使用Spring Security和oauth时
我有问题,当我成功登录时,它重定向到“ / login”,但我从未设置,如何在登录之前将其重定向到页面?
以下为详细信息:
auth-center:
spring:
application:
name: auth-server
server:
port: 6001
servlet:
context-path: /uaa
登录页面网址:/ login
以下是配置
@Override
protected void configure(HttpSecurity http) throws Exception {
http.antMatcher("/**")
.authorizeRequests()
.antMatchers("/login", "/oauth/authorize**")
.permitAll()
.anyRequest()
.authenticated()
.and()
.formLogin()
.loginPage("/login")
.failureUrl("/login?error=true")
.permitAll()
.and()
.logout()
.invalidateHttpSession(true)
.clearAuthentication(true)
.logoutUrl("/logout")
.and()
.exceptionHandling()
.accessDeniedPage("/403");
http.cors().and().csrf().disable();
http.sessionManagement().invalidSessionUrl("/login");
http.sessionManagement().maximumSessions(1).maxSessionsPreventsLogin(true);
}
客户:
server:
port: 4000
security:
oauth2:
client:
clientId: community
clientSecret: 123456
accessTokenUri: http://localhost:6001/uaa/oauth/token
userAuthorizationUri: http://localhost:6001/uaa/oauth/authorize
resource:
userInfoUri: http://localhost:6001/uaa/oauth/user/me
以下是安全性配置
@Override
public void configure(HttpSecurity http) throws Exception {
http.authorizeRequests()
.anyRequest()
.authenticated()
.and()
.logout()
.invalidateHttpSession(true)
.clearAuthentication(true)
.logoutSuccessUrl("http://localhost:6001/uaa/auth/logout")
.and()
.exceptionHandling()
.accessDeniedHandler(deniedHandler);
http.csrf().disable();
http.httpBasic().disable();
}
当我成功登录时,它将重定向到
http://localhost:6001/uaa/oauth/authorize?client_id=community&redirect_uri=http://127.0.0.1:4000/login&response_type=code&state=jy2gLx
但是4000是客户端端口。
我找到了答案,客户端的application.yml中有些错误
resource:
userInfoUri: http://localhost:6001/uaa/oauth/user/me
网址错误
resource:
userInfoUri: http://localhost:6001/uaa/user/me
我更正并且可以正常工作