CAS Spring 客户端 - 重定向回应用程序失败,因为 ERR_TOO_MANY_REDIRECTS
CAS Spring client - redirection back to the applicatrion is failing because of ERR_TOO_MANY_REDIRECTS
在第一次请求时使用以下配置,它重定向到 CAS 服务器。但是登录后,它不会重定向回应用程序。这是正在发生的事情:
- 打开https://localhost:8443/test
- 重定向到 https://localhost:9443/cas/login?service=https%3A%2F%2Flocalhost%3A8443%2Ftest%2F
输入正确的凭据后,它不会重定向回应用程序。 URL 在浏览器上是同一个 CAS 登录名 URL 并且页面因 ERR_TOO_MANY_REDIRECTS.
而损坏
<security:http entry-point-ref="casEntryPoint">
<security:intercept-url pattern="/**" access="hasRole('ROLE_USER')" />
<security:custom-filter position="CAS_FILTER"
ref="casFilter" />
</security:http>
<bean id="casEntryPoint"
class="org.springframework.security.cas.web.CasAuthenticationEntryPoint">
<property name="loginUrl" value="https://localhost:9443/cas/login/" />
<property name="serviceProperties" ref="serviceProperties" />
</bean>
<bean id="casFilter"
class="org.springframework.security.cas.web.CasAuthenticationFilter">
<property name="authenticationManager" ref="authenticationManager" />
</bean>
<security:authentication-manager alias="authenticationManager">
<security:authentication-provider
ref="casAuthenticationProvider" />
</security:authentication-manager>
<bean id="casAuthenticationProvider"
class="org.springframework.security.cas.authentication.CasAuthenticationProvider">
<property name="authenticationUserDetailsService">
<bean
class="org.springframework.security.core.userdetails.UserDetailsByNameServiceWrapper">
<constructor-arg ref="userService" />
</bean>
</property>
<property name="serviceProperties" ref="serviceProperties" />
<property name="ticketValidator">
<bean class="org.jasig.cas.client.validation.Cas20ServiceTicketValidator">
<constructor-arg index="0" value="https://localhost:9443/cas/" />
</bean>
</property>
<property name="key" value="an_id_for_this_auth_provider_only" />
</bean>
<security:user-service id="userService">
<security:user name="admin" password="admin" authorities="ROLE_USER" />
</security:user-service>
<bean id="serviceProperties" class="org.springframework.security.cas.ServiceProperties">
<property name="service" value="https://localhost:8443/test/" />
<property name="sendRenew" value="false" />
</bean>
当我将以下配置模式从 /** 更改为特定于我的 UI 文件的 /newviews/** 时,此问题得到解决。
<security:intercept-url pattern="/newviews/**" access="hasRole('ROLE_USER')" />
在第一次请求时使用以下配置,它重定向到 CAS 服务器。但是登录后,它不会重定向回应用程序。这是正在发生的事情:
- 打开https://localhost:8443/test
- 重定向到 https://localhost:9443/cas/login?service=https%3A%2F%2Flocalhost%3A8443%2Ftest%2F
输入正确的凭据后,它不会重定向回应用程序。 URL 在浏览器上是同一个 CAS 登录名 URL 并且页面因 ERR_TOO_MANY_REDIRECTS.
而损坏<security:http entry-point-ref="casEntryPoint"> <security:intercept-url pattern="/**" access="hasRole('ROLE_USER')" /> <security:custom-filter position="CAS_FILTER" ref="casFilter" /> </security:http> <bean id="casEntryPoint" class="org.springframework.security.cas.web.CasAuthenticationEntryPoint"> <property name="loginUrl" value="https://localhost:9443/cas/login/" /> <property name="serviceProperties" ref="serviceProperties" /> </bean> <bean id="casFilter" class="org.springframework.security.cas.web.CasAuthenticationFilter"> <property name="authenticationManager" ref="authenticationManager" /> </bean> <security:authentication-manager alias="authenticationManager"> <security:authentication-provider ref="casAuthenticationProvider" /> </security:authentication-manager> <bean id="casAuthenticationProvider" class="org.springframework.security.cas.authentication.CasAuthenticationProvider"> <property name="authenticationUserDetailsService"> <bean class="org.springframework.security.core.userdetails.UserDetailsByNameServiceWrapper"> <constructor-arg ref="userService" /> </bean> </property> <property name="serviceProperties" ref="serviceProperties" /> <property name="ticketValidator"> <bean class="org.jasig.cas.client.validation.Cas20ServiceTicketValidator"> <constructor-arg index="0" value="https://localhost:9443/cas/" /> </bean> </property> <property name="key" value="an_id_for_this_auth_provider_only" /> </bean> <security:user-service id="userService"> <security:user name="admin" password="admin" authorities="ROLE_USER" /> </security:user-service> <bean id="serviceProperties" class="org.springframework.security.cas.ServiceProperties"> <property name="service" value="https://localhost:8443/test/" /> <property name="sendRenew" value="false" /> </bean>
当我将以下配置模式从 /** 更改为特定于我的 UI 文件的 /newviews/** 时,此问题得到解决。
<security:intercept-url pattern="/newviews/**" access="hasRole('ROLE_USER')" />