Java Spring Security 302重定向
我的Spring安全性有问题,当我访问我的注册页面并单击注册按钮时,它会自动将我重定向到登录页面。在控制台中,指示状态代码302。 我尝试了几件事,但没有成功 这是我的安全配置:Java Spring Security 302重定向,java,spring-boot,spring-security,Java,Spring Boot,Spring Security,我的Spring安全性有问题,当我访问我的注册页面并单击注册按钮时,它会自动将我重定向到登录页面。在控制台中,指示状态代码302。 我尝试了几件事,但没有成功 这是我的安全配置: @Configuration @EnableWebSecurity public class SecurityConfig extends WebSecurityConfigurerAdapter { @Autowired @Qualifier("customUserDetailsService")
@Configuration
@EnableWebSecurity
public class SecurityConfig extends WebSecurityConfigurerAdapter {
@Autowired
@Qualifier("customUserDetailsService")
private UserDetailsService customUserDetailsService;
@Override
protected void configure(HttpSecurity http) throws Exception {
http
.authorizeRequests()
.antMatchers("/login", "/registration").permitAll()
.anyRequest()
.authenticated()
.and().formLogin()
.loginPage("/login")
.usernameParameter("email")
.defaultSuccessUrl("/consultAccount").permitAll()
.and()// logout
.logout().deleteCookies("JSESSIONID")
.logoutRequestMatcher(new AntPathRequestMatcher("/logout"));
}
@Override
protected void configure(AuthenticationManagerBuilder authManagerBuilder) throws Exception {
authManagerBuilder.userDetailsService(customUserDetailsService).passwordEncoder(bCryptPasswordEncoder());
}
@Bean
public BCryptPasswordEncoder bCryptPasswordEncoder() {
return new BCryptPasswordEncoder();
}
@Bean
@Override
public AuthenticationManager authenticationManagerBean() throws Exception {
return super.authenticationManagerBean();
}
CustomUserDetailsService.java
@Service("customUserDetailsService")
public class CustomUserDetailsService implements UserDetailsService {
@Autowired
private UserRepository userRepository;
@Override
@Transactional(readOnly = true)
public UserDetails loadUserByUsername(String email) throws UsernameNotFoundException {
if (email.trim().isEmpty()) {
throw new UsernameNotFoundException("email is empty");
}
User user = userRepository.findByEmail(email);
if (user == null) {
throw new UsernameNotFoundException("User " + email + " not found");
}
Set<GrantedAuthority> grantedAuthorities = new HashSet<>();
grantedAuthorities.add(new SimpleGrantedAuthority("USER"));
grantedAuthorities.add(new SimpleGrantedAuthority("ADMIN"));
return new org.springframework.security.core.userdetails.User(
user.getEmail(), user.getPassword(), grantedAuthorities);
}
}
login.html
<!DOCTYPE html>
<html xmlns="http://www.w3.org/1999/xhtml"
xmlns:th="http://www.thymeleaf.org">
<head>
<meta charset="utf-8">
<meta http-equiv="X-UA-Compatible" content="IE=edge">
<meta name="viewport" content="width=device-width, initial-scale=1">
<link href="https://fonts.googleapis.com/css?family=Roboto:400,700" rel="stylesheet">
<title>Authentification</title>
<link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css">
<script src="https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js"></script>
<script src="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/bootstrap.min.js"></script>
<style type="text/css">
</style>
</head>
<body>
<div class="container">
<br/><br/>
<form th:action="@{/login}" method="POST" class="form-signin" style="width:30%;margin:auto">
<h3 class="form-signin-heading" align="center">Pay My Buddy</h3>
<br/>
<div align="center" th:if="${param.error}">
<p style="font-size: 20; color: #FF1C19;">Username or password is invalid</p>
</div>
<input type="text" id="email" name="email" th:placeholder="email"
class="form-control" /> <br/>
<input type="password" th:placeholder="Password"
id="password" name="password" class="form-control" /> <br />
<button class="btn btn-lg btn-primary btn-block" name="Submit" value="Login" type="Submit" th:text="Login"></button>
<h4 class="text-center"><a href="/registration">Create an account</a></h4>
</form>
</div>
</body>
</html>
认证
付钱给我的朋友
用户名或密码无效
registration.html
<!DOCTYPE html>
<html lang="en" xmlns="http://www.w3.org/1999/xhtml" xmlns:th="http://www.thymeleaf.org"
xmlns:layout="http://www.ultraq.net.nz/thymeleaf/layout">
<head>
<meta charset="utf-8">
<title>Create an account</title>
<link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css">
<script src="https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js"></script>
<script src="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/bootstrap.min.js"></script>
</head>
<body>
<div class="container">
<form th:action="@{/register}" method="post" class="form-signin" role="form" style="width:30%;margin:auto">
<h3 class="form-signin-heading" align="center">Registration Form</h3><br/>
<input type="text" th:value="${user.firstName}" placeholder="Name" name="firstName" class="form-control" />
<span th:errors="${user.firstName}" class="text-danger"></span>
<br/>
<input type="text" th:value="${user.lastName}" placeholder="Last Name" name="lastName" class="form-control" />
<span th:errors="${user.lastName}" class="text-danger"></span>
<br/>
<input type="text" th:value="${user.email}" placeholder="Email" name="email" class="form-control" />
<span th:errors="${user.email}" class="text-danger"></span>
<br/>
<input type="password" th:value="${user.password}" placeholder="Password" name="password" class="form-control" />
<span th:errors="${user.password}" class="text-danger"></span>
<br/>
<button type="submit" class="btn btn-lg btn-primary btn-block" th:text="Register"></button>
</form>
<div th:if="${exception}" style="width:30%;margin:auto;padding: 1% 0;">
<p th:text="${exception}" class="alert alert-danger" role="alert"></p>
</div>
</div>
<script src="https://ajax.googleapis.com/ajax/libs/jquery/1.11.2/jquery.min.js"></script>
</body>
</html>
创建帐户
登记表
感谢您的帮助当用户注册时,您正在向“/注册”发出POST请求 但是,“/register”要求对用户进行身份验证 你可以加上
.antMatchers("/register").permitAll()
您的安全配置,以便允许未经身份验证的用户注册
.antMatchers("/register").permitAll()