我有一个典型的Spring MVC在Tomcat上运行.切换系统以在HTTPS上运行(一切正常在HTTP下运行正常)后,登录停止工作.其原因是,Spring的SecurityContextHolder.getContext().getAuthentication()对象变成null后RedirectView使用.
我已经搜索的答案,我发现的唯一一个提议设置属性redirectHttp10Compatible,以false在viewResolverbean的设置.这没有用.
我还检查了整个重定向,我的会话ID保持不变,连接仍然是安全的,即http和https之间的变化(反之亦然)不是问题(至少就我所知).
可能是什么问题呢?
<beans:beans xmlns="http://www.springframework.org/schema/security" xmlns:beans="http://www.springframework.org/schema/beans" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://www.springframework.org/schema/beans
http://www.springframework.org/schema/beans/spring-beans-3.1.xsd
http://www.springframework.org/schema/security
http://www.springframework.org/schema/security/spring-security-3.1.xsd">
<http auto-config="true">
<intercept-url pattern="/**" requires-channel="https" />
<intercept-url pattern="/index*" access="ROLE_USER"/>
<intercept-url pattern="/dashboard*" access="ROLE_USER" requires-channel="https"/>
<intercept-url pattern="/login*" access="ROLE_GUEST, ROLE_ANONYMOUS, ROLE_USER"/>
<intercept-url pattern="/signin*" access="ROLE_GUEST, ROLE_ANONYMOUS, ROLE_USER"/>
<intercept-url pattern="/signup*" access="ROLE_GUEST, ROLE_ANONYMOUS, ROLE_USER"/>
<form-login login-page="/home"
default-target-url="/home"
authentication-failure-url="/home?authentication_error=true"
authentication-success-handler-ref="redefineTargetURL"
/>
<anonymous username="guest" granted-authority="ROLE_GUEST" key="anonymousKey"/>
<logout invalidate-session="true" logout-success-url="/logout?message=Logout Successful" />
</http>
<authentication-manager alias="authenticationManager">
<authentication-provider user-service-ref="userDetailsService" />
</authentication-manager>
<beans:bean id="redefineTargetURL" class="com.groupskeed.common.RedefineTargetURL" />
<beans:bean …有没有人知道将FB应用程序列入白名单以启用某些功能的过程?我见过很少有人问同样的问题,但没有答案.是否有FB处理白名单应用程序的联系人?