我只是学习有关Spring的所有知识,我正尝试着做自己的项目,但是我将使用JSP而不是使用百里香叶。我有一个使用spring boot + spring security运行的示例,它拥有自定义登录名。我也这样做,但是我使用的是jsp,而不是html + thymeleaf,但是自定义登录没有显示,总是出现默认的spring安全登录,有帮助吗?
这是JSP:
<!-- Login Form -->
<form action="${pageContext.request.contextPath}/authenticateTheUser"
method="POST" class="form-horizontal">
<!-- Place for messages: error, alert etc ... -->
<div class="form-group">
<div class="col-xs-15">
<div>
<!-- Check for login error -->
<c:if test="${param.error != null}">
<div class="alert alert-danger col-xs-offset-1 col-xs-10">
Invalid username and password.
</div>
</c:if>
<!-- Check for logout -->
<c:if test="${param.logout != null}">
<div class="alert alert-success col-xs-offset-1 col-xs-10">
You have been logged out.
</div>
</c:if>
</div>
</div>
</div>
<!-- User name -->
<div style="margin-bottom: 25px" class="input-group">
<span class="input-group-addon"><i class="glyphicon glyphicon-user"></i></span>
<input type="text" name="username" placeholder="username" class="form-control">
</div>
<!-- Password -->
<div style="margin-bottom: 25px" class="input-group">
<span class="input-group-addon"><i class="glyphicon glyphicon-lock"></i></span>
<input type="password" name="password" placeholder="password" class="form-control" >
</div>
<!-- Login/Submit Button -->
<div style="margin-top: 10px" class="form-group">
<div class="col-sm-6 controls">
<button type="submit" class="btn btn-success">Login</button>
</div>
</div>
<!-- I'm manually adding tokens ... Bro! -->
<input type="hidden"
name="${_csrf.parameterName}"
value="${_csrf.token}" />
</form>
配置:
package com.crm.config;
import javax.sql.DataSource;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Qualifier;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
@Configuration
@EnableWebSecurity
public class DemoSecurityConfig extends WebSecurityConfigurerAdapter {
// add a reference to our security data source
@Autowired
@Qualifier("securityDataSource")
private DataSource securityDataSource;
@Override
protected void configure(AuthenticationManagerBuilder auth) throws Exception {
auth.jdbcAuthentication().dataSource(securityDataSource);
}
@Override
protected void configure(HttpSecurity http) throws Exception {
System.out.println("aplicando configuracion");
http.authorizeRequests()
.antMatchers("/employees/showForm*").hasAnyRole("MANAGER", "ADMIN")
.antMatchers("/employees/save*").hasAnyRole("MANAGER", "ADMIN")
.antMatchers("/employees/delete").hasRole("ADMIN")
.antMatchers("/employees/**").hasRole("EMPLOYEE")
.antMatchers("/resources/**").permitAll()
.antMatchers("/showMyLoginPage").permitAll()
.and()
.formLogin()
.loginPage("/showMyLoginPage")
.loginProcessingUrl("/authenticateTheUser")
.permitAll()
.and()
.logout().permitAll()
.and()
.exceptionHandling().accessDeniedPage("/access-denied");
}
}
和控制器:
@GetMapping("/showMyLoginPage")
public String showMyLoginPage() {
return "fancy-login";
}
// add request mapping for /access-denied
@GetMapping("/access-denied")
public String showAccessDenied() {
return "access-denied";
}
这里有github中的链接 https://github.com/a343/srping
非常感谢。
致谢