在配置主类添加代码
- @Override
- protected void configure(HttpSecurity http) throws Exception {
- http.authorizeRequests()
- .antMatchers(new String[]{"/js/**","/CSS/**","/picture/**","/images/**","/fonts/**","/**/favicon.ico"}).permitAll()
- .antMatchers("/home/*").permitAll()
- .anyRequest().authenticated()
- // .antMatchers(StaticParams.PATHREGX.NOAUTH,StaticParams.PATHREGX.CSS,StaticParams.PATHREGX.JS,StaticParams.PATHREGX.IMG).permitAll()// 无需访问权限
- //.antMatchers(StaticParams.PATHREGX.AUTHADMIN).hasAuthority(StaticParams.USERROLE.ROLE_ADMIN)//admin 角色访问权限
- //.antMatchers(StaticParams.PATHREGX.AUTHUSER).hasAuthority(StaticParams.USERROLE.ROLE_USER)//user 角色访问权限 StaticParams 自定义枚举
- .and()
- .formLogin().successHandler(zhu()) // 配置过滤器
- .loginPage("/login")
- .failureUrl("/login?error")
- //.defaultSuccessUrl("/equipment/getIndex", true)
- .permitAll()
- .and()
- .logout()
- .invalidateHttpSession(true) // 是否清除 Http session 中的内容
- .permitAll().and()
- .csrf() // 关闭 csrf 验证
- .disable();
- }
- @Bean
- public MyAuthenticationSuccessHandler zhu() {
- return new MyAuthenticationSuccessHandler(); // 自写的 security 过滤器
- }
- View Code
新建 MyAuthenticationSuccessHandler 实现 AuthenticationSuccessHandler 接口
- /**
- *
- * security 跳转过滤器
- * @author 苏俊源
- *
- */
- @Component // 定义 filter 类
- public class MyAuthenticationSuccessHandler implements AuthenticationSuccessHandler {
- @Override
- public void onAuthenticationSuccess(HttpServletRequest request, HttpServletResponse response, Authentication arg2)
- throws IOException, ServletException {
- // TODO Auto-generated method stub
- String f = request.getParameter("f"); //login 前端页面表单中添加 name 为 f 的隐藏字段
- if (StringUtils.isNotEmpty(f)) {
- if(f.equals("su")){
- //response.setCharacterEncoding("UTF-8");
- //response.getWriter().write("登录成功 123");
- response.sendRedirect("/");
- }
- }else{
- request.getRequestDispatcher("/").forward(request, response);
- }
- }
来源: http://www.bubuko.com/infodetail-2504344.html