Java Spring Security自定义登录页不工作
我正在制作企业webapp,我已经建立了我的自定义登录页面,但不知何故,只有spring安全登录页面,而不是我的自定义登录页面。下面是我的安全配置类 请帮忙Java Spring Security自定义登录页不工作,java,spring,spring-security,Java,Spring,Spring Security,我正在制作企业webapp,我已经建立了我的自定义登录页面,但不知何故,只有spring安全登录页面,而不是我的自定义登录页面。下面是我的安全配置类 请帮忙 @Configuration @EnableWebSecurity public class SecurityConfiguration extends WebSecurityConfigurerAdapter { @Autowired public void configureGlobalSecurity(AuthenticationM
@Configuration
@EnableWebSecurity
public class SecurityConfiguration extends WebSecurityConfigurerAdapter {
@Autowired
public void configureGlobalSecurity(AuthenticationManagerBuilder auth)
throws Exception {
auth.inMemoryAuthentication().withUser("test").password("pwd123")
.roles("USER", "ADMIN");
}
@Override
protected void configure(HttpSecurity http) throws Exception {
http
.authorizeRequests()
.antMatchers("/login").permitAll()
.antMatchers("/", "/*todo*/**").access("hasRole('USER')").and()
.formLogin();
http.csrf().disable();
}
您必须指定自定义登录页面的url
@Override
protected void configure(HttpSecurity http) throws Exception {
http.authorizeRequests()
.antMatchers("/login").permitAll()
.antMatchers("/", "/*todo*/**").access("hasRole('USER')").and()
.formLogin()
// put the relative URL to your custom login here
.loginPage("/login")
.permitAll();
http.csrf().disable();
}
希望这有帮助。看起来一切都很好,这是我的工作:
@Override
protected void configure(HttpSecurity http) throws Exception {
http
.authorizeRequests()
.antMatchers("/todo/**").hasRole("USER")
.antMatchers("/", "/home").permitAll()
.antMatchers("/login").permitAll()
.anyRequest().authenticated()
.and()
.formLogin()
.loginPage("/login")
.defaultSuccessUrl("/home")
.permitAll()
.and()
.logout()
.logoutRequestMatcher(new AntPathRequestMatcher("/logout"))
.logoutSuccessUrl("/home")
.permitAll()
.and()
.exceptionHandling().accessDeniedPage("/403");
}
这是一个项目。@Override
受保护的无效配置(HttpSecurity http)引发异常{
http.csrf().disable();
http.authorizeRequests().antMatchers(“/login”).permitAll()
.anyRequest().authenticated()和()
.formLogin()
.login页面(“/login”)
.defaultSuccessUrl(“/home”)
.failureUrl(“/login?error=true”)
.permitAll()
.及()
.logout()
.logout成功URL(“/login?logout=true”)
.invalidateHttpSession(真)
.deleteCookies(“JSSessionID”)
.permitAll();
}
参考: