【发布时间】:2018-11-30 21:40:24
【问题描述】:
我在我的 spring mvc 应用程序中使用 spring security 4.2.3.RELEASE。我有登录成功处理程序来处理成功认证后的操作。
这是我的 LoginSuccessHandler.java
package com.application.security;
import java.io.IOException;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.log4j.Logger;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.PropertySource;
import org.springframework.core.env.Environment;
import org.springframework.security.core.Authentication;
import org.springframework.security.web.authentication.SavedRequestAwareAuthenticationSuccessHandler;
import com.application.util.CommonUtils;
@PropertySource(value = { "classpath:application.properties" })
public class LoginSuccessHandler extends SavedRequestAwareAuthenticationSuccessHandler {
private final static Logger logger = Logger.getLogger(LoginSuccessHandler.class);
@Autowired
Environment environment;
@Autowired
CommonUtils commonUtils;
@Override
public void onAuthenticationSuccess(
HttpServletRequest request,
HttpServletResponse response,
Authentication authentication) throws ServletException, IOException {
int sessionTimeOut = Integer.parseInt(environment.getRequiredProperty("server.session.timeout").toString().trim());
request.getSession().setMaxInactiveInterval(sessionTimeOut);
super.onAuthenticationSuccess(request, response, authentication);
CustomUser user = commonUtils.getLoggedInUserDetails();
if(user != null) {
if(!user.isPasswordReset()) {
response.sendRedirect("changePassword");
}
}
logger.info("Successfully LoggedIn......");
}
}一切正常,直到行response.sendRedirect("changePassword"); 执行。此行正在生成以下错误。
java.lang.IllegalStateException: 响应提交后无法调用 sendRedirect()
我知道应用调用super.onAuthenticationSuccess(request, response, authentication);时响应已经提交
我需要重写这个超类来解决这个问题吗?还是有其他想法?
【问题讨论】:
标签: java spring spring-mvc spring-security