Authentication Spring Security

Asked

Viewed 108 times

3

PROBLEM

How do I have spring security redirect to my project’s custom page?

import org.springframework.context.annotation.Bean;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.core.userdetails.User;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.provisioning.InMemoryUserDetailsManager;
import org.springframework.web.servlet.config.annotation.WebMvcConfigurer;

@EnableWebSecurity
public class WebSecurityConfig implements WebMvcConfigurer{

    @Bean
    public UserDetailsService userDetailsService() {
        InMemoryUserDetailsManager manager = new InMemoryUserDetailsManager();
        manager.createUser(User.withDefaultPasswordEncoder().username("user").password("pass").roles("USER").build());
        return manager;
    }

    protected void configure(HttpSecurity http) {
        try {
            http.authorizeRequests().anyRequest().authenticated().and().formLogin().loginPage("/page").permitAll();
        } catch (Exception e) {
            e.printStackTrace();
        }
    }

}

page.jsp

<%@ page language="java" contentType="text/html; charset=ISO-8859-1"
    pageEncoding="ISO-8859-1"%>
<%@ taglib prefix="c" uri="http://java.sun.com/jsp/jstl/core"%>
<c:url value="/" var="url" />
<!DOCTYPE html>
<html>
<head>
<meta charset="ISO-8859-1">
<link rel="stylesheet" href="${url}assets/css/style.css">
<link rel="stylesheet" href="${url}assets/css/grade.css">
<title>ERP - LOGIN</title>
</head>
<body>
    <section class="conteudo">
        <div class="conteudo-dividido bg-fundo">
            <div class="conteudo-fluido">
                <div class="rows">
                    <div class="col-12">
                        <div class="caixa cx">
                            <form action="login" method="Post">
                                <div class="col-6 d-block m-auto rows px-5 mt-5">
                                    <div class="col-12 mb-3">
                                        <label class="text-label">Usuário</label>
                                        <input type="text" name="username" class="form-campo" placeholder="Usuário" />
                                    </div>
                                    <div class="col-12 mb-3">
                                        <label class="text-label">Senha</label>
                                        <input type="text" name="password" class="form-campo" placeholder="Senha" />
                                    </div>
                                    <button type="submit" class="btn btn-azul d-block m-auto">Entrar</button>
                                </div>
                            </form>
                        </div>
                    </div>
                </div>
            </div>
        </div>
    </section>
</body>
</html>

1 answer

2


To solve the problem I had to use the class Websecurityconfigureradapter. Follows how the project authentication class looked in a simple way.

import org.springframework.context.annotation.Bean;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.core.userdetails.User;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.provisioning.InMemoryUserDetailsManager;

@EnableWebSecurity
public class WebSecurityConfig extends WebSecurityConfigurerAdapter {

    @Bean
    public UserDetailsService userDetailsService() {
        InMemoryUserDetailsManager manager = new InMemoryUserDetailsManager();
        manager.createUser(User.withDefaultPasswordEncoder().username("user").password("pass").roles("USER").build());
        return manager;
    }

    @Override
    protected void configure(HttpSecurity http) throws Exception {
        http.authorizeRequests().anyRequest().authenticated().and().formLogin().loginPage("/autenticacao/login").permitAll();
        super.configure(http);
    }

}


import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.RequestMapping;

@Controller
@RequestMapping("/autenticacao")
public class AutenticacaoController {

    @GetMapping("/login")
    public String formLogin() {
        return "login";
    }

}

    <form action="login" method="Post">
      <div class="col-6 d-block m-auto rows px-5 mt-5">
        <div class="col-12 mb-3">
          <label class="text-label">Usuário</label>
          <input type="text" name="username" class="form-campo" placeholder="Usuário" />
        </div>
        <div class="col-12 mb-3">
          <label class="text-label">Senha</label>
          <input type="text" name="password" class="form-campo" placeholder="Senha" />
        </div>
        <button type="submit" class="btn btn-azul d-block m-auto">Entrar</button>
    </div>
</form>
  • In addition, Spring has a guide on this in https://spring.io/guides/gs/securing-web/

Browser other questions tagged

You are not signed in. Login or sign up in order to post.