Java Spring Security首次访问时执行HTTP302
我们正在使用带有“Spring核心和Spring安全性”框架的“Struts2”。 第一次加载页面时,用户将重定向到主页 当我们在邮件上发送特定链接时,这会导致问题,因为用户必须点击它两次 我已经签入dept,发现SessionManagementFilter正在执行HTTP 302重定向到“/”,因为“invalidSessionStrategy” SimpleDirectInvalidSessionStrategy(Spring安全类) 我的“application context security.xml”:Java Spring Security首次访问时执行HTTP302,java,spring,spring-security,spring-session,Java,Spring,Spring Security,Spring Session,我们正在使用带有“Spring核心和Spring安全性”框架的“Struts2”。 第一次加载页面时,用户将重定向到主页 当我们在邮件上发送特定链接时,这会导致问题,因为用户必须点击它两次 我已经签入dept,发现SessionManagementFilter正在执行HTTP 302重定向到“/”,因为“invalidSessionStrategy” SimpleDirectInvalidSessionStrategy(Spring安全类) 我的“application context secu
<global-method-security pre-post-annotations="enabled">
<expression-handler ref="expressionHandler" />
</global-method-security>
<http auto-config="false" use-expressions="true"
authentication-manager-ref="authenticationManger">
...
<form-login login-page="/" default-target-url="/secure/"
always-use-default-target="false" authentication-failure-url="/?login_error=true"
login-processing-url="/login" />
<logout logout-url="/secure/logout" logout-success-url="/" />
<session-management invalid-session-url="/" />
<logout delete-cookies="JSESSIONID" />
<session-management>
<concurrency-control max-sessions="1" />
</session-management>
</http>
...
如何防止Spring对某个url执行重定向,或将其重定向到请求的url
编辑:这是我的web.xml过滤器。我分析甚至删除了URLRewite,它没有任何影响
<filter>
<filter-name>UrlRewriteFilter</filter-name>
<filter-class>org.tuckey.web.filters.urlrewrite.UrlRewriteFilter</filter-class>
</filter>
<filter>
<filter-name>springSecurityFilterChain</filter-name>
<filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
</filter>
<filter>
<filter-name>action</filter-name>
<filter-class>org.apache.struts2.dispatcher.ng.filter.StrutsPrepareAndExecuteFilter</filter-class>
</filter>
<filter-mapping>
<filter-name>UrlRewriteFilter</filter-name>
<url-pattern>/*</url-pattern>
<dispatcher>REQUEST</dispatcher>
<dispatcher>FORWARD</dispatcher>
</filter-mapping>
<filter-mapping>
<filter-name>springSecurityFilterChain</filter-name>
<url-pattern>/*</url-pattern>
<dispatcher>REQUEST</dispatcher>
<dispatcher>FORWARD</dispatcher>
</filter-mapping>
<filter-mapping>
<filter-name>action</filter-name>
<url-pattern>*.action</url-pattern>
<dispatcher>REQUEST</dispatcher>
<dispatcher>FORWARD</dispatcher>
</filter-mapping>
<filter-mapping>
<filter-name>action</filter-name>
<url-pattern>/*</url-pattern>
<dispatcher>REQUEST</dispatcher>
<dispatcher>FORWARD</dispatcher>
</filter-mapping>
<filter-mapping>
<filter-name>action</filter-name>
<url-pattern>/struts/*</url-pattern>
<dispatcher>REQUEST</dispatcher>
<dispatcher>FORWARD</dispatcher>
</filter-mapping>
<listener>
<listener-class>org.springframework.web.context.ContextLoaderListener</listener-class>
</listener>
<listener>
<listener-class>
org.springframework.web.context.request.RequestContextListener
</listener-class>
</listener>
<listener>
<listener-class>org.springframework.security.web.session.HttpSessionEventPublisher</listener-class>
</listener>
<session-config>
<session-timeout>60</session-timeout>
</session-config>
URL重写过滤器
org.tuckey.web.filters.urlrewrite.UrlRewriteFilter
springSecurityFilterChain
org.springframework.web.filter.DelegatingFilterProxy
行动
org.apache.struts2.dispatcher.ng.filter.strutspreadexecutefilter
URL重写过滤器
/*
要求
向前地
springSecurityFilterChain
/*
要求
向前地
行动
*.行动
要求
向前地
行动
/*
要求
向前地
行动
/支柱/*
要求
向前地
org.springframework.web.context.ContextLoaderListener
org.springframework.web.context.request.RequestContextListener
org.springframework.security.web.session.HttpSessionEventPublisher
60
Spring security将您的请求重定向到无效会话url=“/”。您需要配置permit all,以便页面不会重定向。例如
我有这样一点:但我甚至添加了您的建议,它不会改变任何事情。它看起来像是会话问题,而不是authPl post you web.xml配置确定我编辑我的postSpring安全性会将您的请求重定向到无效会话url=“/”。您需要配置permit all,以便页面不会重定向。例如<代码>我有这样一个建议:但我甚至添加了你的建议,它不会改变任何东西。它看起来像是会话问题,而不是authPl post you web.xml配置确定我编辑了我的帖子
<filter>
<filter-name>UrlRewriteFilter</filter-name>
<filter-class>org.tuckey.web.filters.urlrewrite.UrlRewriteFilter</filter-class>
</filter>
<filter>
<filter-name>springSecurityFilterChain</filter-name>
<filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
</filter>
<filter>
<filter-name>action</filter-name>
<filter-class>org.apache.struts2.dispatcher.ng.filter.StrutsPrepareAndExecuteFilter</filter-class>
</filter>
<filter-mapping>
<filter-name>UrlRewriteFilter</filter-name>
<url-pattern>/*</url-pattern>
<dispatcher>REQUEST</dispatcher>
<dispatcher>FORWARD</dispatcher>
</filter-mapping>
<filter-mapping>
<filter-name>springSecurityFilterChain</filter-name>
<url-pattern>/*</url-pattern>
<dispatcher>REQUEST</dispatcher>
<dispatcher>FORWARD</dispatcher>
</filter-mapping>
<filter-mapping>
<filter-name>action</filter-name>
<url-pattern>*.action</url-pattern>
<dispatcher>REQUEST</dispatcher>
<dispatcher>FORWARD</dispatcher>
</filter-mapping>
<filter-mapping>
<filter-name>action</filter-name>
<url-pattern>/*</url-pattern>
<dispatcher>REQUEST</dispatcher>
<dispatcher>FORWARD</dispatcher>
</filter-mapping>
<filter-mapping>
<filter-name>action</filter-name>
<url-pattern>/struts/*</url-pattern>
<dispatcher>REQUEST</dispatcher>
<dispatcher>FORWARD</dispatcher>
</filter-mapping>
<listener>
<listener-class>org.springframework.web.context.ContextLoaderListener</listener-class>
</listener>
<listener>
<listener-class>
org.springframework.web.context.request.RequestContextListener
</listener-class>
</listener>
<listener>
<listener-class>org.springframework.security.web.session.HttpSessionEventPublisher</listener-class>
</listener>
<session-config>
<session-timeout>60</session-timeout>
</session-config>