Warning: file_get_contents(/data/phpspider/zhask/data//catemap/9/java/394.json): failed to open stream: No such file or directory in /data/phpspider/zhask/libs/function.php on line 167

Warning: Invalid argument supplied for foreach() in /data/phpspider/zhask/libs/tag.function.php on line 1116

Notice: Undefined index: in /data/phpspider/zhask/libs/function.php on line 180

Warning: array_chunk() expects parameter 1 to be array, null given in /data/phpspider/zhask/libs/function.php on line 181

Warning: file_get_contents(/data/phpspider/zhask/data//catemap/2/spring/13.json): failed to open stream: No such file or directory in /data/phpspider/zhask/libs/function.php on line 167

Warning: Invalid argument supplied for foreach() in /data/phpspider/zhask/libs/tag.function.php on line 1116

Notice: Undefined index: in /data/phpspider/zhask/libs/function.php on line 180

Warning: array_chunk() expects parameter 1 to be array, null given in /data/phpspider/zhask/libs/function.php on line 181
Java Spring Security首次访问时执行HTTP302_Java_Spring_Spring Security_Spring Session - Fatal编程技术网
Fatal编程技术网
  • java/
  • Java Spring Security首次访问时执行HTTP302

Java Spring Security首次访问时执行HTTP302

java spring spring-security

Java Spring Security首次访问时执行HTTP302,java,spring,spring-security,spring-session,Java,Spring,Spring Security,Spring Session,我们正在使用带有“Spring核心和Spring安全性”框架的“Struts2”。 第一次加载页面时,用户将重定向到主页 当我们在邮件上发送特定链接时,这会导致问题,因为用户必须点击它两次 我已经签入dept,发现SessionManagementFilter正在执行HTTP 302重定向到“/”,因为“invalidSessionStrategy” SimpleDirectInvalidSessionStrategy(Spring安全类) 我的“application context secu

我们正在使用带有“Spring核心和Spring安全性”框架的“Struts2”。 第一次加载页面时,用户将重定向到主页

当我们在邮件上发送特定链接时,这会导致问题,因为用户必须点击它两次

我已经签入dept,发现SessionManagementFilter正在执行HTTP 302重定向到“/”,因为“invalidSessionStrategy”

SimpleDirectInvalidSessionStrategy(Spring安全类)

我的“application context security.xml”:

    <global-method-security pre-post-annotations="enabled">
        <expression-handler ref="expressionHandler" />
    </global-method-security>
    <http auto-config="false" use-expressions="true" 
            authentication-manager-ref="authenticationManger">
    ...
        <form-login login-page="/" default-target-url="/secure/"
                always-use-default-target="false" authentication-failure-url="/?login_error=true"
                login-processing-url="/login" />
        <logout logout-url="/secure/logout" logout-success-url="/" />


        <session-management invalid-session-url="/" />
        <logout delete-cookies="JSESSIONID" />
        <session-management>
            <concurrency-control max-sessions="1" />
        </session-management>
    </http>


...
如何防止Spring对某个url执行重定向,或将其重定向到请求的url

编辑:这是我的web.xml过滤器。我分析甚至删除了URLRewite,它没有任何影响

<filter>
    <filter-name>UrlRewriteFilter</filter-name>
    <filter-class>org.tuckey.web.filters.urlrewrite.UrlRewriteFilter</filter-class>
</filter>

<filter>
    <filter-name>springSecurityFilterChain</filter-name>
    <filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
</filter>

<filter>
    <filter-name>action</filter-name>
    <filter-class>org.apache.struts2.dispatcher.ng.filter.StrutsPrepareAndExecuteFilter</filter-class>
</filter>


<filter-mapping>
    <filter-name>UrlRewriteFilter</filter-name>
    <url-pattern>/*</url-pattern>
    <dispatcher>REQUEST</dispatcher>
    <dispatcher>FORWARD</dispatcher>
</filter-mapping>

<filter-mapping>
    <filter-name>springSecurityFilterChain</filter-name>
    <url-pattern>/*</url-pattern>
    <dispatcher>REQUEST</dispatcher>
    <dispatcher>FORWARD</dispatcher>
</filter-mapping>


