Spring Security(Third Edition)
上QQ阅读APP看书,第一时间看更新
上一章目录下一章

The page isn't redirecting properly

If you have not already, restart the application and visit http://localhost:8080 in Firefox; you will see an error, as shown in the following screenshot:

What went wrong? The problem is, since Spring Security is no longer rendering the login page, we must allow everyone (not just the USER role) to access the Login page. Without granting access to the Login page, the following happens:

  1. We request the Welcome page in the browser.
  2. Spring Security sees that the Welcome page requires the USER role and that we are not authenticated, so it redirects the browser to the Login page.
  1. The browser requests the Login page.
  2. Spring Security sees that the Login page requires the USER role and that we are still not authenticated, so it redirects the browser to the Login page again.
  3. The browser requests the Login page again.
  4. Spring Security sees that the Login page requires the USER role, as shown in the following diagram:

The process could just keep repeating indefinitely. Fortunately for us, Firefox realizes that there are too many redirects occurring, stops performing the redirect, and displays a very informative error message. In the next section, we will learn how to fix this error by configuring URLs differently, depending on the access that they require.

上一章目录下一章