Etusivu Tutki Apua
Rekisteröidy Kirjaudu sisään
github
/
spring-security-samples
peilaus alkaen https://github.com/spring-projects/spring-security-samples
2
0
Fork 0
Tiedostot Ongelmat 0 Wiki
Selaa lähdekoodia

make favicon public

Even though the resource doesn't exist, chrome (and probably other browsers) will request the favicon after requesting the "second-factor" page.  Requests for the favicon prevented proceeding past the second-factor page and never hitting the POST to "second-factor".  Instead, the sample prompts for the username, again.

Exposing favicon (even though it doesn't exist) resolves the issue.
cammorris 3 vuotta sitten
vanhempi
f97ff6113d
commit
2780f5cb45
1 muutettua tiedostoa jossa 1 lisäystä ja 0 poistoa
Jaettu näkymä Näytä diff tilastot
  1. 1 0
      servlet/spring-boot/java/authentication/username-password/mfa/src/main/java/example/SecurityConfig.java

+ 1 - 0
servlet/spring-boot/java/authentication/username-password/mfa/src/main/java/example/SecurityConfig.java
Näytä tiedosto 

@@ -47,6 +47,7 @@ public class SecurityConfig {
 
 		// @formatter:off
 
 		http
 
 			.authorizeHttpRequests((authorize) -> authorize
 
+				.antMatchers("/favicon.ico").permitAll()
 
 				.mvcMatchers("/second-factor", "/third-factor").access(mfaAuthorizationManager)
 
 				.anyRequest().authenticated()
 
 			)