package com.imooc.security.browser; import com.imooc.security.browser.support.SimpleResponse; import com.imooc.security.core.properties.SecurityProperties; import org.slf4j.Logger; import org.slf4j.LoggerFactory; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.security.web.DefaultRedirectStrategy; import org.springframework.security.web.RedirectStrategy; import org.springframework.security.web.savedrequest.HttpSessionRequestCache; import org.springframework.security.web.savedrequest.RequestCache; import org.springframework.security.web.savedrequest.SavedRequest; import org.springframework.util.StringUtils; import org.springframework.web.bind.annotation.RequestMapping; import org.springframework.web.bind.annotation.RestController; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import java.io.IOException; @RestController public class BrowserSecurityController { private Logger logger = LoggerFactory.getLogger(getClass()); private RequestCache requestCache = new HttpSessionRequestCache(); private RedirectStrategy redirectStrategy = new DefaultRedirectStrategy(); @Autowired private SecurityProperties properties; /** * 当需要身份认证时跳转到这个controller * * @param request * @param response * @return */ @RequestMapping("/authentication/require") public SimpleResponse requireAuthentication(HttpServletRequest request, HttpServletResponse response) throws IOException { SavedRequest savedRequest = requestCache.getRequest(request, response); if (savedRequest != null) { String targetUrl = savedRequest.getRedirectUrl(); logger.info("引发跳转的请求是:"+targetUrl); if(StringUtils.endsWithIgnoreCase(targetUrl,".html")){ redirectStrategy.sendRedirect(request,response,properties.getBrowser().getLoginPage()); } } return new SimpleResponse("访问的服务器需要身份认证,请引导用户到登录页面"); } }