我正在制作企业 Web 应用程序,我已经构建了自定义登录页面,但不知怎的,只有 Spring Security 登录页面出现,而不是我的自定义登录页面。下面是我的安全配置类。请帮忙。@Configuration@EnableWebSecuritypublic class SecurityConfiguration extends WebSecurityConfigurerAdapter {@Autowiredpublic void configureGlobalSecurity(AuthenticationManagerBuilder auth) throws Exception { auth.inMemoryAuthentication().withUser("test").password("pwd123") .roles("USER", "ADMIN");}@Overrideprotected void configure(HttpSecurity http) throws Exception { http .authorizeRequests() .antMatchers("/login").permitAll() .antMatchers("/", "/*todo*/**").access("hasRole('USER')").and() .formLogin(); http.csrf().disable();}
3 回答
qq_遁去的一_1
TA贡献1725条经验 获得超7个赞
看起来一切都很好,这对我来说是工作:
@Override
protected void configure(HttpSecurity http) throws Exception {
http
.authorizeRequests()
.antMatchers("/todo/**").hasRole("USER")
.antMatchers("/", "/home").permitAll()
.antMatchers("/login").permitAll()
.anyRequest().authenticated()
.and()
.formLogin()
.loginPage("/login")
.defaultSuccessUrl("/home")
.permitAll()
.and()
.logout()
.logoutRequestMatcher(new AntPathRequestMatcher("/logout"))
.logoutSuccessUrl("/home")
.permitAll()
.and()
.exceptionHandling().accessDeniedPage("/403");
}
幕布斯7119047
TA贡献1794条经验 获得超8个赞
@Override
protected void configure(HttpSecurity http) throws Exception {
http.csrf().disable();
http.authorizeRequests().antMatchers("/login").permitAll()
.anyRequest().authenticated().and()
.formLogin()
.loginPage("/login")
.defaultSuccessUrl("/home")
.failureUrl("/login?error=true")
.permitAll()
.and()
.logout()
.logoutSuccessUrl("/login?logout=true")
.invalidateHttpSession(true)
.deleteCookies("JSESSIONID")
.permitAll();
}
侃侃无极
TA贡献2051条经验 获得超10个赞
您必须指定自定义登录页面的 URL。
@Override
protected void configure(HttpSecurity http) throws Exception {
http.authorizeRequests()
.antMatchers("/login").permitAll()
.antMatchers("/", "/*todo*/**").access("hasRole('USER')").and()
.formLogin()
// put the relative URL to your custom login here
.loginPage("/login")
.permitAll();
http.csrf().disable();
}
希望这可以帮助。
添加回答
举报
0/150
提交
取消