提供自定义登录表单时,Spring Security是否需要自定义登录控制器?
[英]Does Spring Security require a custom login controller when providing a custom login form?
问题描述
Does Spring Security 4.0.1.RELEASE require a custom login controller when providing a custom JSP page containing a login form composed of two input fields, user name and password? 
提供包含由两个输入字段(用户名和密码)组成的登录表单的自定义JSP页面时, Spring Security 4.0.1.RELEASE是否需要自定义登录控制器? Spring Security sample application spring-security-samples-chat-jc has a very simple one, but spring-security-samples-form-jc doesn't define one at all. Spring Security示例应用程序spring-security-samples-chat-jc有一个非常简单的应用程序,但是spring-security-samples-form-jc根本没有定义一个。
1 个解决方案
解决方案1
0 2015-07-21 14:13:17
WebSecurityConfigurerAdapter has the method named configure and inside it you can do something like this: WebSecurityConfigurerAdapter具有名为configure的方法,您可以在其中执行以下操作:
http.csrf().disable()
.formLogin()
.permitAll()
.loginProcessingUrl("/login")
.usernameParameter("email")
.passwordParameter("password");
After this you do not need to create a controller. 此后,您无需创建控制器。 Just POST to /login endpoint with urlencodedparameters named as email and password. 只需使用名为电子邮件和密码的urlencoded参数POST到/ login端点即可。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.