Spring security自定义登录页面不允许我进入[关闭]

Posted 2023-02-27

【中文标题】Spring security自定义登录页面不允许我进入[关闭]

【英文标题】：Spring security customized login page doesn't allow me in [closed]

【发布时间】：2021-06-17 20:28:39

【问题描述】：

通过自定义登录页面登录应用程序时遇到问题。应用程序控制台没有错误，但当我点击登录时，URL 从 http://localhost:8080/login 变为 http： //localhost:8080/login?error。我找不到原因，我会将我的课程和视图放在下面，非常感谢您的帮助。

安全配置类

package myProject.security;

import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.crypto.password.PasswordEncoder;
import org.springframework.security.crypto.password.StandardPasswordEncoder;

import javax.annotation.PostConstruct;
import javax.annotation.PreDestroy;

@SuppressWarnings("deprecation")
@Configuration
@EnableWebSecurity
public class SecurityConfig extends WebSecurityConfigurerAdapter  

    @Autowired
    private UserDetailsService userService;

    @Override
    public void configure(HttpSecurity theHttp) throws Exception 
        theHttp.authorizeRequests()
                .antMatchers("/design", "/order")
                    .access("hasRole('ROLE_USER')")
                .antMatchers("/", "/**")
                    .access("permitAll")
                .and()
                .formLogin()
                    .loginPage("/login")
                    .defaultSuccessUrl("/", true) 
                .and()
                .logout()
                    .logoutSuccessUrl("/login")
                .and()
                .csrf()
                    .ignoringAntMatchers("/h2-console/**")
                .and()
                .headers()
                    .frameOptions()
                    .sameOrigin();
    

    @Bean
    public PasswordEncoder encoder() 
        return new StandardPasswordEncoder("53cr3t");
    

    @Override
    public void configure(AuthenticationManagerBuilder theAuth) throws Exception 
        theAuth.userDetailsService(userService)
                .passwordEncoder(encoder()/*encoder*/);
    

登录视图

<!DOCTYPE html>
<html xmlns="http://www.w3.org/1999/xhtml"
      xmlns:th="http://www.thymeleaf.org">

      <head>
        <title>My Project</title>
      </head>

      <body>
        <h1>Login</h1>
        <img th:src="@/images/image.png">

        <div th:if="$error">
          Unable to login. Check your username and password.
        </div>

        <p>New here? Click
          <a th:href="@/register"> to rgister.</a>
        </p>

        <form method="POST" th:action="@/login" id="loginForm">

          <!-- User name -->
          <label for="username">Username: </label>
          <input type="text" name="username" id="username" /> <br/>
          <!-- Password -->
          <label for="password">Password: </label>
          <input type="password" name="password" id="password" /> <br/>

          <!-- Login button -->
          <input type="submit" value="Login"/>

        </form>

      </body>

</html>

这条线在consloe中：-2021-03-21 09:41:48.380 INFO 9276 --- [nio-8080-exec-3] c.vaadin.flow.spring.SpringInstantiator : The number of beans implementing 'I18NProvider' is 0. Cannot use Spring beans for I18N, falling back to the default behavior

【参考方案1】：

错误出现在UserRepositoryDetailsService 类中。它被注释为@Service，但在我的代码中，@Service 由import org.jvnet.hk2.annotations.Service; 导入。但是它应该从import org.springframework.stereotype.Service; 导入。一旦我解决了它，所有其他问题都解决了。