【发布时间】:2011-04-04 12:41:39
【问题描述】:
在使用 x509 时有没有办法设置默认目标?例如,如果我使用常规形式的身份验证,我会得到类似:
<security:form-login login-page="/login" always-use-default-target="true" authentication-failure-url="/login?error=1" default-target-url="/summarylogin"/>
以下是我的配置设置:
<security:http auto-config="true" use-expressions="true" entry-point ref="forbiddenAuthEntryPoint">
<security:x509 subject-principal-regex="CN=(.*?)," user-service-ref="dashboardUserDetailsService" />
<security:intercept-url pattern="/static/**" filters="none"/>
<security:intercept-url pattern="/**" access="hasAnyRole('ADMIN', 'USER')" />
<security:session-management invalid-session-url="/login" />
<security:session-management>
<security:concurrency-control max-sessions="5" error-if-maximum-exceeded="true" />
</security:session-management>
</security:http>
<security:authentication-manager>
<security:authentication-provider user-service-ref="dashboardUserDetailsService">
</security:authentication-provider>
</security:authentication-manager>
【问题讨论】:
-
不确定你在问什么 - 如果设置了 X509Auth,那么它将是默认设置。也许澄清这个问题。
标签: java spring spring-security x509certificate x509