Spring Security自定义登录页面不起作用

Question

I am making enterprise webapp, i have built my custom login page but somehow only spring security login page is coming instead of my custom login page. 我正在制作企业级Web应用程序，已经构建了自定义登录页面，但是不知何故，只有Spring Security登录页面出现了，而不是我的自定义登录页面。 Below is my security configuration class. 下面是我的安全配置类。

please help. 请帮忙。

@Configuration
@EnableWebSecurity
public class SecurityConfiguration extends WebSecurityConfigurerAdapter {

@Autowired
public void configureGlobalSecurity(AuthenticationManagerBuilder auth)
        throws Exception {
    auth.inMemoryAuthentication().withUser("test").password("pwd123")
            .roles("USER", "ADMIN");
}

@Override
protected void configure(HttpSecurity http) throws Exception {
    http
            .authorizeRequests()
            .antMatchers("/login").permitAll()
            .antMatchers("/", "/*todo*/**").access("hasRole('USER')").and()
            .formLogin();
        http.csrf().disable();
}

Answer 1

You have to specify the url to your custom login page. 您必须指定自定义登录页面的URL。

@Override
protected void configure(HttpSecurity http) throws Exception {
    http.authorizeRequests()
        .antMatchers("/login").permitAll()
        .antMatchers("/", "/*todo*/**").access("hasRole('USER')").and()
        .formLogin()

         // put the relative URL to your custom login here
             .loginPage("/login")
             .permitAll();
    http.csrf().disable();
}

Hope this helps. 希望这可以帮助。

Answer 2

Look every thing good, this is work for me: 看起来一切都很好，这对我来说很有效：

@Override
protected void configure(HttpSecurity http) throws Exception {
    http
         .authorizeRequests()
             .antMatchers("/todo/**").hasRole("USER")
             .antMatchers("/", "/home").permitAll()
             .antMatchers("/login").permitAll()
             .anyRequest().authenticated()
             .and()
        .formLogin()
             .loginPage("/login")
             .defaultSuccessUrl("/home")
             .permitAll()
             .and()
         .logout() 
             .logoutRequestMatcher(new AntPathRequestMatcher("/logout"))
             .logoutSuccessUrl("/home")
             .permitAll()
             .and()
         .exceptionHandling().accessDeniedPage("/403");
  }

Here is a Spring Boot project. 这是一个Spring Boot项目。

Answer 3

@Override protected void configure(HttpSecurity http) throws Exception { http.csrf().disable(); @Override protected void configure(HttpSecurity http) throws Exception { http.csrf（）。disable（）; http.authorizeRequests().antMatchers("/login").permitAll() .anyRequest().authenticated().and() .formLogin() .loginPage("/login") .defaultSuccessUrl("/home") .failureUrl("/login?error=true") .permitAll() .and() .logout() .logoutSuccessUrl("/login?logout=true") .invalidateHttpSession(true) .deleteCookies("JSESSIONID") .permitAll(); }

Reference : https://devkonline.com/tutorials/content/SPRING-SECURITY-5-CUSTOM-FORM-LOGIN-THYMELEAF 参考： https : //devkonline.com/tutorials/content/SPRING-SECURITY-5-CUSTOM-FORM-LOGIN-THYMELEAF

Spring Security自定义登录页面不起作用

问题描述

3 个解决方案

解决方案1
0 2019-09-15 11:17:19

解决方案2
0 2019-09-15 11:18:50

解决方案3
0 2019-09-16 01:23:20

Spring Security自定义登录页面不起作用

问题描述

3 个解决方案

解决方案1 0 2019-09-15 11:17:19

解决方案2 0 2019-09-15 11:18:50

解决方案3 0 2019-09-16 01:23:20

解决方案1
0 2019-09-15 11:17:19

解决方案2
0 2019-09-15 11:18:50

解决方案3
0 2019-09-16 01:23:20