<filter-mapping>
    <filter-name>action</filter-name>
    <url-pattern>*.action</url-pattern>
    <dispatcher>REQUEST</dispatcher>
    <dispatcher>FORWARD</dispatcher>
</filter-mapping>
<filter-mapping>
    <filter-name>action</filter-name>
    <url-pattern>/*</url-pattern>
    <dispatcher>REQUEST</dispatcher>
    <dispatcher>FORWARD</dispatcher>
</filter-mapping>
<filter-mapping>
    <filter-name>action</filter-name>
    <url-pattern>/struts/*</url-pattern>
    <dispatcher>REQUEST</dispatcher>
    <dispatcher>FORWARD</dispatcher>
</filter-mapping>

<listener>
    <listener-class>org.springframework.web.context.ContextLoaderListener</listener-class>
</listener>
 <listener>
    <listener-class>
        org.springframework.web.context.request.RequestContextListener
    </listener-class>
</listener>
<listener>
    <listener-class>org.springframework.security.web.session.HttpSessionEventPublisher</listener-class>
</listener>

<session-config>
    <session-timeout>60</session-timeout>
</session-config>


URL重写过滤器
org.tuckey.web.filters.urlrewrite.UrlRewriteFilter
springSecurityFilterChain
org.springframework.web.filter.DelegatingFilterProxy
行动
org.apache.struts2.dispatcher.ng.filter.strutspreadexecutefilter
URL重写过滤器
/*
要求
向前地
springSecurityFilterChain
/*
要求
向前地
行动
*.行动
要求
向前地
行动
/*
要求
向前地
行动
/支柱/*
要求
向前地
org.springframework.web.context.ContextLoaderListener
org.springframework.web.context.request.RequestContextListener
org.springframework.security.web.session.HttpSessionEventPublisher
60
Spring security将您的请求重定向到无效会话url=“/”。您需要配置permit all,以便页面不会重定向。例如
我有这样一点:但我甚至添加了您的建议,它不会改变任何事情。它看起来像是会话问题,而不是authPl post you web.xml配置确定我编辑我的postSpring安全性会将您的请求重定向到无效会话url=“/”。您需要配置permit all,以便页面不会重定向。例如<代码>我有这样一个建议:但我甚至添加了你的建议,它不会改变任何东西。它看起来像是会话问题,而不是authPl post you web.xml配置确定我编辑了我的帖子 
<filter>
    <filter-name>UrlRewriteFilter</filter-name>
    <filter-class>org.tuckey.web.filters.urlrewrite.UrlRewriteFilter</filter-class>
</filter>

<filter>
    <filter-name>springSecurityFilterChain</filter-name>
    <filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
</filter>

<filter>
    <filter-name>action</filter-name>
    <filter-class>org.apache.struts2.dispatcher.ng.filter.StrutsPrepareAndExecuteFilter</filter-class>
</filter>


<filter-mapping>
    <filter-name>UrlRewriteFilter</filter-name>
    <url-pattern>/*</url-pattern>
    <dispatcher>REQUEST</dispatcher>
    <dispatcher>FORWARD</dispatcher>
</filter-mapping>

<filter-mapping>
    <filter-name>springSecurityFilterChain</filter-name>
    <url-pattern>/*</url-pattern>
    <dispatcher>REQUEST</dispatcher>
    <dispatcher>FORWARD</dispatcher>
</filter-mapping>


<filter-mapping>
    <filter-name>action</filter-name>
    <url-pattern>*.action</url-pattern>
    <dispatcher>REQUEST</dispatcher>
    <dispatcher>FORWARD</dispatcher>
</filter-mapping>
<filter-mapping>
    <filter-name>action</filter-name>
    <url-pattern>/*</url-pattern>
    <dispatcher>REQUEST</dispatcher>
    <dispatcher>FORWARD</dispatcher>
</filter-mapping>
<filter-mapping>
    <filter-name>action</filter-name>
    <url-pattern>/struts/*</url-pattern>
    <dispatcher>REQUEST</dispatcher>
    <dispatcher>FORWARD</dispatcher>
</filter-mapping>

<listener>
    <listener-class>org.springframework.web.context.ContextLoaderListener</listener-class>
</listener>
 <listener>
    <listener-class>
        org.springframework.web.context.request.RequestContextListener
    </listener-class>
</listener>
<listener>
    <listener-class>org.springframework.security.web.session.HttpSessionEventPublisher</listener-class>
</listener>

<session-config>
    <session-timeout>60</session-timeout>
</session-config>