我有简单的网络应用程序。我使用了 spring boot + hibernate + thymeleaf + spring security。我已经制作了注册系统并且它工作正常。我尝试过做登录系统,但我不知道我是否理解spring security的想法。 这是我的安全配置:
@Configuration
@EnableWebSecurity
public class SecurityConfiguration extends WebSecurityConfigurerAdapter {
@Override
protected void configure(HttpSecurity http) throws Exception {
http.authorizeRequests()
.antMatchers("/register","/","/home").permitAll().and()
.formLogin()
.loginPage("/login").failureUrl("/login").defaultSuccessUrl("/home")
.usernameParameter("nickname")
.passwordParameter("password").permitAll();
}
}
这是我的登录表单:
<form autocomplete="off" action="#" th:action="@{/login}"
th:object="${user}" method="post" class="m-t" role="form"
data-toggle="validator">
<div class="form-group input-group has-feedback">
<span class="input-group-addon">
<span class="glyphicon glyphicon-user"></span>
</span>
<input name="nickname" type="text" th:field="*{nickname}"
placeholder="Nickname" class="form-control" required />
<span class="glyphicon form-control-feedback"
aria-hidden="true"></span>
</div>
<div class="form-group input-group">
<span class="input-group-addon">
<span class="glyphicon glyphicon-lock"></span>
</span>
<input name="password" type="password" id="password"
placeholder="Password" class="form-control" required />
<span class="glyphicon"
aria-hidden="true"></span>
</div>
<button type="submit"
class="btn btn-primary block full-width m-b">Zaloguj
</button>
</form>
我不确定这是否足以使登录系统正常工作?
最佳答案
我没有看到您必须提供的任何身份验证提供程序。
如果您使用数据库,则必须使用以下内容:
@Autowired
public void configAuthentication(AuthenticationManagerBuilder auth) throws Exception {
auth.jdbcAuthentication().dataSource(dataSource)
.usersByUsernameQuery(
"select username, password, enabled from user where username=?").passwordEncoder(encoder)
.authoritiesByUsernameQuery(
"select user_username, role from user_roles where user_username=?");
}
如果您不使用数据库或希望将其用于测试目的,则可以使用以下内容:
@Autowired
public void configAuthentication(AuthenticationManagerBuilder auth) throws Exception {
auth.inMemoryAuthentication()
.withUser("user")
.password("password")
.roles("ROLE_USER");
}
关于java - Spring Boot 与 Spring Security 登录表单,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/45909985/