我正在尝试使用spring boot security创建自己的自定义登录表单:
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-security</artifactId>
<version>1.1.9.RELEASE</version>
</dependency>
在前端,我创建了这个登录表单:
<br/>
<form action="j_spring_security_check" method="post" name="login" id="login">
<div class="input-group input-group-lg">
<span class="input-group-addon">@</span>
<input type="text" class="form-control" placeholder="Usuario" name="username">
</div>
<br/>
<div class="input-group input-group-lg">
<span class="input-group-addon">PWD</span>
<input type="password" class="form-control" placeholder="Clave" name="password">
</div>
<input type="hidden" name="${_csrf.parameterName}" value="${_csrf.token}" />
<br/>
<div>
<input type="submit" value="Acceder">
</div>
</form>
在后端:
@Configuration
@EnableWebMvcSecurity
public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
final static Logger logger = LoggerFactory.getLogger(WebSecurityConfig.class);
@Override
protected void configure(HttpSecurity http) throws Exception {
http
.csrf().disable()
.authorizeRequests().antMatchers("/", "/index.html", "/bootstrap/**", "/jquery/**").permitAll()
.anyRequest().authenticated().and().formLogin()
.loginPage("/login.html").passwordParameter("password").usernameParameter("username")
.permitAll()
.and().logout()
.permitAll();
}
@Autowired
public void configureGlobal(AuthenticationManagerBuilder auth) throws Exception {
auth
.inMemoryAuthentication()
.withUser("user").password("password").roles("USER");
}
}
我从这篇文章中得到了一些想法:http://www.mkyong.com/spring-security/spring-security-form-login-example
我的问题是,当我登录时,它永远不会将我重定向到以前请求的页面,并不断显示在登录表单中。
在此先感谢您的支持。
我知道它迟到了。但对其他人可能有用
将action="j_spring_security_check"更改为login.html,因为您已在configure方法中定义了loginPage("/login.html")(覆盖j_spring_security_check)。它应该工作
默认登录处理URL是/ login(不是/ j_spring_security_ *)。可能你只是将表格提交到错误的地方?
use front end like
<div class="login-page">
<div class="form">
<form:form method="POST" action="${contextPath}/login"
class="login-form" modelAttribute="user">
<input type="hidden" name="${_csrf.parameterName}"
value="${_csrf.token}" />
<form:input path="username" type="text" id="inputUserName"
placeholder="User Name" />
<span><form:errors cssClass="error" path="username" /></span>
<form:input path="password" type="password" id="inputPassword"
placeholder="Password" />
<button type="submit" class="btn btn-group btn-default btn-animated">Log
In</button>
<p class="message">
Not registered? <a href="register">Create an account</a>
</p>
</form:form>
</div>
</div>
然后回到结束
protected void configure(HttpSecurity http) throws Exception {
http
.authorizeRequests()
.antMatchers("/resources/**", "/register").permitAll()
.anyRequest().authenticated()
.and()
.formLogin().defaultSuccessUrl("/welcome", true)
.loginPage("/login")
.permitAll()
.and()
.logout().logoutSuccessUrl("/login")
.permitAll();
}
整个代码在Github Spring boot security上