Spring Security RememberMe success handler or url filtering

你。 提交于 2019-12-23 02:03:03

问题


I am using Spring Security with a login page and a remember-me filter. The remember-me filtering can happen on any page of the application.

But I want the same behaviour both when the user is authenticated from login page and from the cookie:

  • I want to set some user information in session
  • I want to redirect the user to the home page (always-use-default-target="true")

I have seen that the success-handler for the remember-me tag is supported by Spring Security since the 3.1.0 (https://jira.springsource.org/browse/SEC-1603).

Another solution for me would be to restrict the URL for the remember-me filter, like the intercept-url. I would allow the remember-me filtering only on the default or home page URL.

Is there a standard way to restrict the URL for the remember-me filter or to redirect the user after cookie authentication before the version 3.1.0?


回答1:


Sure - subclass RememberMeAuthenticationFilter and override doFilter(). If the request is for the home page call super.doFilter(), otherwise call chain.doFilter().



来源:https://stackoverflow.com/questions/7387436/spring-security-rememberme-success-handler-or-url-filtering

易学教程内所有资源均来自网络或用户发布的内容,如有违反法律规定的内容欢迎反馈
该文章没有解决你所遇到的问题?点击提问,说说你的问题,让更多的人一起探讨吧!