [http-8000-3] [access.expression.ExpressionBasedFilterInvocationSecurityMetadataSource]: Converted URL to lowercase, from: '/app/app.nocache.js'; to: '/app/app.nocache.js'
19:48:19,963 DEBUG [http-8000-3] [access.expression.ExpressionBasedFilterInvocationSecurityMetadataSource]: Candidate is: '/app/app.nocache.js'; pattern is /app/censor.html; matched=false
19:48:19,963 DEBUG [http-8000-3] [access.expression.ExpressionBasedFilterInvocationSecurityMetadataSource]: Candidate is: '/app/app.nocache.js'; pattern is /**; matched=true
19:48:19,963 DEBUG [http-8000-3] [access.intercept.FilterSecurityInterceptor]: Secure object: FilterInvocation: URL: /app/app.nocache.js; Attributes: [permitAll]
19:48:19,963 DEBUG [http-8000-3] [access.intercept.FilterSecurityInterceptor]: Previously Authenticated: org.springframework.security.authentication.UsernamePasswordAuthenticationToken@a48448b4: Principal: com.exigenservices.letter.entity.Censor@73a3d5c3; Credentials: [PROTECTED]; Authenticated: true; Details: null; Granted Authorities: ROLE_CENSOR
19:48:19,964 DEBUG [http-8000-3] [access.vote.AffirmativeBased]: Voter: org.springframework.security.access.vote.RoleVoter@235b4804, returned: 0
19:48:19,964 DEBUG [http-8000-3] [access.vote.AffirmativeBased]: Voter: org.springframework.security.access.vote.AuthenticatedVoter@6f3e49a8, returned: 0
19:48:19,964 DEBUG [http-8000-3] [access.vote.AffirmativeBased]: Voter: org.springframework.security.web.access.expression.WebExpressionVoter@4019eb89, returned: 1
19:48:19,964 DEBUG [http-8000-3] [access.intercept.FilterSecurityInterceptor]: Authorization successful
19:48:19,965 DEBUG [http-8000-3] [access.intercept.FilterSecurityInterceptor]: RunAsManager did not change Authentication object
19:48:19,965 DEBUG [http-8000-3] [security.web.FilterChainProxy]: /app/app.nocache.js reached end of additional filter chain; proceeding with original chain
19:48:19,965 DEBUG [http-8000-3] [commonmodule.server.GWTCacheControlFilter]: doFilter() nocache file expired forcibly
19:48:19,965 DEBUG [http-8000-3] [web.access.ExceptionTranslationFilter]: Chain processed normally
19:48:19,965 DEBUG [http-8000-3] [web.context.SecurityContextPersistenceFilter]: SecurityContextHolder now cleared, as request processing completed
19:48:20,814 DEBUG [http-8000-3] [security.web.FilterChainProxy]: Converted URL to lowercase, from: '/service/censorservice'; to: '/service/censorservice'
19:48:20,815 DEBUG [http-8000-3] [security.web.FilterChainProxy]: Candidate is: '/service/censorservice'; pattern is /**; matched=true
19:48:20,815 DEBUG [http-8000-3] [security.web.FilterChainProxy]: /service/censorservice at position 1 of 11 in additional filter chain; firing Filter: 'CustomX509Filter'
19:48:20,815 DEBUG [http-8000-3] [security.web.FilterChainProxy]: /service/censorservice at position 2 of 11 in additional filter chain; firing Filter: 'SecurityContextPersistenceFilter'
19:48:20,817 DEBUG [http-8000-3] [web.context.HttpSessionSecurityContextRepository]: Obtained a valid SecurityContext from SPRING_SECURITY_CONTEXT: 'org.springframework.security.core.context.SecurityContextImpl@a48448b4: Authentication: org.springframework.security.authentication.UsernamePasswordAuthenticationToken@a48448b4: Principal: com.exigenservices.letter.entity.Censor@73a3d5c3; Credentials: [PROTECTED]; Authenticated: true; Details: null; Granted Authorities: ROLE_CENSOR'
19:48:20,817 DEBUG [http-8000-3] [security.web.FilterChainProxy]: /service/censorservice at position 3 of 11 in additional filter chain; firing Filter: 'LogoutFilter'
19:48:20,818 DEBUG [http-8000-3] [security.web.FilterChainProxy]: /service/censorservice at position 4 of 11 in additional filter chain; firing Filter: 'UsernamePasswordAuthenticationFilter'
19:48:20,818 DEBUG [http-8000-3] [security.web.FilterChainProxy]: /service/censorservice at position 5 of 11 in additional filter chain; firing Filter: 'BasicAuthenticationFilter'
19:48:20,818 DEBUG [http-8000-3] [security.web.FilterChainProxy]: /service/censorservice at position 6 of 11 in additional filter chain; firing Filter: 'RequestCacheAwareFilter'
19:48:20,819 DEBUG [http-8000-3] [security.web.FilterChainProxy]: /service/censorservice at position 7 of 11 in additional filter chain; firing Filter: 'SecurityContextHolderAwareRequestFilter'
