How can I create a secure vaadin 14 login form?
Question
I wanted to ask how to create a secure login.
I have only one login view so far and wanted to ask now how I can change the view after successful login. The login check via a MySQL database also runs without problems. I just don't want that someone just add "dashboard" in the url and skip the login.
@Route("login")
@PageTitle("Login")
public class LoginView extends VerticalLayout {
private final LoginService loginService;
private LoginOverlay loginOverlay = new LoginOverlay();
public LoginView(LoginService loginService) {
this.loginService = loginService;
this.loginOverlay.setOpened(true);
this.loginOverlay.setForgotPasswordButtonVisible(false);
this.loginOverlay.setDescription(null);
this.loginOverlay.setEnabled(true);
this.loginOverlay.addLoginListener(e -> {
if (this.loginService.authenticateUser(e.getUsername(), e.getPassword())) {
?
} else {
this.loginOverlay.setError(true);
}
});
this.add(loginOverlay);
}
}
2 answers
solution1
1 2019-10-24 07:02:41
There is a tutorial series for vaadin + spring security.
https://vaadin.com/tutorials/securing-your-app-with-spring-security
solution2
0 2019-10-23 15:33:44
One option if you are using Spring is to use Spring Security to list the urls that available before login and redirect to login if unauthenticated user tries to navigate somewhere else. You can find one example of this in SecurityConfiguration.java of the full stack starter app .
Another option is to listen the BeforeEnter event and programmatically reroute user to login screen if they're not logged in. You can find one example for this in BookstoreInitListener.java . Source code is in github or you can download a copy of the app by selecting Java tech stack of simple app starter
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.