SpringBoot Security权限控制自定义failureHandler实例
作者:EdurtIO 时间:2022-12-03 08:46:58
创建hander文件夹
在 java 源码目录下创建hander文件夹, 在该文件夹下创建CustomAuthenticationFailHander类文件
/**
* Licensed to the Apache Software Foundation (ASF) under one
* or more contributor license agreements. See the NOTICE file
* distributed with this work for additional information
* regarding copyright ownership. The ASF licenses this file
* to you under the Apache License, Version 2.0 (the
* "License"); you may not use this file except in compliance
* with the License. You may obtain a copy of the License at
* <p>
* http://www.apache.org/licenses/LICENSE-2.0
* <p>
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package com.edurt.hander;
import org.springframework.security.core.AuthenticationException;
import org.springframework.security.web.WebAttributes;
import org.springframework.security.web.authentication.SimpleUrlAuthenticationFailureHandler;
import org.springframework.stereotype.Component;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;
/**
* CustomAuthenticationFailHander <br/>
* 描述 : CustomAuthenticationFailHander <br/>
* 作者 : qianmoQ <br/>
* 版本 : 1.0 <br/>
* 创建时间 : 2018-03-20 下午4:08 <br/>
*/
@Component(value = "customAuthenticationFailHander")
public class CustomAuthenticationFailHander extends SimpleUrlAuthenticationFailureHandler {
@Override
public void onAuthenticationFailure(HttpServletRequest request, HttpServletResponse response, AuthenticationException exception) throws IOException, ServletException {
System.out.println("登录失败!!!");
this.returnJson(response, exception);
}
/**
* 直接返回需要返回的 json 数据
*/
private void returnJson(HttpServletResponse response,
AuthenticationException exception) throws IOException {
response.setCharacterEncoding("UTF-8");
response.setContentType("application/json");
response.getWriter().println("{\"ok\":0,\"msg\":\"" + exception.getLocalizedMessage() + "\"}");
}
/**
* 直接返会错误页面
*/
private void returnErrorPage(HttpServletRequest request, HttpServletResponse response,
AuthenticationException exception) throws IOException, ServletException {
String strUrl = request.getContextPath() + "/loginErrorPath";
request.getSession().setAttribute("status", 0);
request.getSession().setAttribute("message", exception.getLocalizedMessage());
request.getSession().setAttribute(WebAttributes.AUTHENTICATION_EXCEPTION, exception);
// 使用该方法会出现错误
// request.getRequestDispatcher(strUrl).forward(request, response);
response.sendRedirect(strUrl);
}
}
修改WebSecurityConfig配置
修改WebSecurityConfig配置文件支持自定义Handler
@Autowired
private CustomAuthenticationFailHander customAuthenticationFailHander;
@Override
protected void configure(HttpSecurity http) throws Exception {
http.csrf().disable()
// 允许直接访问/路径
.authorizeRequests().antMatchers("/").permitAll()
// 使其支持跨域
.requestMatchers(CorsUtils::isPreFlightRequest).permitAll()
// 其他路径需要授权访问
.anyRequest().authenticated()
// 指定登录页面
.and().formLogin().loginPage("/user/login")
// 指定登录失败跳转地址, 使用自定义错误信息
.failureHandler(customAuthenticationFailHander)
// 登录成功后的默认路径
.defaultSuccessUrl("/").permitAll()
// 退出登录后的默认路径
.and().logout().logoutSuccessUrl("/user/login").permitAll();
}
来源:https://juejin.cn/post/7164934051236118559
标签:SpringBoot,Security,failureHandler
![](/images/zang.png)
![](/images/jiucuo.png)
猜你喜欢
Jenkins安装以及邮件配置详解
2023-04-20 12:42:39
![](https://img.aspxhome.com/file/2023/1/63701_0s.png)
深入分析JAVA流程控制语句
2023-11-20 10:48:32
Java语言之LinkedList和链表的实现方法
2023-12-19 20:18:59
![](https://img.aspxhome.com/file/2023/0/83420_0s.png)
详解Unity安卓共享纹理
2022-07-10 08:18:21
![](https://img.aspxhome.com/file/2023/1/111161_0s.png)
Android解析json数组对象的方法及Apply和数组的三个技巧
2023-04-11 11:52:56
Java CompletableFuture实现多线程异步编排
2023-07-22 22:57:02
![](https://img.aspxhome.com/file/2023/0/57710_0s.jpg)
Java IO流和文件操作实现过程解析
2022-03-10 02:08:13
SpringBoot工程打包与运行的实现详解
2023-11-10 23:51:28
![](https://img.aspxhome.com/file/2023/7/59367_0s.png)
maven实现jar包导入+导出方式
2023-12-13 03:32:22
![](https://img.aspxhome.com/file/2023/2/67142_0s.png)
IDEA安装后找不到.vmoptions文件的问题及解决
2023-10-05 22:43:44
![](https://img.aspxhome.com/file/2023/5/58475_0s.png)
深入分析Android系统中SparseArray的源码
2022-09-16 13:54:42
java 三种将list转换为map的方法详解
2023-09-13 03:35:39
flutter BottomAppBar实现不规则底部导航栏
2023-06-19 23:40:19
![](https://img.aspxhome.com/file/2023/6/130446_0s.gif)
解决IDEA service层跳转实现类的快捷图标消失问题
2022-09-03 06:38:00
![](https://img.aspxhome.com/file/2023/2/80212_0s.jpg)
Mybatis实现SQL存储流程详解
2022-09-11 05:17:05
java如何实现自动生成数据库设计文档
2023-08-07 19:01:28
![](https://img.aspxhome.com/file/2023/3/61323_0s.jpg)
java实现http的Post、Get、代理访问请求
2021-10-30 08:13:47
Java 定时任务技术趋势详情
2021-10-29 14:48:13
![](https://img.aspxhome.com/file/2023/0/96070_0s.webp)
Kotlin Flow常见场景下的使用实例
2023-01-30 10:46:25
![](https://img.aspxhome.com/file/2023/5/116035_0s.jpg)
C# 中的动态创建组件(属性及事件)的实现思路及方法
2021-07-20 04:58:31