泡泡SpringSecurity5.2【SpringBoot整合SpringSecurity-自定义登录页面】
1
<!DOCTYPE html> <html lang="en" xmlns:th="http://www.thymeleaf.org"> <head> <meta charset="UTF-8"> <title>login</title> </head> <body> <h1>登录管理</h1> <form th:action="@{/login}" method="post"> 账号:<input type="text" name="username"><br> 密码:<input type="password" name="password"><br> <input type="submit" value="登录"> </form> </body> </html>
2
package com.haifei.controller; import org.springframework.stereotype.Controller; import org.springframework.web.bind.annotation.RequestMapping; @Controller //一定不要用@RestController public class LoginController { @RequestMapping("/mylogin") public String goLoginPage(){ return "/login_page"; } }
3
package com.haifei.config; import org.springframework.context.annotation.Configuration; import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder; import org.springframework.security.config.annotation.web.builders.HttpSecurity; import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter; @Configuration public class SpringSecurityConfig extends WebSecurityConfigurerAdapter { /** * 先通过内存中的账号密码来处理 * @param auth * @throws Exception */ @Override protected void configure(AuthenticationManagerBuilder auth) throws Exception { auth.inMemoryAuthentication() .withUser("zhang") .password("{noop}123") .roles("USER"); } @Override protected void configure(HttpSecurity http) throws Exception { http.authorizeRequests() .mvcMatchers("/login_page.html","/mylogin","/css/**","/js/**") .permitAll() .antMatchers("/**") .hasAnyRole("USER") .anyRequest() .authenticated() .and() .formLogin() .successForwardUrl("/home.html") .loginPage("/mylogin") .loginProcessingUrl("/login") .and() .csrf() .disable(); //successForwardUrl仅支持post提交 } }
spring-boot-starter-thymeleaf下载不下来,则该依赖导入失败,则使用thymeleaf的页面因无法被访问而导致404
4
测试
浙公网安备 33010602011771号