我是靠谱客的博主 直率网络,最近开发中收集的这篇文章主要介绍Spring security使用自定义登录界面且显示登录异常信息的例子,觉得挺不错的,现在分享给大家,希望可以做个参考。

概述

eclipse中的工程结构:


1、配置Maven的pom文件:

<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
<modelVersion>4.0.0</modelVersion>
<groupId>SpringSecurity</groupId>
<artifactId>SpringSecurity</artifactId>
<packaging>war</packaging>
<version>0.0.1-SNAPSHOT</version>
<name>SpringSecurity Maven Webapp</name>
<url>http://maven.apache.org</url>
<dependencies>
<dependency>
<groupId>junit</groupId>
<artifactId>junit</artifactId>
<version>3.8.1</version>
<scope>test</scope>
</dependency>
<dependency>
<groupId>org.springframework</groupId>
<artifactId>spring-webmvc</artifactId>
<version>4.2.3.RELEASE</version>
</dependency>
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-web</artifactId>
<version>4.1.0.RELEASE</version>
</dependency>
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-config</artifactId>
<version>4.1.0.RELEASE</version>
</dependency>
<dependency>
<groupId>jstl</groupId>
<artifactId>jstl</artifactId>
<version>1.2</version>
</dependency>
</dependencies>
<build>
<finalName>SpringSecurity</finalName>
</build>
</project>
2、使用注解的方式配置Spring Security:

package com.config;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.ComponentScan;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.web.csrf.CsrfTokenRepository;
import org.springframework.security.web.csrf.HttpSessionCsrfTokenRepository;
@Configuration
@EnableWebSecurity
public class SecurityConfig extends WebSecurityConfigurerAdapter {
@Override
protected void configure(HttpSecurity http) throws Exception {
http.authorizeRequests().
antMatchers("/secure/**").//匹配URL
access("hasRole('ROLE_ADMIN')").//验证登录者角色
and().formLogin().
//login configuration
loginPage("/customLogin.jsp").
failureUrl("/customLogin.jsp?failed=true"). //配置登录失败URL
loginProcessingUrl("/appLogin").
usernameParameter("app_username").
passwordParameter("app_password").
defaultSuccessUrl("/secure/home").
and().logout().
//logout configuration
logoutUrl("/appLogout").
logoutSuccessUrl("/customLogin.jsp");
}
@Autowired
public void configureGlobal(AuthenticationManagerBuilder auth) throws Exception {
auth.inMemoryAuthentication().withUser("ram").password("ram123").roles("ADMIN");
}
} 

3、使用注解配置SpringMVC

package com.config;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.ComponentScan;
import org.springframework.context.annotation.Configuration;
import org.springframework.context.annotation.Import;
import org.springframework.web.servlet.config.annotation.EnableWebMvc;
import org.springframework.web.servlet.view.InternalResourceViewResolver;
@Configuration
@ComponentScan("com")
//扫描文件夹内的类以生产beans
@Import(SecurityConfig.class) //引入Spring Security 配置类
@EnableWebMvc
public class AppConfig {
@Bean
public InternalResourceViewResolver viewResolver() {
InternalResourceViewResolver resolver = new InternalResourceViewResolver();
resolver.setPrefix("/WEB-INF/secure/");
resolver.setSuffix(".jsp");
return resolver;
}
} 

4、创建自定义登录界面:

customLogin.jsp:

<%@ page language="java" contentType="text/html; charset=gbk" pageEncoding="gbk"%>
<%@ taglib uri="http://java.sun.com/jsp/jstl/core" prefix="c" %>
<%@ page session="true" %> <!--如session设置为false,SPRING_SECURITY_LAST_EXCEPTION会始终为null-->
<%@ page isELIgnored="false" %>
<html>
<head>
<title>Spring 4 Security Example</title>
</head>
<body>
<h3>Spring 4 Security Example</h3>
<font color="red">
<c:if test="${param.failed==true }">
<div>login failed,try again!</div>
<c:if test="${not empty SPRING_SECURITY_LAST_EXCEPTION }">
<c:out value="${SPRING_SECURITY_LAST_EXCEPTION.message}"/>
</c:if>
</c:if>
</font>
<form action="<%=request.getContextPath()%>/appLogin" method="POST">
Enter UserName:	<input type="text" name="app_username"/><br/><br/>
Enter Password: <input type="password" name="app_password"/> <br/><br/>
<input type="submit" value="Login"/>
<input type="hidden" name="${_csrf.parameterName}" value="${_csrf.token}"/>
</form>
<body>
</html>
home.jsp:

<%@ taglib uri="http://java.sun.com/jsp/jstl/core" prefix="c" %>
<%@ page session="false" %>
<%@ page isELIgnored="false" %>
<html>
<head>
<title>Spring 4 Security Example</title>
</head>
<body>
<h3>Spring 4 Security Example</h3>
Student Name:
${stdName}
<form action="<%=request.getContextPath()%>/appLogout" method="POST">
<input type="submit" value="Logout"/>
<input type="hidden" name="${_csrf.parameterName}" value="${_csrf.token}"/>
</form>
</body>
</html> 
output.jsp:

<%@ taglib uri="http://java.sun.com/jsp/jstl/core" prefix="c" %>
<%@ page session="false" %>
<%@ page isELIgnored="false" %>
<html>
<head>
<title>Spring 4 Security Example</title>
</head>
<body>
<h3>Spring 4 Security Example</h3>
Student Name:
${stdName}
<form action="<%=request.getContextPath()%>/appLogout" method="POST">
<input type="submit" value="Logout"/>
<input type="hidden" name="${_csrf.parameterName}" value="${_csrf.token}"/>
</form>
</body>
</html> 

student.jsp

<%@taglib uri="http://www.springframework.org/tags/form" prefix="form"%>
<%@ taglib uri="http://java.sun.com/jsp/jstl/core" prefix="c" %>
<%@ page session="false" %>
<%@ page isELIgnored="false" %>
<html>
<head><title>Spring 4 Security Example</title></head>
<body>
<h3>Spring 4 Security Example </h3>
<form:form action="result" method="POST" commandName="student">
<form:input
path="stdId"/> <br/>
<input type="submit" value="Submit">
</form:form>
</body>
</html>
代码下载:https://github.com/angleBeibei/SpringSecurity

参考资料:http://www.concretepage.com/spring-4/spring-4-mvc-security-custom-login-form-and-logout-example-with-csrf-protection-using-annotation-and-xml-configuration


最后

以上就是直率网络为你收集整理的Spring security使用自定义登录界面且显示登录异常信息的例子的全部内容,希望文章能够帮你解决Spring security使用自定义登录界面且显示登录异常信息的例子所遇到的程序开发问题。

如果觉得靠谱客网站的内容还不错,欢迎将靠谱客网站推荐给程序员好友。

本图文内容来源于网友提供,作为学习参考使用,或来自网络收集整理,版权属于原作者所有。
点赞(41)

评论列表共有 0 条评论

立即
投稿
返回
顶部