Spring-Security does not work with custom login page

Asked

Viewed 194 times

0

I’m starting in Spring Security (I’m actually new to Spring in general kkk) and I’ve been having a problem for a few days now. First I did test with the default login screen of Spring Security, put user "user" and the password that Spring Security provides, this test gave ok, I succeeded in login. but when trying with my own login page, I am not able to authenticate, I click the button, the screen gives a light charge and nothing happens.

Below I leave my code, if anyone can help me I thank.

Login.html

<html xmlns="http://www.w3.org/1999/xhtml"
    xmlns:th="http://www.thymeleaf.org"
    xmlns:layout="http://www.ultraq.net.nz/thymeleaf/layout">
<head>
<meta charset="UTF-8" />
<title>Login</title>
<link rel="stylesheet" type="text/css" href="/css/bootstrap.min.css" />
<style>
.bd-placeholder-img {
    font-size: 1.125rem;
    text-anchor: middle;
    -webkit-user-select: none;
    -moz-user-select: none;
    -ms-user-select: none;
    user-select: none;
}

@media ( min-width : 768px) {
    .bd-placeholder-img-lg {
        font-size: 3.5rem;
    }
}
</style>
<!-- Custom styles for this template -->
<link href="/css/signin.css" rel="stylesheet">
</head>
<body class="text-center">
    <form class="form-signin" method="POST" th:action="@{/login}">
        <fieldset>
            <div th:if="${param.error}" class="alert alert-error">    
                    Usuario ou Senha invalidos.
            </div>
            <div th:if="${param.logout}" class="alert alert-success"> 
                    Você foi desconectado.
            </div>
            <div class="alert alert-warning" th:if="${!#strings.isEmpty(mensagem)}">
                <span th:text="${mensagem}">Mensagem vem do Controller</span>
            </div>
            <img class="mb-4" src="/images/bootstrap-solid.svg" alt="" width="72"
                height="72">
            <h1 class="h3 mb-3 font-weight-normal">Entrar</h1>
            <label for="inputEmail" class="sr-only">E-mail</label>
            <input type="text" id="username " class="form-control" placeholder="Usuario" required autofocus name="username" th:value="${usuario?.getUsuario()}"/>
            <label for="inputPassword" class="sr-only">Senha</label>
            <input type="password" id="password" class="form-control" placeholder="Senha" required name="password" th:value="${usuario?.getSenha()}"/>
            <div class="checkbox mb-3">
                <a href="/RecupSenha.html">Esqueceu a Senha?</a>
            </div>
            <button class="btn btn-lg btn-primary btn-block" type="submit">Entrar</button>
            <p class="mt-5 mb-3 text-muted">&copy; 2020</p>
        </fieldset>
    </form>
</body>
<script src="/js/bootstrap.min.js"></script>
</body>
</html>

Logincontroller

package com.SystemsSolutions.WebControl.controller;

import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.servlet.ModelAndView;

import com.SystemsSolutions.WebControl.repository.Usuarios;
import com.SystemsSolutions.WebControl.service.UsuarioServices;

@Controller
//@RequestMapping("/login")
public class LoginController {

    @Autowired
    private Usuarios usuarios;
    
    @Autowired
    UsuarioServices segurancaServices;

    @RequestMapping("/login")
    public ModelAndView login() {
        ModelAndView mv = new ModelAndView("Login");
        return mv;
    }
}

Securityconfig

package com.SystemsSolutions.WebControl.security.config;

import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;

@EnableWebSecurity
public class SecurityConfig extends WebSecurityConfigurerAdapter {

    @Override
    protected void configure(HttpSecurity http) throws Exception {
        
        http.authorizeRequests()
            .antMatchers("/css/**", "/js/**", "/images/**").permitAll() //autoriza pastas css, js, images e seus respectivos arquivos
            .antMatchers("/", "home").permitAll()   //autoriza pagina home
            .anyRequest().authenticated()
            .and()
                .formLogin()
                .loginPage("/login")
                .defaultSuccessUrl("/")
                .failureUrl("/login-error")
                .permitAll()
            .and()
                .logout()
                .logoutSuccessUrl("/login");
    }

}

If I comment on the line ". loginPage("/login")" when running the project I use the default Spring-Security login page, I can authenticate user in it normally, but it is not the default page I want to use.

pom.xml

<?xml version="1.0" encoding="UTF-8"?>
<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
    xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 https://maven.apache.org/xsd/maven-4.0.0.xsd">
    <modelVersion>4.0.0</modelVersion>
    <parent>
        <groupId>org.springframework.boot</groupId>
        <artifactId>spring-boot-starter-parent</artifactId>
        <version>2.3.2.RELEASE</version>
        <relativePath/> <!-- lookup parent from repository -->
    </parent>
    <groupId>com.SystemsSolutions</groupId>
    <artifactId>WebControl</artifactId>
    <version>0.0.1-SNAPSHOT</version>
    <packaging>war</packaging>
    <name>WebControl</name>
    <description>Sistema de Gestão</description>

    <properties>
        <java.version>11</java.version>
    </properties>

    <dependencies>
        <dependency>
            <groupId>org.springframework.boot</groupId>
            <artifactId>spring-boot-starter-data-jpa</artifactId>
        </dependency>
        <dependency>
            <groupId>org.springframework.boot</groupId>
            <artifactId>spring-boot-starter-thymeleaf</artifactId>
        </dependency>
        <dependency>
            <groupId>org.springframework.boot</groupId>
            <artifactId>spring-boot-starter-web</artifactId>
        </dependency>
        <dependency>
            <groupId>org.springframework.boot</groupId>
            <artifactId>spring-boot-starter-security</artifactId>
        </dependency>
        <dependency>
            <groupId>org.springframework.boot</groupId>
            <artifactId>spring-boot-devtools</artifactId>
            <scope>runtime</scope>
            <optional>true</optional>
        </dependency>
        <dependency>
            <groupId>com.microsoft.sqlserver</groupId>
            <artifactId>mssql-jdbc</artifactId>
            <scope>runtime</scope>
        </dependency>
        <dependency>
            <groupId>org.springframework.boot</groupId>
            <artifactId>spring-boot-starter-tomcat</artifactId>
            <scope>provided</scope>
        </dependency>
        <dependency>
            <groupId>org.springframework.boot</groupId>
            <artifactId>spring-boot-starter-validation</artifactId>
        </dependency>
        <dependency>
            <groupId>nz.net.ultraq.thymeleaf</groupId>
            <artifactId>thymeleaf-layout-dialect</artifactId>
        </dependency>
        <dependency>
            <groupId>org.springframework.boot</groupId>
            <artifactId>spring-boot-starter-test</artifactId>
            <scope>test</scope>
            <exclusions>
                <exclusion>
                    <groupId>org.junit.vintage</groupId>
                    <artifactId>junit-vintage-engine</artifactId>
                </exclusion>
            </exclusions>
        </dependency>
    </dependencies>

    <build>
        <plugins>
            <plugin>
                <groupId>org.springframework.boot</groupId>
                <artifactId>spring-boot-maven-plugin</artifactId>
            </plugin>
        </plugins>
    </build>
</project>

I think I’ve documented enough in case you need more information let me know. Thank you!

  • Hello Rafael, it is not necessary to add the "solved" suffix to the questions that have accepted answer. The system itself already makes this identification when an answer to the question is accepted. :)

1 answer

0


Browser other questions tagged

You are not signed in. Login or sign up in order to post.