In spring security we can define our own handler to help us perform some functions, such as putting user information into session after successful login, changing the direction of execution flow, etc. Here are two Handler:authenticationsuccesshandler (login successful processors), Accessdeniedhandler (Deny access to the processor), and then customize these two processors respectively.
public class Loginsuccesshandler implements Authenticationsuccesshandler {
public void Onauthenticationsuccess (HttpServletRequest req,
HttpServletResponse resp, authentication auth) throws IOException,
servletexception {
HttpSession session=req.getsession ();
Myuserdetails is a custom implementation Userdetails class
Myuserdetials user= (myuserdetials) Auth.getprincipal ();
Session.setattribute ("User", User.getu ());
Resp.sendredirect ("Home");
}
}
public class Myaccessdeniedhandler implements Accessdeniedhandler {
public void handle (HttpServletRequest req, HttpServletResponse resp,
Accessdeniedexception arg2) throws IOException, Servletexception {
String Uri=req.getrequesturi ();
Meet Requirements Change Workflow
if (Uri.equals ("/shop/publish.jsp"))
{
Resp.sendredirect ("applicant.jsp");
}
}
}
Of course, don't forget that you also need to configure it in the configuration file:
<access-denied-handler ref= "Myaccessdeniedhandler"/>
<form-login login-page= "/login.jsp"
Authentication-failure-url= "/403.jsp"
Login-processing-url= "/j_login"
Default-target-url= "/Home"
Always-use-default-target= "true" authentication-success-handler-ref= "Loginsuccesshanlder"
/>
<beans:bean id= "Loginsuccesshanlder" class= "Com.duangshopping.handler.LoginSuccessHandler" >
<beans:bean id= "Myaccessdeniedhandler" class= "Com.duangshopping.handler.MyAccessDeniedHandler"/>
</beans:bean>
Copyright NOTICE: This article for Bo Master original article, without Bo Master permission not reproduced.
Spring Security Processor