Spring Security JSP登录页面问题

Question

我是一个绝对的春季业余爱好者。所以请帮助我。我想保护我的网站，重定向到自定义.jsp登录页面，登录成功后页面应该是免费的＃34;。

通过我的实际项目，我变成了重定向到登录页面，看起来不像我想要它，但我无法登录。

我的代码：

AppConfig.java

import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.ComponentScan;
import org.springframework.context.annotation.Configuration;
import org.springframework.context.annotation.Import;
import org.springframework.web.servlet.config.annotation.*;
import org.springframework.web.servlet.view.InternalResourceViewResolver;
import org.springframework.web.servlet.view.JstlView;

@EnableWebMvc
@Configuration
@ComponentScan({ "de.dashboard.spring.web" })
@Import({ SecurityConfig.class })
public class AppConfig extends WebMvcConfigurerAdapter {

@Override
public void configureDefaultServletHandling(DefaultServletHandlerConfigurer configurer) {
    configurer.enable();
}

@Bean
public InternalResourceViewResolver viewResolver() {
    InternalResourceViewResolver viewResolver = new InternalResourceViewResolver();
    viewResolver.setViewClass(JstlView.class);
    viewResolver.setPrefix("/pages/");
    viewResolver.setSuffix(".jsp");
    return viewResolver;
    }
}

SecurityConfig.java

import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.web.csrf.CookieCsrfTokenRepository;

@Configuration
@EnableWebSecurity
public class SecurityConfig extends WebSecurityConfigurerAdapter {

@Autowired
public void configureGlobal(AuthenticationManagerBuilder auth) throws Exception {
    auth.inMemoryAuthentication().withUser("test").password("test").roles("USER");
}

@Override
protected void configure(HttpSecurity http) throws Exception {
    http.authorizeRequests()
            .antMatchers("/login").permitAll()
            .antMatchers("/**").access("hasRole('ROLE_USER')")
            .and()
            .formLogin().loginPage("/login")
            .failureUrl("/login?error")
            .usernameParameter("username").passwordParameter("password")
            .and()
            .csrf();
  }
}

Controller.Java

@Controller
public class HelloController {

@RequestMapping(value = "/login", method = RequestMethod.GET)
public String login(@RequestParam(value = "error", required = false) String error,
                          @RequestParam(value = "logout", required = false) String logout,
                          Model model) {

    if (error != null) {
        model.addAttribute("error", "Invalid username and password!");
    }

    if (logout != null) {
        model.addAttribute("msg", "You've been logged out successfully.");
    }

    //Only as test (doesn't work)
    model.addAttribute("error","Test");
    return "login";

  }
}

我在webapp / pages / login.jsp下的login.jsp 的的login.jsp

<%@ taglib prefix="c" uri="http://java.sun.com/jsp/jstl/core"%>
<html>
<head>
<title>Login Page</title>
<style>
    .error {
        padding: 15px;
        margin-bottom: 20px;
        border: 1px solid transparent;
        border-radius: 4px;
        color: #a94442;
        background-color: #f2dede;
        border-color: #ebccd1;
    }

    .msg {
        padding: 15px;
        margin-bottom: 20px;
        border: 1px solid transparent;
        border-radius: 4px;
        color: #31708f;
        background-color: #d9edf7;
        border-color: #bce8f1;
    }

    #login-box {
        width: 300px;
        padding: 20px;
        margin: 100px auto;
        background: #fff;
        -webkit-border-radius: 2px;
        -moz-border-radius: 2px;
        border: 1px solid #000;
    }
</style>
</head>
<body onload='document.loginForm.username.focus();'>

<h1></h1>

<div id="login-box">

<h2>Login with Username and Password</h2>

<c:if test="${not empty error}">
    <div class="error">${error}</div>
</c:if>
<c:if test="${not empty msg}">
    <div class="msg">${msg}</div>
</c:if>

<form name='loginForm'
      action="<c:url value='/login' />" method='POST'>

    <table>
        <tr>
            <td>User:</td>
            <td><input type='text' name='username' value=''></td>
        </tr>
        <tr>
            <td>Password:</td>
            <td><input type='password' name='password' /></td>
        </tr>
        <tr>
            <td colspan='2'><input name="submit" type="submit"
                                   value="submit" /></td>
        </tr>
    </table>

    <input type="hidden" name="${_csrf.parameterName}"
           value="${_csrf.token}" />

</form>
</div>

</body>
</html>

当登录页面打开时，它看起来像：

如果我按下提交，该网站将刷新。请帮忙：D

修改

pom中的jstl依赖：

<dependency>
        <groupId>javax.servlet</groupId>
        <artifactId>jstl</artifactId>
        <version>1.2</version>
    </dependency>