Redirect to login page with some extra parameters

2019-08-09 01:20发布

站内问答 / SpringBoot
553 2 5

I'm using Spring Boot with Spring Security, and I would like to redirect to the login with a custom parameter in the URL different then login?error or login?logout.

Currently when I do the redirect the login url get strip from parameters different to "error" or "logout" pageI have authentication through AD that any authorized user can login.

For example in my controller I have something like:

   return "redirect:/login?invalid-token";

And I would like to do in the login page something likehe view

   <div th:if="${param.invalid-token}" class="alert alert-danger" role="alert">Invalid token message.</div>

Thanks in advance...

2条回答
Melony?
2楼-- · 2019-08-09 01:56

I'm still not fully understanding your problem, but I am taking a pretty good guess.

Likely your problem is that you are redirecting to /login?invalid-token and Spring Security is not allowing anonymous access to that page. To fix it, use the following:

http
    .authorizeRequests()
        .antMatchers("/login").permitAll()
        ...

Note that formLogin().permitAll() is very restrictive. It only allows access to the login page and the login error page that Spring Security knows about. The above makes it more permissive.

查看更多
0人赞 添加讨论(0) 举报
戒情不戒烟
3楼-- · 2019-08-09 02:15

You can set it as a part of your model, in your controller:

if(invalid-token != null){
    model.addattribute("invalid-token", invalid-token);
}

return "view";

And then you can do the JSTL like this:

<c:if test=${!empty invalid-token}>
    <div class="alert alert-danger" role="alert">${!empty invalid-token}</div>
</c:if>

EDIT:

You don't actually have to do the check. You can just add the div like this:

<div class="alert alert-danger" role="alert">${invalid-token}</div>

It will only show if you have assigned the invalid-token on your model (depending on your styling)

查看更多
0人赞 添加讨论(0) 举报
登录 后发表回答
相关问题
查看全部
相关文章
查看全部
收藏的人(5)