Spring Security 自定义登录页面不起作用
我正在制作企业 Web 应用程序,我已经构建了自定义登录页面,但不知怎的,只有 Spring Security 登录页面出现,而不是我的自定义登录页面。下面是我的安全配置类。
请帮忙。
@Configuration
@EnableWebSecurity
public class SecurityConfiguration extends WebSecurityConfigurerAdapter {
@Autowired
public void configureGlobalSecurity(AuthenticationManagerBuilder auth)
throws Exception {
auth.inMemoryAuthentication().withUser("test").password("pwd123")
.roles("USER", "ADMIN");
}
@Override
protected void configure(HttpSecurity http) throws Exception {
http
.authorizeRequests()
.antMatchers("/login").permitAll()
.antMatchers("/", "/*todo*/**").access("hasRole('USER')").and()
.formLogin();
http.csrf().disable();
}
杨__羊羊浏览 233回答 3
3回答
-
qq_遁去的一_1
看起来一切都很好,这对我来说是工作:@Overrideprotected void configure(HttpSecurity http) throws Exception { http .authorizeRequests() .antMatchers("/todo/**").hasRole("USER") .antMatchers("/", "/home").permitAll() .antMatchers("/login").permitAll() .anyRequest().authenticated() .and() .formLogin() .loginPage("/login") .defaultSuccessUrl("/home") .permitAll() .and() .logout() .logoutRequestMatcher(new AntPathRequestMatcher("/logout")) .logoutSuccessUrl("/home") .permitAll() .and() .exceptionHandling().accessDeniedPage("/403"); } -
幕布斯7119047
@Overrideprotected void configure(HttpSecurity http) throws Exception {http.csrf().disable(); http.authorizeRequests().antMatchers("/login").permitAll() .anyRequest().authenticated().and() .formLogin() .loginPage("/login") .defaultSuccessUrl("/home") .failureUrl("/login?error=true") .permitAll() .and() .logout() .logoutSuccessUrl("/login?logout=true") .invalidateHttpSession(true) .deleteCookies("JSESSIONID") .permitAll(); } -
侃侃无极
您必须指定自定义登录页面的 URL。@Overrideprotected void configure(HttpSecurity http) throws Exception { http.authorizeRequests() .antMatchers("/login").permitAll() .antMatchers("/", "/*todo*/**").access("hasRole('USER')").and() .formLogin() // put the relative URL to your custom login here .loginPage("/login") .permitAll(); http.csrf().disable();}希望这可以帮助。
随时随地看视频慕课网APP
相关分类
Java