这两天发现一个问题,如题,尝试了很多方法,都没法解决,真是很郁闷。最后看源码才知道,我的配置如下。原意是从/api/user/login登录成功后,跳转到/index,但是怎么都不能跳转到/index。原来authc拦截器(即FormAuthenticationFilter),验证成功后只会跳转到最开始你进入的页面,因为我是从/api/user/login页面进入登录,所以只会跳转到/api/user/login。要想跳转到/index页面,只有最开始从/index页面进入,后台会重定向到/api/user/login页面,验证成功后,才返回/index页面。
配置如下:
<bean id="shiroFilter" class="org.apache.shiro.spring.web.ShiroFilterFactoryBean">
<property name="securityManager" ref="securityManager" />
<property name="loginUrl" value="/api/user/login" />
<property name="successUrl" value="/index" />
<property name="unauthorizedUrl" value="/unauthorized" />
<property name="filters">
<map>
<entry key="authc" value-ref="formAuthenticationFilter" />
</map>
</property>
<property name="filterChainDefinitions">
<value>
/static/** = anon
/api/user/login = authc
/api/user/logout = logout
/api/user/register* = anon
/unauthorized = anon
/** = user
</value>
</property>
</bean>
FormAuthenticationFilter部分源码:
protected boolean onLoginSuccess(AuthenticationToken token, Subject subject,
ServletRequest request, ServletResponse response) throws Exception {
issueSuccessRedirect(request, response);
return false;
}
从源码我们可以看出,登录成功后,会执行
protected void issueSuccessRedirect(ServletRequest request, ServletResponse response) throws Exception {
WebUtils.redirectToSavedRequest(request, response, getSuccessUrl());
}
这个方法就是
public static void redirectToSavedRequest(ServletRequest request, ServletResponse response, String fallbackUrl)
throws IOException {
String successUrl = null;
boolean contextRelative = true;
SavedRequest savedRequest = WebUtils.getAndClearSavedRequest(request);
if (savedRequest != null && savedRequest.getMethod().equalsIgnoreCase(AccessControlFilter.GET_METHOD)) {
successUrl = savedRequest.getRequestUrl();
contextRelative = false;
}
if (successUrl == null) {
successUrl = fallbackUrl;
}
if (successUrl == null) {
throw new IllegalStateException("Success URL not available via saved request or via the " +
"successUrlFallback method parameter. One of these must be non-null for " +
"issueSuccessRedirect() to work.");
}
WebUtils.issueRedirect(request, response, successUrl, null, contextRelative);
}
关键在于successUrl = savedRequest.getRequestUrl(),会把successUrl重新赋值,配置的/index失效。
<script type="text/javascript">
$(function () {
$('pre.prettyprint code').each(function () {
var lines = $(this).text().split('\n').length;
var $numbering = $('<ul/>').addClass('pre-numbering').hide();
$(this).addClass('has-numbering').parent().append($numbering);
for (i = 1; i <= lines; i++) {
$numbering.append($('<li/>').text(i));
};
$numbering.fadeIn(1700);
});
});
</script>
版权声明:本文为博主原创文章,未经博主允许不得转载。
分享到:
相关推荐
--登录成功后指定页面 --> <property name="loginUrl" value="/login.jsp" /> <!--登录页面 --> <property name="unauthorizedUrl" value="/index.html" /> <!--访问一个没有权限的链接是跳转至此页面 --> <!-- ...
-- 登录成功后要跳转的连接 --> <property name="successUrl" value="/index.html"/> <!-- 用户访问未对其授权的资源时,所显示的连接 --> <!-- 若想更明显的测试此属性可以修改它的值,如unauthor....
接着,配置 ShiroFilter,指定登录、未授权、成功登录的 URL,并定义过滤链规则: ```xml <bean id="shiroFilter" class="org.apache.shiro.spring.web.ShiroFilterFactoryBean"> ...
// 登录成功后要跳转的链接 shiroFilterFactoryBean.setSuccessUrl("/"); // 未授权界面 shiroFilterFactoryBean.setUnauthorizedUrl("/unauthorized"); Map, String> filterChainDefinitionMap = new ...