spring-security - spring boot 自定义登录页面

Question

我正在尝试为我的 bootstrap 应用程序添加自定义登录页面。我在关注 this教程。我无法使用我的自定义登录页面。

这是我的 pom.xml:

...
 <dependency>
   <groupId>org.springframework.data</groupId>
   <artifactId>spring-data-commons</artifactId>
 </dependency>
 <dependency>
    <groupId>org.springframework.boot</groupId>
    <artifactId>spring-boot-starter-test</artifactId>
    <scope>test</scope>
 </dependency>
 <dependency>
    <groupId>org.springframework.boot</groupId>
    <artifactId>spring-boot-starter-security</artifactId>
</dependency>
<dependency>
    <groupId>org.springframework.boot</groupId>
    <artifactId>spring-boot-starter-thymeleaf</artifactId>
</dependency>
<dependency>
    <groupId>org.apache.httpcomponents</groupId>
    <artifactId>httpclient</artifactId>
    <scope>test</scope>
</dependency>
...

配置文件

import org.springframework.context.annotation.Configuration;
import org.springframework.web.servlet.config.annotation.ViewControllerRegistry;
import org.springframework.web.servlet.config.annotation.WebMvcConfigurerAdapter;

@Configuration
public class MvcConfig extends WebMvcConfigurerAdapter {

    @Override
    public void addViewControllers(ViewControllerRegistry registry) {
        registry.addViewController("/").setViewName("forward:/index.html");

        registry.addViewController("/login").setViewName("login");
    }

}

FrontendApp.java:

import org.slf4j.LoggerFactory;
import org.springframework.boot.SpringApplication;
import org.springframework.boot.autoconfigure.SpringBootApplication;
import org.springframework.context.annotation.Import;

import ch.qos.logback.classic.Logger;

 @SpringBootApplication
 @Import(value = MvcConfig.class)
 public class FrontendApp {

      private static Logger logger = (Logger) LoggerFactory.getLogger(FrontendApp.class);

      public static void main(String[] args) {

          SpringApplication app = new SpringApplication(FrontendApp.class);
          app.run(args);
     }

}

安全配置文件

@Configuration
@EnableWebSecurity
@EnableGlobalMethodSecurity(prePostEnabled = true, securedEnabled = true)
public class SecurityConfiguration extends WebSecurityConfigurerAdapter {
    @Autowired
    private CustomAuthenticationProvider customAuthenticationProvider;

    @Autowired
    @Override
    protected void configure(AuthenticationManagerBuilder auth) throws Exception {
         auth.authenticationProvider(this.customAuthenticationProvider);
    }

    @Override
    protected void configure(HttpSecurity http) throws Exception {
         http
            .authorizeRequests()
            .antMatchers("/css/**").permitAll()
            .antMatchers("/resources/**").permitAll()
            .antMatchers("**").permitAll()
            .antMatchers("/login").permitAll()
        .anyRequest().authenticated().and()
        .formLogin()
        .loginPage("/login");
    }

}

我打开了所有的 url，所以我可以检查我是否可以看到/login。
CustomAuthenticationProvider.java

@Component
public class CustomAuthenticationProvider implements AuthenticationProvider {    

    private static final Logger logger = LoggerFactory.getLogger(CustomAuthenticationProvider.class);


    public CustomAuthenticationProvider() {
        logger.info("*** CustomAuthenticationProvider created");
    }

    @Override
    public boolean supports(Class<?> authentication) {
         return UsernamePasswordAuthenticationToken.class.isAssignableFrom(authentication);
    }

    @Override
    public Authentication authenticate(Authentication authentication) throws AuthenticationException {

        if(authentication.getName().equals("karan")  && authentication.getCredentials().equals("saman")) {
            List<GrantedAuthority> grantedAuths = new ArrayList<>();
            grantedAuths.add(new SimpleGrantedAuthority("ROLE_USER"));
            grantedAuths.add(new SimpleGrantedAuthority("ROLE_ADMIN"));
            return new UsernamePasswordAuthenticationToken(authentication.getName(), authentication.getCredentials(), grantedAuths);
         } else {
              return null;
         }
    }

}

当我尝试 localhost:8080/login 时，我会收到以下错误:

Whitelabel Error Page

This application has no explicit mapping for /error, so you are seeing this as a fallback.
There was an unexpected error (type=Internal Server Error, status=500).
Error resolving template "login", template might not exist or might not be accessible by any of the configured Template Resolvers

但是，当我尝试 localhost:8080/时，它将成功重定向到我在 MvcConfig.java 中指定的 index.html。

这是我的 login.html 代码:

   <html xmlns="http://www.w3.org/1999/xhtml" 
         xmlns:th="http://www.thymeleaf.org" 
         xmlns:sec="http://www.thymeleaf.org/thymeleaf-extras-springsecurity3"
         xmlns:layout="http://www.ultraq.net.nz/thymeleaf/layout">

<head>
    <meta charset="utf-8" />
    <title>k</title> 
</head>

我将我的 login.html 粘贴到/src/main/resources/templates 和/src/main/webapp/和/src/main/webapp/templates 中，但它仍然无法正常工作!

Answer 1

好的，所以这是 pom.xml 中的一个简单错误。

<!--<resources>-->
        <!--<resource>-->
            <!--<directory>src/main/resources</directory>-->
            <!--<includes>-->
                <!--<include>*</include>-->
            <!--</includes>-->
            <!--<filtering>true</filtering>-->
        <!--</resource>-->
    <!--</resources>-->

在我从 pom 文件中注释掉这些(如您所见)之后，它运行良好。至少上面的代码可能对其他人有用。