Welcome to OGeek Q&A Community for programmer and developer-Open, Learning and Share
Welcome To Ask or Share your Answers For Others

Categories

0 votes
288 views
in Technique[技术] by (71.8m points)

java - Spring authenticationEntryPoint wont show default Spring Session Defaul Forms (404 error)

I have a Spting boot app 2.4.2. I seted up java secuity login form with no problems.

Now I want to my AJAX request to get an error instead of a redirection if the session is lost.

I added a authenticationEntryPoint to the WebSecurityConfigurerAdapter and seems to work as expected. The problem is that i no longer can get the default login and logout forms to display. I get a 404 error.

My secuirty config


@Configuration
@EnableWebSecurity
public class SecurityConfig extends WebSecurityConfigurerAdapter {
    
    @Autowired
    private MyLogoutSuccessHandler myLogoutSuccessHandler;
        
    protected void configure(final HttpSecurity http) throws Exception {
        
        http.authorizeRequests()
        .antMatchers("/login**").permitAll()
        .antMatchers("/api/**").permitAll()
        .antMatchers("/css/**").permitAll()
        .anyRequest().authenticated()
        
        .and().formLogin().defaultSuccessUrl("/checador")
        .and().logout().logoutSuccessHandler(myLogoutSuccessHandler)
        .and() 
            .exceptionHandling().
             authenticationEntryPoint(new AjaxAwareAuthenticationEntryPoint("/login"))
        ;
        
           
           
    }

This is my LoginUrlAuthenticationEntryPoint class

@Slf4j
public class AjaxAwareAuthenticationEntryPoint extends LoginUrlAuthenticationEntryPoint     
{
  
    public AjaxAwareAuthenticationEntryPoint(String loginFormUrl) {
        super(loginFormUrl);
    }

    
    public void commence(
        HttpServletRequest request,
        HttpServletResponse response,
        AuthenticationException authException)
        throws IOException, ServletException {
        String ajaxHeader = ((HttpServletRequest) request).getHeader("X-Requested-With");
        boolean isAjax = "XMLHttpRequest".equals(ajaxHeader);
        if (isAjax) {           
            response.sendError(HttpServletResponse.SC_FORBIDDEN, "Ajax REquest Denied (Session Expired)");
        } else {
            super.commence(request, response, authException);
       }
    }
}

With this i get a "There was an unexpected error (type=Not Found, status=404)." If i comment authenticationEntryPoint i will see my default java security session login form.

How can in enable it?

Thanks

question from:https://stackoverflow.com/questions/66052074/spring-authenticationentrypoint-wont-show-default-spring-session-defaul-forms-4

与恶龙缠斗过久,自身亦成为恶龙;凝视深渊过久,深渊将回以凝视…
Welcome To Ask or Share your Answers For Others

1 Reply

0 votes
by (71.8m points)
Waitting for answers

与恶龙缠斗过久,自身亦成为恶龙;凝视深渊过久,深渊将回以凝视…
OGeek|极客中国-欢迎来到极客的世界,一个免费开放的程序员编程交流平台!开放,进步,分享!让技术改变生活,让极客改变未来! Welcome to OGeek Q&A Community for programmer and developer-Open, Learning and Share
Click Here to Ask a Question

...