我尝试配置Spring安全性以与Rest一起使用,所以我创建了这个文件:
@Configuration
@EnableWebSecurity
public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
@Autowired
private UserDetailsService userDetailsService;
@Override
protected void configure(HttpSecurity http) throws Exception {
http.cors().and().
csrf().disable().
authorizeRequests()
.antMatchers("/home").permitAll()
.antMatchers(HttpMethod.POST, "/login").permitAll()
.anyRequest().authenticated()
.and().formLogin().loginProcessingUrl("/login").failureForwardUrl("/login?erro")
.and().logout().logoutUrl("/logout")
.and().httpBasic().disable();
}
@Autowired
public void configureGlobal(AuthenticationManagerBuilder auth) throws Exception {
auth.authenticationProvider(authenticationProvider());
}
@Bean
public DaoAuthenticationProvider authenticationProvider() {
DaoAuthenticationProvider authProvider
= new DaoAuthenticationProvider();
authProvider.setUserDetailsService(userDetailsService);
authProvider.setPasswordEncoder(encoder());
return authProvider;
}
@Bean
public PasswordEncoder encoder() {
return new BCryptPasswordEncoder(11);
}
}
但是当我尝试使用错误的密码和用户名访问/登录时,尝试重定向到默认表单登录。
如何禁用此默认表单?
TKS
答案 0 :(得分:0)
您可以使用自定义登录的配置
.and()
.formLogin()
.loginPage("/login");
此行loginPage(" / login")将告诉spring security覆盖默认登录页面
结帐this