Shulou(Shulou.com)06/02 Report--

This article shows you how to customize success and failure in Spring security. The content is concise and easy to understand. It will definitely brighten your eyes. I hope you can get something through the detailed introduction of this article.

Implementation steps

1. Copy the source code of the previous example

Rename the package name case3 to case4

Rename Case3Application.java to Case4Application.java

two。 Configure the login page in WebSecurityConfig

Configure the formLogin option in the config (HttpSecurity http) method. The following settings need to be included:

Create SuccessHandler to implement the AuthenticationSuccessHandler interface, and implement the onAuthenticationSuccess method to customize the returned content

Create FailureHandler to implement the AuthenticationFailureHandler interface, and implement the onAuthenticationFailure method to customize the returned content

Add successHandler and failureHandler configurations to the formLogin configuration item

The related code is as follows:

Package net.txt100.learn.springsecurity.base.case4.config;import com.alibaba.fastjson.JSON;import com.alibaba.fastjson.JSONObject;import org.springframework.context.annotation.Bean;import org.springframework.context.annotation.Configuration;import org.springframework.http.HttpStatus;import org.springframework.security.config.annotation.web.builders.HttpSecurity;import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;import org.springframework.security.core.Authentication;import org.springframework.security.core.AuthenticationException Import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;import org.springframework.security.crypto.password.PasswordEncoder;import org.springframework.security.web.authentication.AuthenticationFailureHandler;import org.springframework.security.web.authentication.AuthenticationSuccessHandler;import org.springframework.security.web.authentication.SimpleUrlAuthenticationFailureHandler;import org.springframework.security.web.authentication.SimpleUrlAuthenticationSuccessHandler;import javax.servlet.ServletException;import javax.servlet.http.HttpServletRequest;import javax.servlet.http.HttpServletResponse;import java.io.IOException / * Title: WebSecurityConfig * Package: net.txt100.learn.springsecurity.base.case2.config * Creation date: 2019-08-11 * Description: * * @ author Tonglei * @ since 1.0 * / @ Configurationpublic class WebSecurityConfig extends WebSecurityConfigurerAdapter {@ Bean public PasswordEncoder passwordEncoder () {/ / configure password protection policy. Springsecurity uses bcrypt encryption algorithm by default. / / you can return new BCryptPasswordEncoder () as long as you explicitly declare BCryptPasswordEncoder Bean here;} @ Override protected void configure (HttpSecurity http) throws Exception {AuthenticationSuccessHandler successHandler = new AuthenticationSuccessHandler () {@ Override public void onAuthenticationSuccess (HttpServletRequest request, HttpServletResponse response, Authentication authentication) throws IOException, ServletException {response.setContentType ("application/json;charset=UTF-8"); JSON.writeJSONString (response.getOutputStream (), authentication) }}; AuthenticationFailureHandler failureHandler = new AuthenticationFailureHandler () {@ Override public void onAuthenticationFailure (HttpServletRequest request, HttpServletResponse response, AuthenticationException exception) throws IOException, ServletException {response.setStatus (HttpStatus.INTERNAL_SERVER_ERROR.value ()); response.setContentType ("application/json;charset=UTF-8"); JSON.writeJSONString (response.getOutputStream (), exception) }} Http .csrf () .disable () / / turn off CSRF protection Otherwise, Post request .authorizeRequests () / security configuration for HttpServletRequest is not supported. AntMatrices ("/ login.html"). PermitAll () / / login.html page can access .anyRequest (). Authenticated () / / A pair of Request requires security authentication. And (). FormLogin () .failHandler (successHandler) .failureHandler (failureHandler) .and () .httpBasic () / / define how to authenticate the user, this item represents the pop-up browser authentication window}} the above content is how to customize success and failure in Spring security. Have you learned any knowledge or skills? If you want to learn more skills or enrich your knowledge reserve, you are welcome to follow the industry information channel.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.