Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- import org.springframework.context.annotation.Bean;
- import org.springframework.context.annotation.ComponentScan;
- import org.springframework.context.annotation.Configuration;
- import org.springframework.context.annotation.Import;
- import org.springframework.web.servlet.config.annotation.*;
- import org.springframework.web.servlet.view.InternalResourceViewResolver;
- import org.springframework.web.servlet.view.JstlView;
- @EnableWebMvc
- @Configuration
- @ComponentScan({ "de.dashboard.spring.web" })
- @Import({ SecurityConfig.class })
- public class AppConfig extends WebMvcConfigurerAdapter {
- @Override
- public void configureDefaultServletHandling(DefaultServletHandlerConfigurer configurer) {
- configurer.enable();
- }
- @Bean
- public InternalResourceViewResolver viewResolver() {
- InternalResourceViewResolver viewResolver = new InternalResourceViewResolver();
- viewResolver.setViewClass(JstlView.class);
- viewResolver.setPrefix("/pages/");
- viewResolver.setSuffix(".jsp");
- return viewResolver;
- }
- }
- import org.springframework.beans.factory.annotation.Autowired;
- import org.springframework.context.annotation.Configuration;
- import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
- import org.springframework.security.config.annotation.web.builders.HttpSecurity;
- import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
- import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
- import org.springframework.security.web.csrf.CookieCsrfTokenRepository;
- @Configuration
- @EnableWebSecurity
- public class SecurityConfig extends WebSecurityConfigurerAdapter {
- @Autowired
- public void configureGlobal(AuthenticationManagerBuilder auth) throws Exception {
- auth.inMemoryAuthentication().withUser("test").password("test").roles("USER");
- }
- @Override
- protected void configure(HttpSecurity http) throws Exception {
- http.authorizeRequests()
- .antMatchers("/login").permitAll()
- .antMatchers("/**").access("hasRole('ROLE_USER')")
- .and()
- .formLogin().loginPage("/login")
- .failureUrl("/login?error")
- .usernameParameter("username").passwordParameter("password")
- .and()
- .csrf();
- }
- }
- @Controller
- public class HelloController {
- @RequestMapping(value = "/login", method = RequestMethod.GET)
- public String login(@RequestParam(value = "error", required = false) String error,
- @RequestParam(value = "logout", required = false) String logout,
- Model model) {
- if (error != null) {
- model.addAttribute("error", "Invalid username and password!");
- }
- if (logout != null) {
- model.addAttribute("msg", "You've been logged out successfully.");
- }
- //Only as test (doesn't work)
- model.addAttribute("error","Test");
- return "login";
- }
- }
- <%@ taglib prefix="c" uri="http://java.sun.com/jsp/jstl/core"%>
- <html>
- <head>
- <title>Login Page</title>
- <style>
- .error {
- padding: 15px;
- margin-bottom: 20px;
- border: 1px solid transparent;
- border-radius: 4px;
- color: #a94442;
- background-color: #f2dede;
- border-color: #ebccd1;
- }
- .msg {
- padding: 15px;
- margin-bottom: 20px;
- border: 1px solid transparent;
- border-radius: 4px;
- color: #31708f;
- background-color: #d9edf7;
- border-color: #bce8f1;
- }
- #login-box {
- width: 300px;
- padding: 20px;
- margin: 100px auto;
- background: #fff;
- -webkit-border-radius: 2px;
- -moz-border-radius: 2px;
- border: 1px solid #000;
- }
- </style>
- </head>
- <body onload='document.loginForm.username.focus();'>
- <h1></h1>
- <div id="login-box">
- <h2>Login with Username and Password</h2>
- <c:if test="${not empty error}">
- <div class="error">${error}</div>
- </c:if>
- <c:if test="${not empty msg}">
- <div class="msg">${msg}</div>
- </c:if>
- <form name='loginForm'
- action="<c:url value='/login' />" method='POST'>
- <table>
- <tr>
- <td>User:</td>
- <td><input type='text' name='username' value=''></td>
- </tr>
- <tr>
- <td>Password:</td>
- <td><input type='password' name='password' /></td>
- </tr>
- <tr>
- <td colspan='2'><input name="submit" type="submit"
- value="submit" /></td>
- </tr>
- </table>
- <input type="hidden" name="${_csrf.parameterName}"
- value="${_csrf.token}" />
- </form>
- </div>
- </body>
- </html>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement