Is there a way to set a default-target when using x509? For example if I was using regular form auth I would have something like:
<security:form-login login-page="/login" always-use-default-target="true" authentication-failure-url="/login?error=1" default-target-url="/summarylogin"/>
Below are my config settings:
<security:http auto-config="true" use-expressions="true" entry-point ref="forbiddenAuthEntryPoint">
<security:x509 subject-principal-regex="CN=(.*?)," user-service-ref="dashboardUserDetailsService" />
<security:intercept-url pattern="/static/**" filters="none"/>
<security:intercept-url pattern="/**" access="hasAnyRole('ADMIN', 'USER')" />
<security:session-management invalid-session-url="/login" />
<security:session-man开发者_如何学JAVAagement>
<security:concurrency-control max-sessions="5" error-if-maximum-exceeded="true" />
</security:session-management>
</security:http>
<security:authentication-manager>
<security:authentication-provider user-service-ref="dashboardUserDetailsService">
</security:authentication-provider>
</security:authentication-manager>
With form-auth you have Login page which user accesses before authentication. So you specify default-target - where to send user after successful auth.
But with client X.509 certificate authentication you have no login page. User types some url in his browser, container checks his certificate and on success allows user to access url he typed.
If you want to show something like "greetings" page, that should be always displayed on login, you can write servlet filter which will check some flag in session, and redirect user to "greetings" page if flag is not set.
精彩评论