1. 首页
  2. 问答
  3. Spring Security:基于JSF中的角色重定向到特定页面

Spring Security:基于JSF中的角色重定向到特定页面

2013-05-02 33 views
1

我使用JSF和Spring Security。我使用自定义登录页面。我有两个角色:管理员和用户。 我的问题是如何重定向到不同的页面为不同的角色。例如,如果用户是管理员,他将被重定向到“dashboard_Admin.jsf”,如果他是简单的用户,他将被重定向到“dashboard_user.jsf”。Spring Security:基于JSF中的角色重定向到特定页面

这是我的春天安全文件:

<beans xmlns="http://www.springframework.org/schema/beans" 
xmlns:security="http://www.springframework.org/schema/security" 
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" 
xsi:schemaLocation="http://www.springframework.org/schema/beans 
       http://www.springframework.org/schema/beans/spring-beans-3.0.xsd 
       http://www.springframework.org/schema/security 
       http://www.springframework.org/schema/security/spring-security-3.1.xsd"> 



<security:http auto-config="true" use-expressions="true"> 
    <security:intercept-url pattern="/pages/**" 
     access="hasRole('ROLE_ADMIN')" /> 
    <security:form-login login-page="/login.jsf" 
     authentication-failure-url="/login.jsf?error=true" 
     default-target-url="/pages/admin/dashboard_Admin.jsf" /> 
    <security:logout logout-success-url="/login.jsf" 
     delete-cookies="JSESSIONID" invalidate-session="true" /> 
    <security:session-management 
     invalid-session-url="/login.jsf"> 
     <security:concurrency-control 
      max-sessions="1" error-if-maximum-exceeded="true" /> 
    </security:session-management> 
</security:http> 


<security:authentication-manager alias="authenticationManager"> 
    <security:authentication-provider> 
     <security:user-service> 
      <security:user name="test" password="test" 
       authorities="ROLE_USER" /> 
      <security:user name="sam" password="sam" authorities="ROLE_ADMIN" /> 
     </security:user-service> 
    </security:authentication-provider> 
</security:authentication-manager>

这是我doLogin方法:

public String doLogin() throws ServletException, IOException { 

    ExternalContext context = FacesContext.getCurrentInstance().getExternalContext(); 

    RequestDispatcher dispatcher = ((ServletRequest) context.getRequest()) 
      .getRequestDispatcher("/j_spring_security_check?j_username=" + username 
          + "&j_password=" + password); 

    dispatcher.forward((ServletRequest) context.getRequest(), 
      (ServletResponse) context.getResponse()); 

    FacesContext.getCurrentInstance().responseComplete(); 

    return null; 
}

来源

2013-05-02 Andromida

+0

您可以通过执行自己的AuthenticationSuccessHandler来控制身份验证后的导航。查看这篇文章的更多信息http://stackoverflow.com/questions/11486222/can-i-use-one-login-page-to-redirect-different-page-with-spring-3-0-security/11488598# 11488598 – Ravi 2013-05-02 16:45:47

回答

0

我发现一个很简单的解决方案,而无需使用Spring Security的,并且它的工作原理很好。 谢谢Ravi

来源

2013-05-03 16:53:53 Andromida

+0

3ak3ek !!!!给我看看 :) – FERESSS 2013-05-04 17:02:28

相关问题

 相关问题