我想得到您对以下内容的宝贵反馈。我被困在处理 Spring-Security 中。我知道当我通过 form-login 登录时,会触发 login-processing-url 并将页面重定向到 Spring Security 登录。
但是,当我没有登录到我的应用程序但尝试通过 REST 访问任何 API URL 时,是否可以强制转换自定义 JSON 消息。您的帮助将不胜感激。!
我使用 ExtJS 进行 UI 登录和 Spring 作为 RESTful 服务
想集成这两个视图(Spring 登录视图和我的自定义 ExtJS 登录视图)
<security:http authentication-manager-ref="authenticationManager" use-expressions='true' >
<security:form-login login-processing-url="/login" always-use-default-target="true"
default-target-url="/user/authen" username-parameter="uid" password-parameter="password"
authentication-failure-handler-ref="authenticationFailureHandler" />
<security:intercept-url pattern="/login" access="permitAll" />
<security:intercept-url pattern="/**" access="isAuthenticated()" />
<security:intercept-url pattern="/denied" access="permitAll" />
<security:access-denied-handler error-page="/login/accessDenied"/>
<security:logout logout-url="/logout" invalidate-session="true" />
<security:http-basic/>
</security:http>
<bean id="authenticationFailureHandler"
class="org.springframework.security.web.authentication.ExceptionMappingAuthenticationFailureHandler">
<property name="exceptionMappings">
<props>
<prop key="org.springframework.security.authentication.BadCredentialsException">/login/badCredentials</prop>
<prop key="org.springframework.security.authentication.CredentialsExpiredException">/login/credentialsExpired</prop>
<prop key="org.springframework.security.authentication.LockedException">/login/accountLocked</prop>
<prop key="org.springframework.security.authentication.DisabledException">/login/accountDisabled</prop>
<prop key="org.springframework.security.authentication.AccessDeniedException">/login/accessDenied</prop>
</props>
</property>
</bean>
- RR维涅什瓦兰