我正在编写一个带有2个WebSecurityConfigurerAdapter类的spring安全项目,以创建2个登录表单。当我分别实现这些类时,它们可以正常工作,但是当我将它们与“ order()”配置结合使用以验证较低的顺序时,在上面唱歌时会将我定向到具有较高顺序的其他登录表单,而不是指向我的URL指定。这是我的代码:如果有人对丢失的内容有任何想法,欢迎发表评论。谢谢。
@Order(1)
@Configuration
@EnableWebSecurity
public class SecurityConfiguration extends WebSecurityConfigurerAdapter {
@Autowired
private UserService userService;
@Bean
public BCryptPasswordEncoder passwordEncoder() {
return new BCryptPasswordEncoder();
}
@Override
protected void configure(HttpSecurity http) throws Exception {
http
.authorizeRequests()
.antMatchers(
"/registration**",
"/js/**",
"/css/**",
"/img/**").permitAll()
// .antMatchers("/librarianlogin").hasRole("USER")
.anyRequest().authenticated()
.and()
.formLogin()
.loginPage("/login")
.successForwardUrl("/librarianlogin")
// .loginProcessingUrl("/")
.permitAll()
.and()
.logout()
.invalidateHttpSession(true)
.clearAuthentication(true)
.logoutRequestMatcher(new AntPathRequestMatcher("/logout"))
.logoutSuccessUrl("/?logout")
.permitAll();
}
@Bean
public DaoAuthenticationProvider authenticationProvider() {
DaoAuthenticationProvider auth = new DaoAuthenticationProvider();
auth.setUserDetailsService(userService);
auth.setPasswordEncoder(passwordEncoder());
return auth;
}
@Override
protected void configure(AuthenticationManagerBuilder auth) throws Exception {
auth.authenticationProvider(authenticationProvider());
}
}
第二个:
@Order(2)
@Configuration
@EnableWebSecurity
public class SecurityConfigurationAdmin extends WebSecurityConfigurerAdapter {
@Override
protected void configure(HttpSecurity http) throws Exception {
http
.authorizeRequests()
.antMatchers(
"/registration**",
"/js/**",
"/css/**",
"/img/**").permitAll()
// .antMatchers("/adminlogin").hasRole("USER2")
.anyRequest().authenticated()
.and()
.formLogin()
.loginPage("/login2")
.usernameParameter("username2")
.passwordParameter("password2")
.successForwardUrl("/adminlogin")
// .loginProcessingUrl("/adminlogin")
.permitAll()
.and()
.logout()
.invalidateHttpSession(true)
.clearAuthentication(true)
.logoutRequestMatcher(new AntPathRequestMatcher("/logout"))
.logoutSuccessUrl("/?logout")
.permitAll();
}
@Override
public void configure(AuthenticationManagerBuilder auth) throws Exception {
auth.inMemoryAuthentication()
.withUser("admin").password("{noop}admin").roles("USER2");
}
}
控制器类:
@Controller
public class MainController {
@GetMapping("/login")
public String login() {
return "index2";
}
@RequestMapping(value = "/login2", method = RequestMethod.GET)
public String viewHomePage() {
return "index";
}
}
用于管理员登录的HTML代码:
<div class="row">
<div class="col">
<article class="main">
<h2 class="page-heading">Admin Login
</h2>
<div id="form">
<form th:action="@{/login2}" method="post">
<fieldset>
<div th:if="${param.error}" class="alert alert-danger">
Invalid username and password.
</div>
<div th:if="${param.logout}" class="alert alert-info">
You have been logged out.
</div>
<p>
<label class="row margin-bot" for="username">email</label>
<input type="text" id="username" name="username2" placeholder="email" autofocus="autofocus">
</p>
<p>
<label class="row margin-bot" for="password">pass</label>
<input type="password" id="password" name="password2" placeholder="subject">
</p>
<p>
<input id="submit" type="submit" name="message" value="sign in">
</p>
</fieldset>
</form>
</div>
</article>
</div>
图书管理员登录的html代码:
</div>
<div class="col">
<article class="main">
<h2 class="page-heading">Librarian Login
</h2>
<div id="form">
<form th:action="@{/login}" method="post">
<fieldset>
<div th:if="${param.error}" class="alert alert-danger">
Invalid username and password.
</div>
<div th:if="${param.logout}" class="alert alert-info">
You have been logged out.
</div>
<p>
<label class="row margin-bot" for="username">email</label>
<input type="text" id="username" name="username" placeholder="email" autofocus="autofocus">
</p>
<p>
<label class="row margin-bot" for="password">pass</label>
<input type="password" id="password" name="password" placeholder="subject">
</p>
<p>
<input id="submit" type="submit" name="message" value="sign in">
</p>
</fieldset>
</form>
</div>
</article>
</div>