发表新帖
发表新帖

Spring Security - need 403 error, not redirect

前端 未结
关注
4 1009
囚心锁ツ
囚心锁ツ 2020-12-24 11:13

I am using Spring Security 3.0.4. I have a bunch of web service which are protected by Spring Security. When I access them as an unauthenticated user, Spring Security redire

4条回答
  • 醉梦人生
    醉梦人生 (楼主)
    2020-12-24 11:56

    you need to

    • Create a RequestMatcher to determine which requests should get a 403 (AntPathRequestMatcher may suffice in your case).
    • Configure the HttpSessionRequestCache to check the matcher and not store those pages for post-login redirect.
    • Use a DelegatingAuthenticationEntryPoint to either 403 the request outright or redirect to login according to the matcher.

    See the example here:

    http://distigme.wordpress.com/2012/11/01/ajax-and-spring-security-form-based-login/

    0 讨论(0)
 看不清?
提交回复
热议问题