问题
I have an issue with the Session Timeout. In my grails application an user logs in after a session timeout, but then gets to the last edited page. I want to prevent that and send them to a specific URL. How can I achieve this, I cant find something in the spring security documentation.
Greetings.
回答1:
Per the docs, it looks like you might be able to use a combination of:
successHandler.defaultTargetUrl="/whatever/url/you/want"
successHandler.alwaysUseDefault=true
回答2:
By default spring security will forward the original request after successful login. You can prevent that by adding the following to Config.groovy:
grails.plugins.springsecurity.successHandler.alwaysUseDefault = true
grails.plugins.springsecurity.successHandler.alwaysUseDefaultTargetUrl = true
grails.plugins.springsecurity.successHandler.defaultTargetUrl = '/my/default/url'
The two properties sound like they should do the same, but in my case it only works when I have them both. Perhaps you can remove one of them and get it to work...
This will alter the behavior any time you log in, not just after a timeout. If you need a more dynamic solution, I guess you have to dig into the spring security source code...
来源:https://stackoverflow.com/questions/14282979/grails-spring-security-redirect-after-session-timeout