嗨,我正在尝试在Spring Boot应用程序中使用基于LDAP的身份验证(Spring Security)。
使用默认的登录页面时,我可以进行身份验证。
使用自定义登录页面时,我将重定向到同一登录页面。我在项目中没有看到任何异常或错误。
我的应用程序中包含以下代码。
WebSecurityConfig.java
@Override
protected void configure(HttpSecurity http) throws Exception {
http.authorizeRequests()
.antMatchers("/resources/**", "/assets/**").permitAll()
.anyRequest().fullyAuthenticated()
.and()
.formLogin()
.loginPage("/login")
.permitAll()
.usernameParameter("username")
.passwordParameter("password")
.successForwardUrl("/home");
}
@Override
protected void configure(AuthenticationManagerBuilder auth) throws Exception {
if (Boolean.parseBoolean(ldapEnabled)) {
auth.ldapAuthentication().contextSource().url(ldapUrls + ldapBaseDn).managerDn(ldapSecurityPrincipal)
.managerPassword(ldapPrincipalPassword).and().userDnPatterns(ldapUserDnPattern);
} else {
auth.inMemoryAuthentication().withUser("user").password("password").roles("USER").and().withUser("admin")
.password("admin").roles("ADMIN");
}
}
Login.jsp
<form action="/home" method="post" class="form-horizontal">
<div class="form-group">
<div class="col-sm-5" id="message">
<c:if test="${param.action != null}">
<c:if test="${sessionScope.exception != null}">
<div class="alert alert-danger">
<c:out value='${exception}' />
</div>
</c:if>
</c:if>
</div>
</div>
<div class="col-sm-10" style='margin-left: 15px'>
<div class="form-group">
<input type="hidden" name="${_csrf.parameterName}" value="${_csrf.token}">
<div class="col-sm-4">
<input type="text" name="username" class="form-control"
placeholder="
<spring:message code="login.usernamePlaceholder"/>"
required autofocus value="${sessionScope.username}">
</div>
</div>
<div class="form-group">
<div class="col-sm-4">
<input type="password" name="password" class="form-control text-center"
placeholder="<spring:message code="login.passwordPlaceholder"/>"
required>
</div>
</div>
<div class="form-group">
<div>
<input type="submit" class="btn btn-primary" value="Sign-In">
<input type="button" class="btn btn-primary" value="Clear"
onclick="location.href='/login';">
</div>
</div>
</div>
</form>
LoginController.java
@Controller
public class LoginController {
@Autowired
LoginService service;
@GetMapping("/")
public String home() {
return "login";
}
@RequestMapping(value="/home", method = RequestMethod.POST)
public String showWelcomePage(ModelMap model, @RequestParam String name, @RequestParam String password){
try{
model.put("name", name);
model.put("password", password);
return "home";
}catch(Exception e){
return "error";
}
}
@RequestMapping(value="/login", method = RequestMethod.GET)
public String showLoginPage(ModelMap model){
return "login";
}