vendredi 20 février 2015

is Spring Security custom login method cancels redirec?

So basiclly redirect to /index.xhtml doesn't work after login. I can't figure out how to fix it but I think what is the problem with my code, if someone could help I'd be glad.


I have login() method, which in my opinion lacks something:



public String login() {
try {
Authentication request = new UsernamePasswordAuthenticationToken(this.getUsername(), this.getPassword());
Authentication result = authenticationManager.authenticate(request);
SecurityContextHolder.getContext().setAuthentication(result);
} catch (BadCredentialsException badCredentialsException) {
//handle exception
} catch (DisabledException disabledException) {
//handle exception
}
return "loggedin";
}


Also in my securityContext:



<sec:http auto-config="true" use-expressions="true" request-matcher="regex" create-session="always">
<access-denied-handler error-page="/?accessDenied=true"/>
<form-login login-page="/login.xhtml" default-target-url="/index.xhtml" always-use-default-target="true"/>
<logout invalidate-session="true" delete-cookies="true" logout-success-url="/"/>
</sec:http>


Am I right that redirect doesn't work is because I have custom login method that doesn't use the .xml settings? How can I fix that?


Aucun commentaire:

Enregistrer un commentaire