Spring 登录成功后 Oauth 和安全重定向到 /login
Spring Oauth and security redirect to /login when login success
当使用 Spring 安全和 oauth
我有一个问题,当我登录成功时,它重定向到“/login”,但我没有设置它,如何重定向到登录前的页面?
详情如下:
授权中心:
spring:
application:
name: auth-server
server:
port: 6001
servlet:
context-path: /uaa
登录页面url: /login
下面是配置
@Override
protected void configure(HttpSecurity http) throws Exception {
http.antMatcher("/**")
.authorizeRequests()
.antMatchers("/login", "/oauth/authorize**")
.permitAll()
.anyRequest()
.authenticated()
.and()
.formLogin()
.loginPage("/login")
.failureUrl("/login?error=true")
.permitAll()
.and()
.logout()
.invalidateHttpSession(true)
.clearAuthentication(true)
.logoutUrl("/logout")
.and()
.exceptionHandling()
.accessDeniedPage("/403");
http.cors().and().csrf().disable();
http.sessionManagement().invalidSessionUrl("/login");
http.sessionManagement().maximumSessions(1).maxSessionsPreventsLogin(true);
}
客户:
server:
port: 4000
security:
oauth2:
client:
clientId: community
clientSecret: 123456
accessTokenUri: http://localhost:6001/uaa/oauth/token
userAuthorizationUri: http://localhost:6001/uaa/oauth/authorize
resource:
userInfoUri: http://localhost:6001/uaa/oauth/user/me
下面是安全配置
@Override
public void configure(HttpSecurity http) throws Exception {
http.authorizeRequests()
.anyRequest()
.authenticated()
.and()
.logout()
.invalidateHttpSession(true)
.clearAuthentication(true)
.logoutSuccessUrl("http://localhost:6001/uaa/auth/logout")
.and()
.exceptionHandling()
.accessDeniedHandler(deniedHandler);
http.csrf().disable();
http.httpBasic().disable();
}
当我登录成功后,它会重定向到
http://localhost:6001/uaa/oauth/authorize?client_id=community&redirect_uri=http://127.0.0.1:4000/login&response_type=code&state=jy2gLx
但 4000 是客户端端口。
我找到答案了,客户端application.yml有一些错误
resource:
userInfoUri: http://localhost:6001/uaa/oauth/user/me
url错了
resource:
userInfoUri: http://localhost:6001/uaa/user/me
我更正了它,它起作用了
当使用 Spring 安全和 oauth
我有一个问题,当我登录成功时,它重定向到“/login”,但我没有设置它,如何重定向到登录前的页面?
详情如下:
授权中心:
spring:
application:
name: auth-server
server:
port: 6001
servlet:
context-path: /uaa
登录页面url: /login
下面是配置
@Override
protected void configure(HttpSecurity http) throws Exception {
http.antMatcher("/**")
.authorizeRequests()
.antMatchers("/login", "/oauth/authorize**")
.permitAll()
.anyRequest()
.authenticated()
.and()
.formLogin()
.loginPage("/login")
.failureUrl("/login?error=true")
.permitAll()
.and()
.logout()
.invalidateHttpSession(true)
.clearAuthentication(true)
.logoutUrl("/logout")
.and()
.exceptionHandling()
.accessDeniedPage("/403");
http.cors().and().csrf().disable();
http.sessionManagement().invalidSessionUrl("/login");
http.sessionManagement().maximumSessions(1).maxSessionsPreventsLogin(true);
}
客户:
server:
port: 4000
security:
oauth2:
client:
clientId: community
clientSecret: 123456
accessTokenUri: http://localhost:6001/uaa/oauth/token
userAuthorizationUri: http://localhost:6001/uaa/oauth/authorize
resource:
userInfoUri: http://localhost:6001/uaa/oauth/user/me
下面是安全配置
@Override
public void configure(HttpSecurity http) throws Exception {
http.authorizeRequests()
.anyRequest()
.authenticated()
.and()
.logout()
.invalidateHttpSession(true)
.clearAuthentication(true)
.logoutSuccessUrl("http://localhost:6001/uaa/auth/logout")
.and()
.exceptionHandling()
.accessDeniedHandler(deniedHandler);
http.csrf().disable();
http.httpBasic().disable();
}
当我登录成功后,它会重定向到
http://localhost:6001/uaa/oauth/authorize?client_id=community&redirect_uri=http://127.0.0.1:4000/login&response_type=code&state=jy2gLx
但 4000 是客户端端口。
我找到答案了,客户端application.yml有一些错误
resource:
userInfoUri: http://localhost:6001/uaa/oauth/user/me
url错了
resource:
userInfoUri: http://localhost:6001/uaa/user/me
我更正了它,它起作用了