如何在spring-security，spring mvc中调用target-url之前重定向到登录/注销时的方法-Java 学习之路

我试图在登录成功后记录登录的当前时间（在方法或对象中），并在注销时将LastLogin时间分配给当前登录时间 . 我使用spring security登录，注销 . 但是我不知道在进入target-URL之前如何控制方法 .

SPRING-SECURITY.XML -

<security:form-login login-page="/login"  login-processing-url="/home/currentTime" authentication-failure-url="/login?error=true" default-target-url="/home"/>

<security:logout invalidate-session="true"
            logout-success-url="/home/copyLastloginToCurrentLoginTime" logout-url="/logout" />

控制器 - / home -

@RequestMapping(value = "/currentTime", method = RequestMethod.GET)
        public void recordCurrentLoginTime(Model model) { //code to record current time }

    @RequestMapping(value = "/copyLastloginToCurrentLoginTime", method = RequestMethod.GET)
    public void changeLastLoginTime(Model model) {//code to copy current to last time }

问题 - 我得到错误404 - project-title / j_spring_security_check URL . 当我尝试调试时，它根本不会进入控制器方法 . 我应该为此目的使用一些过滤器或其他东西吗？

我见过SpringSecurity : always redirect logged in users to a page和How to process a form login using Spring Security / Spring MVC . 但无法实现我的目标 .

我是 Spring 天安全的新手，我需要一些帮助才能朝着正确的方向前进 .

谢谢

2 回答

0
您可以在映射中映射default-target-url
```
<security:form-login login-page="/login"
    login-processing-url="/login_check"
    authentication-failure-url="/login?error=true"
    default-target-url = "/welcome"
    authentication-success-handler-ref="myAuthenticationSuccessHandler"/>
```
用户通过身份验证后，就是用户访问系统的时间 . 使用当前日期和时间在用户表中通过DAO进行更新 . 简单的过程，你就完成了
回复于 2024-04-26T15:36:27+08:00

写你自己的 AuthenticationSuccessHandler 和 LogoutSuccessHandler .

示例：

spring-security.xml ：

<security:form-login login-page="/login"
    login-processing-url="/login_check"
    authentication-failure-url="/login?error=true"
    authentication-success-handler-ref="myAuthenticationSuccessHandler"
/>

<security:logout
    logout-url="/logout"
    success-handler-ref="myLogoutSuccessHandler"
/>

AuthenticationSuccessHandler

@Component
public class MyAuthenticationSuccessHandler extends SimpleUrlAuthenticationSuccessHandler {

    @Autowired
    private UserService userService;

    @Override
    public void onAuthenticationSuccess(HttpServletRequest request, HttpServletResponse response,
        Authentication authentication) throws IOException, ServletException {

        // changeLastLoginTime(username)
        userService.changeLastLoginTime(authentication.getName());

        setDefaultTargetUrl("/home");
        super.onAuthenticationSuccess(request, response, authentication);
    }
}

LogoutSuccessHandler

@Component
public class MyLogoutSuccessHandler extends SimpleUrlLogoutSuccessHandler {

    @Override
    public void onLogoutSuccess(HttpServletRequest request, HttpServletResponse response,
            Authentication authentication) throws IOException, ServletException {

        if (authentication != null) {
            // do something 
        }

        setDefaultTargetUrl("/login");
        super.onLogoutSuccess(request, response, authentication);       
    }
}

回复于 2024-04-26T15:36:27+08:00

如何在spring-security，spring mvc中调用target-url之前重定向到登录/注销时的方法

2 回答

相关问题