Spring Security Form表单认证

1 <!--  引入 security-->
2 <dependency>
3     <groupId>org.springframework.boot</groupId>
4     <artifactId>spring-boot-starter-security</artifactId>
5 </dependency>

 1 import org.springframework.security.config.annotation.web.builders.HttpSecurity;
 2 import org.springframework.security.config.annotation.web.builders.WebSecurity;
 3 import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
 4 import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
 5 
 6 /**
 7  * @author:
 8  * @date: 2023/1/6
 9  * @description:
10  */
11 @EnableWebSecurity
12 public class SecurityConfig extends WebSecurityConfigurerAdapter {
13 
14     /**
15      * configure
16      *
17      * @param [web]
18      * @return void
19      * @description 配置请求哪些资源时，不需要认证
20      * 
21      */
22     @Override
23     public void configure(WebSecurity web) throws Exception {
24         super.configure(web);
25         web.ignoring()
26                 .antMatchers("/js/**", "/css/**");
27     }
28 
29     /**
30      * configure
31      *
32      * @param [http]
33      * @return void
34      * @description 
35      * 使用defaultSuccessUrl，可以不配置successForwardUrl
36      */
37     @Override
38     protected void configure(HttpSecurity http) throws Exception {
39         // 配置表单认证方式
40         http.authorizeRequests()
41                 //任何请求都需要被认证，必须登录后才能访问
42                 .anyRequest()
43                 .authenticated()
44                 .and()
45                 // 开启表单认证
46                 .formLogin()
47                 //登录页面配置
48                 .loginPage("/login.html")
49                 .permitAll()
50                 //登录成功后，指定跳转到首页(true)
51 //                .defaultSuccessUrl("/index.html", true)
52                 //post请求的登录接口
53                 .loginProcessingUrl("/login")
54                 .successForwardUrl("/success")
55                 //登录失败，用户名或密码错误
56                 .failureUrl("/error.html")
57                 //登录时，携带的用户名和密码的表单的键 login.html中的表单
58                 .usernameParameter("username")
59                 .passwordParameter("password")
60                 .and()
61                 //注销接口
62                 .logout()
63                 //url
64                 .logoutUrl("/logout")
65                 //注销成功后跳转的页面
66                 .logoutSuccessUrl("/login.html")
67                 .permitAll()
68                 //删除自定义的cookie
69                 .deleteCookies("myCookie")
70                 .and()
71                 //关闭csrf防护功能(跨站请求伪造)，否则登录不成功
72                 .csrf()
73                 .disable();
74     }
75 }

 1 import org.springframework.stereotype.Controller;
 2 import org.springframework.web.bind.annotation.GetMapping;
 3 import org.springframework.web.bind.annotation.RequestMapping;
 4 import org.springframework.web.bind.annotation.ResponseBody;
 5 
 6 /**
 7  * @description:
 8  */
 9 @Controller
10 public class SecurityController {
11 
12     @GetMapping("hello")
13     @ResponseBody
14     public String hello(){
15         return "hello security";
16     }
17 
18     @RequestMapping("success")
19     public String success(){
20         return "redirect:index.html";
21     }
22 }

 1 <!DOCTYPE html>
 2 <html lang="en">
 3 <head>
 4     <meta charset="UTF-8">
 5     <meta name="viewport" content="width=device-width, initial-scale=1.0">
 6     <title>Document</title>
 7 </head>
 8 <body>
 9 <div class="main">
10     <form class="login-form" method="post" action="/login">
11         用户名： <input type="text" autocomplete="off"
12                     placeholder="用户名" name="username" required/><br>
13         密码： <input type="password"
14                    autocomplete="off" placeholder="登录密码" name="password" required/><br>
15         <button type="submit" class="enter-btn">登录</button>
16     </form>
17 </div>
18 </body>
19 </html>

 1 <!DOCTYPE html>
 2 <html lang="en">
 3 <head>
 4     <meta charset="UTF-8">
 5     <title>首页</title>
 6 </head>
 7 <body>
 8 <h3>Spring Security首页，欢迎！</h3>
 9 
10 </body>
11 </html>

 1 <!DOCTYPE html>
 2 <html lang="en">
 3 <head>
 4     <meta charset="UTF-8">
 5     <title>Title</title>
 6 </head>
 7 <body>
 8 <h3>登录失败!!!</h3>
 9 </body>
10 </html>