Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?xml version="1.0" encoding="UTF-8"?>
- <beans:beans xmlns="http://www.springframework.org/schema/security"
- xmlns:beans="http://www.springframework.org/schema/beans"
- xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
- xsi:schemaLocation="http://www.springframework.org/schema/security
- http://www.springframework.org/schema/security/spring-security-4.2.xsd
- http://www.springframework.org/schema/beans
- http://www.springframework.org/schema/beans/spring-beans-4.3.xsd">
- <!--<global-method-security secured-annotations="enabled" />-->
- <http auto-config="true" use-expressions="true" >
- <intercept-url pattern="/mylogin" access="permitAll"/>
- <intercept-url pattern="/admin" access="hasRole('ROLE_ADMIN')" />
- <form-login
- login-page="/mylogin"
- default-target-url="/admin"
- authentication-failure-url="/accessDenied"
- username-parameter="txt_user"
- password-parameter="txt_pwd"/>
- <csrf disabled="true"/>
- </http>
- <authentication-manager>
- <authentication-provider>
- <user-service>
- <user name="admin" password="123" authorities="ROLE_ADMIN"/>
- </user-service>
- </authentication-provider>
- </authentication-manager>
- <%@ taglib prefix="c" uri="http://java.sun.com/jsp/jstl/core" %>
- <%@page contentType="text/html" pageEncoding="UTF-8"%>
- <!DOCTYPE html>
- <html>
- <head>
- <meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
- <title>JSP Page</title>
- </head>
- <body>
- <h1>Hello World!</h1>
- <form name="frmLogin" method="POST" action="<c:url value='mylogin' />">
- <table>
- <tr>
- <td>Enter username: </td>
- <td><input type="text" name="txt_user" /></td>
- </tr>
- <tr>
- <td>Enter password: </td>
- <td><input type="password" name="txt_pwd" /></td>
- </tr>
- <tr>
- <td colspan="2">
- <input type="hidden" name="${_csrf.parameterName}" value="${_csrf.token}" />
- <input type="submit" name="btn_sub" value="OK"/>
- </td>
- </tr>
- </table>
- </form>
- </body>
- @RequestMapping(value="/admin", method=RequestMethod.GET)
- public String adminPage(Model model, Principal principal)
- {
- model.addAttribute("user", principal.getName());
- return "admin";
- }
- @RequestMapping("/mylogin")
- public String loginPage(Model model)
- {
- return "customLogin";
- }
- @RequestMapping(value="/logout", method = RequestMethod.GET)
- public String logoutPage (HttpServletRequest request, HttpServletResponse response)
- {
- Authentication auth = SecurityContextHolder.getContext().getAuthentication();
- if(auth != null)
- new SecurityContextLogoutHandler().logout(request, response, auth);
- return "redirect:/login?logout";
- }
- @RequestMapping(value="/accessDenied", method = RequestMethod.GET)
- public String accessDeniedPage(Model model)
- {
- model.addAttribute("user", getPrincipal());
- return "accessDenied";
- }
Add Comment
Please, Sign In to add comment