spring 安全登录总是重定向到失败 url
[英]spring security login always redirect to failure url
问题描述
I'm trying to use Spring Security in my application, But after hitting the login processing url defined in configure method of WebSecurityConfig Class , from login page, its always redirecting to the failurUrl even if the correct username and password is provided.
我试图在我的应用程序中使用Spring Security ,但是在点击WebSecurityConfig Class配置方法中定义的登录处理 url 后,从登录页面,即使提供了正确的用户名和密码,它也总是重定向到failurUrl 。 I have seen a lot of similar problem like this but all of the solutions that were given did not work for me.我见过很多类似的问题,但给出的所有解决方案都不适合我。 There's the code with the security config:有安全配置的代码:
@Override
protected void configure(HttpSecurity http) throws Exception{
http
.authorizeRequests().
antMatchers(PUBLIC_MATCHERS).
permitAll().anyRequest().authenticated();
http
.formLogin().loginPage("/index").defaultSuccessUrl("/userFront",true).failureUrl("/index?error").permitAll()
.and()
.logout().logoutRequestMatcher(new AntPathRequestMatcher("/logout")).logoutSuccessUrl("/index?logout").deleteCookies("remember-me").permitAll()
.and()
.csrf().disable().cors().disable()
.rememberMe();
}
@Autowired
public void configure(AuthenticationManagerBuilder auth) throws Exception {
auth.userDetailsService(userSecurityService).passwordEncoder(passwordEncoder());
}
And the service responsible for signing in ( UserSecurityService.java )以及负责登录的服务( UserSecurityService.java )
@Override
public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException {
User user = userDao.findByUsername(username);
if (user==null) {
LOG.warn("Username {} not found",username);
throw new UsernameNotFoundException("Username "+username+"not found");
}
return user;
}
finally the login form ( index.html )最后是登录表单( index.html )
<form class="form-signin" th:action="@{/index}" method="post">
<h2 class="text-center">Sign In</h2>
<div class="form-group">
<input type="text" class="form-control" placeholder="Username"
required="required" roleId="username" name="username"
id="username " autofocus="autofocus">
</div>
<div class="form-group">
<input type="password" class="form-control" placeholder="Password"
id="password" name="password" required="required"
roleId="inputPassword">
</div>
<div class="form-group">
<button type="submit" class="btn btn-primary btn-block">Sign
In</button>
</div>
<div class="clearfix">
<label class="float-left form-check-label"><input
type="checkbox" name="remember-me" id="remember-me">
Remember me</label>
</div>
</form>
What i am missing here please im tired of searching everywhere ?我在这里缺少什么,请我厌倦了到处寻找?
1 个解决方案
解决方案1
0 2020-09-12 19:15:34
Do you have a method in your controller to handle POST to /login?您的控制器中有处理 POST 到 /login 的方法吗? If not, I suggest you change your GET controller method from /index to /login, change the form to POST to /login, and update the configure() method accordingly (change "/index" to "/login").如果没有,我建议您将 GET 控制器方法从 /index 更改为 /login,将表单更改为 POST 到 /login,并相应地更新configure()方法(将“/index”更改为“/login”)。
[Update] [更新]
Make sure your login method is only serving GET and let the Spring default handle the POST:确保您的登录方法仅提供 GET 服务,并让 Spring 默认处理 POST:
@RequestMapping(method = { RequestMethod.GET }, value = { "/login" })
public String index() {
return "login";
}
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.