Java 成功登录后重定向到原始页面将返回原始数据而不是URL名称
我正在使用SpringBoot构建一个应用程序,其中包含SpringSecurity和前端reactJS。我的代码与身份验证配合得很好。但现在我计划将用户重定向到他以前请求的页面,以防他再次登录 我可以从successhandler中提取targetUrl,即上一页,但在UI中执行console.logdata时。我得到的是原始html数据,而不是URL名称。我不知道为什么以及如何打开这样一个原始html代码,或者我可以只从successhandler发送html URL名称,而不是它发送完整的原始html代码?非常感谢您的任何意见 应为console.logdata- 实际console.logdata-addpage.html的原始html数据 ApplicationSecurity.javaJava 成功登录后重定向到原始页面将返回原始数据而不是URL名称,java,jquery,ajax,spring-boot,spring-security,Java,Jquery,Ajax,Spring Boot,Spring Security,我正在使用SpringBoot构建一个应用程序,其中包含SpringSecurity和前端reactJS。我的代码与身份验证配合得很好。但现在我计划将用户重定向到他以前请求的页面,以防他再次登录 我可以从successhandler中提取targetUrl,即上一页,但在UI中执行console.logdata时。我得到的是原始html数据,而不是URL名称。我不知道为什么以及如何打开这样一个原始html代码,或者我可以只从successhandler发送html URL名称,而不是它发送完整的
public class ApplicationSecurity extends WebSecurityConfigurerAdapter {
@Autowired
private UserDetailsService userDetailsService;
@Autowired
private RESTAuthenticationEntryPoint authenticationEntryPoint;
@Autowired
private RESTAuthenticationFailureHandler authenticationFailureHandler;
@Autowired
private RESTAuthenticationSuccessHandler authenticationSuccessHandler;
@Bean
public BCryptPasswordEncoder bCryptPasswordEncoder() {
return new BCryptPasswordEncoder();
}
@Override
protected void configure(HttpSecurity http) throws Exception {
http
.authorizeRequests()
.antMatchers("/CSS/*").permitAll()
.antMatchers("/JS/*").permitAll()
.antMatchers("/login.html").permitAll()
.antMatchers("/*").authenticated()
.and()
.sessionManagement().maximumSessions(5).and().invalidSessionUrl("/login.html");
http.csrf().disable();
http.exceptionHandling().authenticationEntryPoint(authenticationEntryPoint);
http.formLogin().successHandler(authenticationSuccessHandler);
http.formLogin().failureHandler(authenticationFailureHandler);
http.logout().logoutSuccessUrl("/login.html");
}
@Autowired
public void configureGlobal(AuthenticationManagerBuilder auth) throws Exception{
auth.userDetailsService(userDetailsService).passwordEncoder(bCryptPasswordEncoder());
}
}
RESTAuthenticationSuccessHandler.java
@Component
public class RESTAuthenticationSuccessHandler extends
SavedRequestAwareAuthenticationSuccessHandler {
private RequestCache requestCache = new HttpSessionRequestCache();
@Override
public void onAuthenticationSuccess(HttpServletRequest request, HttpServletResponse response,
Authentication authentication) throws IOException, ServletException {
SavedRequest savedRequest = requestCache.getRequest(request, response);
System.out.println(savedRequest);
if (savedRequest == null) {
HttpSession session = request.getSession();
if (session != null) {
String redirectUrl = (String) session.getAttribute("url_prior_login");
if (redirectUrl != null) {
session.removeAttribute("url_prior_login");
getRedirectStrategy().sendRedirect(request, response, redirectUrl);
} else {
super.onAuthenticationSuccess(request, response, authentication);
}
} else {
super.onAuthenticationSuccess(request, response, authentication);
}
return;
}
String targetUrlParameter = getTargetUrlParameter();
System.out.println(targetUrlParameter);
if (isAlwaysUseDefaultTargetUrl()
|| (targetUrlParameter != null && StringUtils.hasText(request.getParameter(targetUrlParameter)))) {
requestCache.removeRequest(request, response);
super.onAuthenticationSuccess(request, response, authentication);
return;
}
clearAuthenticationAttributes(request);
// Use the DefaultSavedRequest URL
String targetUrl = savedRequest.getRedirectUrl();
System.out.println(targetUrl);
logger.debug("Redirecting to DefaultSavedRequest Url: " + targetUrl);
getRedirectStrategy().sendRedirect(request, response, targetUrl);
}
}
用户界面代码:
$.ajax({
type: "POST",
url: "/login",
data: data,
success: function(data){
console.log(data);
}.bind(this),
error:function(data)
{
alert(data.responseJSON.message);
}
});
console.logdata-返回targetURL的原始html代码,我无法将其作为html文件打开。我需要targetURL从successhandler返回的html文件名,以便我可以使用window.location.href打开文件听起来像是mime类型的问题。使用chrome Inspect检查您的网络流量,并确保标题设置正确: 响应标题: 内容类型:text/html;字符集=utf-8 请求标头: 接受:text/html 等等。您可以将重定向url返回到响应
public void onAuthenticationSuccess(HttpServletRequest request, HttpServletResponse response,
Authentication authentication) throws IOException, ServletException {
// ... get target url
String targetUrl = "";
try {
response.setStatus(HttpServletResponse.OK);
PrintWriter writer = response.getWriter();
writer.write(targetUrl);
writer.flush();
writer.close();
} catch (IOException e) {
// ignore
logger.error(e.getMessage(), e);
}
}