Shulou(Shulou.com)06/02 Report--

This article will explain in detail how to customize the login page in Spring security. The content of the article is of high quality. Therefore, Xiaobian shares it with you as a reference. I hope you have a certain understanding of relevant knowledge after reading this article.

implementation steps

1. Copy the source code of the previous example

Renaming package name Case2 to Case3

Rename Case2Application.java to Case3Application.java

2. Configure the login page in WebSecurityConfig

Configure the formLogin option in the config(HttpSecurity http) method. The following settings need to be included:

Release custom login page url, for example: /login. html;

Set login jump page url, for example: /login. html;

Disable csrf protection. If you do not add this item, you need to get the value of csrftoken from the cookie every time and submit it to the server with the form.

The full code is as follows:

package net.txt100.learn.springsecurity.base.case3.config;import org.springframework.context.annotation.Bean;import org.springframework.context.annotation.Configuration;import org.springframework.security.config.annotation.web.builders.HttpSecurity;import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;import org.springframework.security.crypto.password.PasswordEncoder;import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;/** * Title: WebSecurityConfig * Package: net.txt100.learn.springsecurity.base.case3.config * Creation date: 2019-08-11 * Description: * * @author Tonglei * @since 1.0 */@Configurationpublic class WebSecurityConfig extends WebSecurityConfigurerAdapter { @Bean public PasswordEncoder passwordEncoder() { //Configure password protection policy. Spring security uses bcrypt encryption algorithm by default. //Here, just explicitly declare BCryptPasswordEncoder Bean return new BCryptPasswordEncoder(); } @Override protected void configure(HttpSecurity http) throws Exception { UsernamePasswordAuthenticationFilter up; http .csrf().disable() //disable CSRF protection, otherwise Post request is not supported .authorizeRequests() //Security configuration for HttpServletRequest .antMatchers("/login.html").permitAll()//login.html page can be accessed without login .anyRequest().authenticated() //security authentication required for all requests .and().formLogin() The requested URL/login.html was not found on this server. .loginProcessingUrl("/login") //Custom login submission address, default address is/login, default processor is UsernamePasswordAuthenticationFilter// .usernameParameter("/phone_number") //customize login user ID parameter, default is username// .passwordParameter("/check_code") //Custom login password parameter, default is password .and().httpBasic(); //Defines how to authenticate the user, this item represents a pop-up browser authentication window }}3. Create login.html page

Create a new directory src/main/webapp and create the file login.html in that directory. It needs to contain at least:

form tag, and the action is assigned to the loginProcessingUrl configuration address in WebSecurityConfig (default: "/login");

User name parameter, consistent with usernameParameter configuration in WebSecurityConfig (default: "username");

Password parameter, consistent with passwordParameter configuration in WebSecurityConfig (default: "password").

About how to customize the login page in Spring security to share here, I hope the above content can be of some help to everyone, you can learn more knowledge. If you think the article is good, you can share it so that more people can see it.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.