[英]Spring boot with spring security login form
I have simple web-application.I've used spring boot + hibernate + thymeleaf + spring security. 我有一个简单的Web应用程序,使用过Spring Boot + Hibernate + thymeleaf + Spring Security。 I've made register system and it works correctly.
我已经制作了注册系统,它可以正常工作。 I've tried to do login system, but I don't know if I understand spring security idea.
我试图做登录系统,但是我不知道我是否了解spring安全思想。 This is my securityConfig:
这是我的securityConfig:
@Configuration
@EnableWebSecurity
public class SecurityConfiguration extends WebSecurityConfigurerAdapter {
@Override
protected void configure(HttpSecurity http) throws Exception {
http.authorizeRequests()
.antMatchers("/register","/","/home").permitAll().and()
.formLogin()
.loginPage("/login").failureUrl("/login").defaultSuccessUrl("/home")
.usernameParameter("nickname")
.passwordParameter("password").permitAll();
}
} }
This is my login form: 这是我的登录表格:
<form autocomplete="off" action="#" th:action="@{/login}"
th:object="${user}" method="post" class="m-t" role="form"
data-toggle="validator">
<div class="form-group input-group has-feedback">
<span class="input-group-addon">
<span class="glyphicon glyphicon-user"></span>
</span>
<input name="nickname" type="text" th:field="*{nickname}"
placeholder="Nickname" class="form-control" required />
<span class="glyphicon form-control-feedback"
aria-hidden="true"></span>
</div>
<div class="form-group input-group">
<span class="input-group-addon">
<span class="glyphicon glyphicon-lock"></span>
</span>
<input name="password" type="password" id="password"
placeholder="Password" class="form-control" required />
<span class="glyphicon"
aria-hidden="true"></span>
</div>
<button type="submit"
class="btn btn-primary block full-width m-b">Zaloguj
</button>
</form>
And I'm not sure if is it enough to make login system work? 而且我不确定是否足以使登录系统正常工作?
I don't see any authentication provider which you have to provide. 我看不到您必须提供的任何身份验证提供程序。
If you are using a Database, you will have to use the following: 如果使用数据库,则必须使用以下内容:
@Autowired
public void configAuthentication(AuthenticationManagerBuilder auth) throws Exception {
auth.jdbcAuthentication().dataSource(dataSource)
.usersByUsernameQuery(
"select username, password, enabled from user where username=?").passwordEncoder(encoder)
.authoritiesByUsernameQuery(
"select user_username, role from user_roles where user_username=?");
}
If you are not using a Database or you want it for testing purposes, you can use the following: 如果您未使用数据库或希望将其用于测试目的,则可以使用以下方法:
@Autowired
public void configAuthentication(AuthenticationManagerBuilder auth) throws Exception {
auth.inMemoryAuthentication()
.withUser("user")
.password("password")
.roles("ROLE_USER");
}
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.