Spring SecurityConfiguration -

i'm having problem code... when run application goes login page instead of going index page security config

protected void configure(httpsecurity http) throws exception {     http.authorizerequests().antmatchers("/index").permitall()             .antmatchers("/login").permitall()             .antmatchers("/admin/**").hasrole("admin")             .antmatchers("/user/**").hasrole("user")             .antmatchers("/dba/**").hasrole("dba").and().formlogin().loginpage("/login")             .loginprocessingurl("/login").usernameparameter("email").passwordparameter("password").and()             .rememberme().remembermeparameter("remember-me").tokenrepository(tokenrepository)             .tokenvalidityseconds(86400).and().csrf().and().exceptionhandling().accessdeniedpage("/access_denied");  }

i have index file when put adress have 404...

don't wrong

update have other issues have changed code to

    @override protected void configure(httpsecurity http) throws exception {     http.authorizerequests()             .antmatchers("/admin*/**").hasrole("admin")             .antmatchers("/user*/**").hasrole("user")             .antmatchers("/dba*/**").hasrole("dba").and().formlogin().loginpage("/index").permitall()             .loginprocessingurl("/login").usernameparameter("email").passwordparameter("password").and()             .rememberme().remembermeparameter("remember-me").tokenrepository(tokenrepository)             .tokenvalidityseconds(86400).and().csrf().and().exceptionhandling().accessdeniedpage("/access_denied"); }

and start index page, choose login, put credentiasl , return index...choosing login again i'm going admin page

this controller

@controller @requestmapping("/") @sessionattributes("roles") public class indexcontroller {      private static final logger logger = loggerfactory.getlogger(atividades.class);      @autowired     atividadesservice as;      @autowired     userservice userservice;      @autowired     userprofileservice userprofileservice;      @autowired     messagesource messagesource;      @autowired     persistenttokenbasedremembermeservices persistenttokenbasedremembermeservices;      @autowired     authenticationtrustresolver authenticationtrustresolver;      @requestmapping(value = { "/"}, method = requestmethod.get)     public string homepage(modelmap model) {         //lista atividades da semana         list<atividades> atividades = as.listallatividades();         model.addattribute("atividades", atividades);         return "index";     }      @requestmapping(value = { "/admin" }, method = requestmethod.get)     public string listusers(modelmap model) {         list<appuser> users = userservice.listallusers();         model.addattribute("users", users);         model.addattribute("loggedinuser", getprincipal());         return "/admin/admin";     }      @modelattribute("roles")     public list<userprofile> initializeprofiles() {         return userprofileservice.findall();     }      @requestmapping(value = "/access_denied", method = requestmethod.get)     public string accessdeniedpage(modelmap model) {         model.addattribute("loggedinuser", getprincipal());         return "accessdenied";     }      @requestmapping(value = "/login", method = requestmethod.get)     public string loginpage() {         if (iscurrentauthenticationanonymous()) {             return "login";         } else {             return "redirect:/admin";         }     }      @requestmapping(value="/logout", method = requestmethod.get)     public string logoutpage (httpservletrequest request, httpservletresponse response){         authentication auth = securitycontextholder.getcontext().getauthentication();         if (auth != null){             //new securitycontextlogouthandler().logout(request, response, auth);             persistenttokenbasedremembermeservices.logout(request, response, auth);             securitycontextholder.getcontext().setauthentication(null);         }         return "redirect:/login?logout";     }      private string getprincipal(){         string username = null;         object principal = securitycontextholder.getcontext().getauthentication().getprincipal();          if (principal instanceof userdetails) {             username = ((userdetails)principal).getusername();         } else {             username = principal.tostring();         }         return username;     }      private boolean iscurrentauthenticationanonymous() {         final authentication authentication = securitycontextholder.getcontext().getauthentication();         return authenticationtrustresolver.isanonymous(authentication);     }  }

i have used debug , when hit login link debugger goes method

@requestmapping(value = "/login", method = requestmethod.get) public string loginpage() {     if (iscurrentauthenticationanonymous()) {         return "login";     } else {         return "redirect:/admin";     } }

and check iscurrentauthenticationanonymous() wich null since didn't provide credentials. happening because main page login...but wanted have index page informations , link (login)..

any here?

you should add .loginpage("/login"); or .loginpage("/index");

for more informations :http://docs.spring.io/spring-security/site/docs/3.2.0.release/guides/form.html

Search This Blog

Breniser

Spring SecurityConfiguration -

Comments

Post a Comment

Popular posts from this blog

javascript - Clear button on addentry page doesn't work -

c# - Selenium Authentication Popup preventing driver close or quit -

tensorflow when input_data MNIST_data , zlib.error: Error -3 while decompressing: invalid block type -