SpringSecurity03

自定义设置登录页面，不需要认证可以访问

1.在配置类实现相关的配置

    @Override
    protected void configure(HttpSecurity http) throws Exception {
        http.formLogin()  //自定义自己编写的登录页面
                .loginPage("/login.html")  //登录页面设置
                .loginProcessingUrl("/user/login")  //登录访问路径
                .defaultSuccessUrl("/test/index").permitAll()     //登录成功之后，跳转路径
                .and().authorizeRequests()
                       .antMatchers("/","/test/hello","/user/login").permitAll()  //设置哪些路径可以直接访问，不需要认证
                .anyRequest().authenticated()
                .and().csrf().disable();  //关闭csrf防护
    }

 

2.创建相关页面， controller

<!DOCTYPE html>
<html lang="en" xmlns="http://www.w3.org/1999/html" xmlns="http://www.w3.org/1999/html">
<head>
    <meta charset="UTF-8">
    <title>Title</title>
</head>
<body>

<form action="/user/login" method="post">
    用户名：<input type="text" name="username">
    </br>
    密码：<input type="text" name="password">
    </br>
    <input type="submit" value="login">
</form>
</body>
</html>

package com.controller;

import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RestController;

@RestController()
@RequestMapping("/test")
public class HelloController {

    @RequestMapping("/hello")
    public String hello(){
        return  "hello";
    }


    @RequestMapping("/index")
    public String index(){
        return  "hello index";
    }
}