[英]Spring Security Login Page
I developed an application that uses Spring Security's default login page. 我开发了一个使用Spring Security默认登录页面的应用程序。 However I want to implement my own login page. 但是我想实现自己的登录页面。 I will put a login.html instead of a jsp page. 我会放一个login.html而不是一个jsp页面。 I want to use JQuery for it. 我想用它来使用JQuery。 I examined many examples but couldn't achieve. 我检查了许多例子,但无法实现。 I am new to Spring and Spring Security, I use Spring Security 3. Any ideas which steps I should follow? 我是Spring和Spring Security的新手,我使用Spring Security 3.我应该遵循哪些步骤的想法?
There are four requirements for a custom login page in Spring Security: Spring Security中的自定义登录页面有四个要求:
j_username
which will contain the name used for the authentication credentials. 有一个名为j_username
的输入字段,其中包含用于身份验证凭据的名称。 j_password
which will contain the password used for the authentication credentials. 有一个名为j_password
的输入字段,其中包含用于身份验证凭据的密码。 POST
ed matches the url defined in the login-processing-url
attribute of the form-login
element in your Spring Security configuration. 这些值为POST
的URL与Spring Security配置中form-login
元素的login-processing-url
属性中定义的url相匹配。 login-page
attribute of the form-login
element in your Spring Security configuration. 必须在Spring Security配置中的form-login
元素的login-page
属性中指定自定义登录表单的位置。 Login.html 的login.html
<body>
<form action="/j_spring_security_check" method="POST">
<label for="username">User Name:</label>
<input id="username" name="j_username" type="text"/>
<label for="password">Password:</label>
<input id="password" name="j_password" type="password"/>
<input type="submit" value="Log In"/>
</form>
</body>
Spring Security Configuration File Spring安全配置文件
<http use-expressions="true">
<intercept-url pattern="/login*" access="isAnonymous()"/>
<intercept-url pattern="/**" access="isFullyAuthenticated()"/>
<form-login
login-page="/login.html"
login-processing-url="/j_spring_security_check.action"
authentication-failure-url="/login_error.html"
default-target-url="/home.html"
always-use-default-target="true"/>
</http>
I have been working for a couple of days on implementing spring security in my project and the configuration that finally did it was the following: 我已经在我的项目中实现Spring安全性工作了几天,最终完成它的配置如下:
spring-security.xml 弹簧security.xml文件
<security:http auto-config="true" disable-url-rewriting="true" use-expressions="true">
<security:form-login
login-page="/login.html"
login-processing-url="/j_spring_security_check.action"
default-target-url="/index.html"
always-use-default-target="true"
authentication-failure-url="/login.html?error=true" />
<security:intercept-url pattern="/login*" access="isAnonymous()" />
<security:intercept-url pattern="/**" access="hasRole('ROLE_USER')" />
</security:http>
<security:authentication-manager>
<security:authentication-provider>
<security:jdbc-user-service
data-source-ref="dataSource"
users-by-username-query="select username, password, enabled from smartcaldb.users where username=?"
authorities-by-username-query="select u.username, r.authority from smartcaldb.users u, smartcaldb.roles r where u.userid = r.userid and u.username =?" />
</security:authentication-provider>
</security:authentication-manager>
spring-config.xml 春天-config.xml中
<mvc:annotation-driven />
<context:component-scan base-package="com.smartcal.**" />
<!-- setup database connectivity bean -->
<bean id="dataSource" class="org.apache.commons.dbcp2.BasicDataSource"
destroy-method="close">
<property name="driverClassName" value="${jdbc.driverClassName}" />
<property name="url" value="${jdbc.url}" />
<property name="username" value="${jdbc.username}" />
<property name="password" value="${jdbc.password}" />
</bean>
<context:property-placeholder location="/WEB-INF/jdbc.properties" />
<bean id="jdbcTemplate" class="org.springframework.jdbc.core.JdbcTemplate">
<constructor-arg ref="dataSource"/>
</bean>
web.xml web.xml中
<welcome-file-list>
<welcome-file>index.html</welcome-file>
</welcome-file-list>
<context-param>
<param-name>contextConfigLocation</param-name>
<param-value>
/WEB-INF/spring-config.xml
/WEB-INF/spring-security.xml
</param-value>
</context-param>
<listener>
<listener-class>org.springframework.web.context.request.RequestContextListener</listener-class>
</listener>
<listener>
<listener-class>org.springframework.web.context.ContextLoaderListener</listener-class>
</listener>
<servlet>
<servlet-name>dispatcher</servlet-name>
<servlet-class>org.springframework.web.servlet.DispatcherServlet</servlet-class>
<load-on-startup>1</load-on-startup>
</servlet>
<servlet-mapping>
<servlet-name>dispatcher</servlet-name>
<url-pattern>/login</url-pattern>
<url-pattern>/</url-pattern>
</servlet-mapping>
<filter>
<filter-name>springSecurityFilterChain</filter-name>
<filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
<init-param>
<param-name>contextAttribute</param-name>
<param-value>org.springframework.web.context.WebApplicationContext.ROOT</param-value>
</init-param>
</filter>
<filter-mapping>
<filter-name>springSecurityFilterChain</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<error-page>
<error-code>403</error-code>
<location>/403</location>
</error-page>
login.html 的login.html
<body>
<form action="/smartcal/j_spring_security_check.action" method="POST">
<label for="username">User Name:</label>
<input id="username" name="j_username" type="text" />
<label for="password">Password:</label>
<input id="password" name="j_password" type="password" />
<input type="submit" value="Log In" />
</form>
</body>
for logout use url - "/{yourAppPathInTheContainer}/j_spring_security_logout" 注销使用url - “/ {yourAppPathInTheContainer} / j_spring_security_logout”
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.