ajax 로그인
This commit is contained in:
@@ -25,15 +25,18 @@ public class PortalConfigSecurity {
|
||||
private final PortalAuthenticationFailureHandler authenticationFailureHandler;
|
||||
|
||||
private final PortalAuthenticationSuccessHandler authenticationSuccessHandler;
|
||||
private final AjaxAuthenticationSuccessHandler ajaxAuthenticationSuccessHandler;
|
||||
private final AjaxAuthenticationFailureHandler ajaxAuthenticationFailureHandler;
|
||||
|
||||
private final PortalAuthenticationManager portalAuthenticationManager;
|
||||
|
||||
private final CsrfExclusionService csrfExclusionService;
|
||||
|
||||
public PortalConfigSecurity(PortalAuthenticationFailureHandler authenticationFailureHandler, PortalAuthenticationSuccessHandler authenticationSuccessHandler, PortalAuthenticationManager portalAuthenticationManager,
|
||||
CsrfExclusionService csrfExclusionService) {
|
||||
public PortalConfigSecurity(PortalAuthenticationFailureHandler authenticationFailureHandler, PortalAuthenticationSuccessHandler authenticationSuccessHandler, AjaxAuthenticationSuccessHandler ajaxAuthenticationSuccessHandler,
|
||||
AjaxAuthenticationFailureHandler ajaxAuthenticationFailureHandler, PortalAuthenticationManager portalAuthenticationManager, CsrfExclusionService csrfExclusionService) {
|
||||
this.authenticationFailureHandler = authenticationFailureHandler;
|
||||
this.authenticationSuccessHandler = authenticationSuccessHandler;
|
||||
this.ajaxAuthenticationSuccessHandler = ajaxAuthenticationSuccessHandler;
|
||||
this.ajaxAuthenticationFailureHandler = ajaxAuthenticationFailureHandler;
|
||||
this.portalAuthenticationManager = portalAuthenticationManager;
|
||||
this.csrfExclusionService = csrfExclusionService;
|
||||
}
|
||||
@@ -79,16 +82,29 @@ public class PortalConfigSecurity {
|
||||
.usernameParameter("id")
|
||||
.passwordParameter("password")
|
||||
.loginProcessingUrl("/actionLogin.do")
|
||||
.failureHandler(authenticationFailureHandler)
|
||||
.successHandler(authenticationSuccessHandler))
|
||||
.failureHandler((request, response, exception) -> {
|
||||
if ("XMLHttpRequest".equals(request.getHeader("X-Requested-With"))) {
|
||||
ajaxAuthenticationFailureHandler.onAuthenticationFailure(request, response, exception);
|
||||
} else {
|
||||
authenticationFailureHandler.onAuthenticationFailure(request, response, exception);
|
||||
}
|
||||
})
|
||||
.successHandler((request, response, authentication) -> {
|
||||
if ("XMLHttpRequest".equals(request.getHeader("X-Requested-With"))) {
|
||||
ajaxAuthenticationSuccessHandler.onAuthenticationSuccess(request, response, authentication);
|
||||
} else {
|
||||
authenticationSuccessHandler.onAuthenticationSuccess(request, response, authentication);
|
||||
}
|
||||
}))
|
||||
.logout(logout -> logout
|
||||
.logoutRequestMatcher(new AntPathRequestMatcher("/actionLogout.do", "GET"))
|
||||
.logoutSuccessUrl("/"))
|
||||
.csrf(csrf -> csrf
|
||||
.csrfTokenRepository(csrfTokenRepository(csrfExclusionService))
|
||||
.ignoringRequestMatchers(request -> csrfExclusionService.shouldExclude(request.getServletPath()))
|
||||
.ignoringAntMatchers("/h2-console/**")
|
||||
).headers(headers -> headers.frameOptions().sameOrigin())
|
||||
.csrfTokenRepository(csrfTokenRepository(csrfExclusionService))
|
||||
.ignoringRequestMatchers(request -> csrfExclusionService.shouldExclude(request.getServletPath()))
|
||||
.ignoringAntMatchers("/h2-console/**")
|
||||
)
|
||||
.headers(headers -> headers.frameOptions().sameOrigin())
|
||||
.sessionManagement(session -> session
|
||||
.sessionCreationPolicy(SessionCreationPolicy.IF_REQUIRED)
|
||||
.sessionFixation()
|
||||
|
||||
Reference in New Issue
Block a user