19:48:20,819 DEBUG [http-8000-3] [security.web.FilterChainProxy]: /service/censorservice at position 8 of 11 in additional filter chain; firing Filter: 'AnonymousAuthenticationFilter'
19:48:20,819 DEBUG [http-8000-3] [web.authentication.AnonymousAuthenticationFilter]: SecurityContextHolder not populated with anonymous token, as it already contained: 'org.springframework.security.authentication.UsernamePasswordAuthenticationToken@a48448b4: Principal: com.exigenservices.letter.entity.Censor@73a3d5c3; Credentials: [PROTECTED]; Authenticated: true; Details: null; Granted Authorities: ROLE_CENSOR'
19:48:20,820 DEBUG [http-8000-3] [security.web.FilterChainProxy]: /service/censorservice at position 9 of 11 in additional filter chain; firing Filter: 'SessionManagementFilter'
19:48:20,820 DEBUG [http-8000-3] [security.web.FilterChainProxy]: /service/censorservice at position 10 of 11 in additional filter chain; firing Filter: 'ExceptionTranslationFilter'
19:48:20,820 DEBUG [http-8000-3] [security.web.FilterChainProxy]: /service/censorservice at position 11 of 11 in additional filter chain; firing Filter: 'FilterSecurityInterceptor'
19:48:20,821 DEBUG [http-8000-3] [access.expression.ExpressionBasedFilterInvocationSecurityMetadataSource]: Converted URL to lowercase, from: '/service/censorservice'; to: '/service/censorservice'
19:48:20,821 DEBUG [http-8000-3] [access.expression.ExpressionBasedFilterInvocationSecurityMetadataSource]: Candidate is: '/service/censorservice'; pattern is /app/censor.html; matched=false
19:48:20,821 DEBUG [http-8000-3] [access.expression.ExpressionBasedFilterInvocationSecurityMetadataSource]: Candidate is: '/service/censorservice'; pattern is /**; matched=true
19:48:20,822 DEBUG [http-8000-3] [access.intercept.FilterSecurityInterceptor]: Secure object: FilterInvocation: URL: /service/censorservice; Attributes: [permitAll]
最佳答案
尝试改变
<security:intercept-url pattern="/**" filters="none"/>
至
<security:intercept-url pattern="/**" access="permitAll"/>
前者将阻止安全链应用于除“/app/Censor.html”完全匹配之外的任何请求,包括登录表单提交。但这似乎很奇怪,因为我希望您收到登录请求的 404。
您可能还应该发布登录表单提交的调试日志,该日志显示您的处理程序被“跳过”。
更新
您发布的日志显示从已通过身份验证的客户端(带有 session )提交的多个交错请求,因此我不希望发生身份验证或发生重定向。
关于java - AuthenticationSuccessHandler 未被调用,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/9827743/
26
4
0
我刚刚在这个论坛的帮助下添加了一个 AuthenticationSuccessHandler,它在用户通过 fosuserbundle 或 fosfacebookbundle 登录时在我的网站上实现重
这是我的 AuthSuccessHandlerClass public class AuthSuccessHandler implements AuthenticationSuccessHandler
我正在使用 Spring MVC 网站并通过 LDAP 添加 Active Directory 身份验证。该公司不想使用 AD 权限来映射网站的权限,我们有一个列出每个用户权限的数据库,所以我试图连接
我实现了一个成功处理程序,如果用户是管理员用户,该处理程序会将用户重定向到特定页面。 public class MaunaKeaAuthenticationSuccessHandler impleme
我有一个使用 Spring 3.1 的 java webapp。我的 Spring 安全上下文定义了多个身份验证过滤器,每个过滤器对应一个不同的身份验证路径(例如,用户名/密码与单点登录)。每个身份验
我想为用户提供一种使用 token 登录的替代方法。我已经在 PreAuthenticationFilter 类中处理了对用户的身份验证,但是我需要触发我的 AuthenticationSuccess
你好 Stackoverflower, 我遇到了 Spring Security AuthenticationSuccessHandler 的问题。我实现了自定义 AuthenticationSucc
我在 Spring Boot 应用程序中使用了 Spring Security,有两种类型的用户:一种是 ADMIN,另一种只是普通用户。我从 DataSource 获取数据,然后执行 SQL 查询。
在其他一些帖子之后,我尝试覆盖 spring-security 处理程序的身份验证成功方法,但它从未被调用。我的代码如下所示: src/groovy/mypackage/MyAuthenticatio
在我的 Spring Security 应用程序中,我尝试在成功登录后返回 cookie 'remember_token'。我的 AuthenticanSuccessHandler 类自动连接 Rem
关闭。这个问题是opinion-based 。目前不接受答案。 想要改进这个问题吗?更新问题,以便 editing this post 可以用事实和引文来回答它。 . 已关闭 6 年前。 Improv
我有一个包含所有帐户信息的 Customer 类。(它不扩展 Spring 的 userdetails.User 类)我正在尝试在成功登录后做一些事情(例如设置新的上次登录时间)。为此,我设置了自定义
我想为我的登录过滤器实现自定义 AuthenticationSuccessHandler,即 org.springframework.security.web.authentication.remem
我正在使用 Spring boot + data rest 设置纯 json rest 服务,现在无法让我的自定义身份验证成功处理程序(以及身份验证失败处理程序)来处理登录响应。登录本身可以正常工作,
(编辑澄清)我有一个 POJO (SessionStorage) 来存储 session 特定数据,我想在成功验证后填充这些数据。由于我将 Scope 设置为“session”,我期望 MainCon
我是 Spring Security 3 的新手。我正在使用角色让用户登录。 我想根据用户的角色将用户重定向到不同的页面,我的理解是我必须为此实现 AuthenticationSuccessHandl
我有一个自定义的 AuthenticationSuccessHandler。 我想做的是在 onAuthenticationSuccess 方法中设置一些 session 数据。 为了存储 sessi
我有一个 Spring-MVC 应用程序(即我正在使用 Spring 的调度程序 servlet)。我还使用 Spring Security 来验证用户身份。由于我使用 Spring 的调度程序 se
我有三个角色,我想在登录后根据用户的角色将用户重定向到不同的页面。我知道这可以通过 AuthenticationSuccessHandler 来完成,但我在基于 Java 的配置中声明它时遇到了麻烦。
@Component("MyAuthFilter") public class MyAuthFilter extends UsernamePasswordAuthenticationF
我是一名优秀的程序员,十分优秀!