Article Directory
Customize the page for user login verification
Previously, our login verification pages in Spring Security are all Spring Security defaults, and by default all access requests need to pass Spring Security login verification first, so can we set some requests that can be accessed directly without Spring Security login verification? Can we customize the login verification page we need to visit? The answer is all yes, please refer to the following for specific operations.
1. Configure in the configuration class of Spring Security
The configuration in the configuration class is as follows:
Note the role of
.anyRequest().
authenticated()
in the above figure . The role of these two methods is to ensure that all requests must be authenticated by login,
except for requests in antMatchers(request).permitAll(), because if antMatchers The permitAll method is called after the method, so the request in antMatchers does not need to be authenticated; if you do not write .anyRequest().authenticated(), then as long as it is not similar to antMatchers("request").hasRole(...) or antMatchers(" Request").hasAuthority(...) can be accessed directly without login authentication. We definitely don’t want this when using SpringSecurity, so we must remember to add .anyRequest().authenticated()
2. Customized login page login.html
The customized login page is shown below:
Why the username and password corresponding to the username and password in the login page login.html must be username and password, please see the regulations in the source code, as shown below:
3. Corresponding controller
The corresponding controller is shown below:
4. Test
After entering the address localhost:8888/test/index in the browser, the login verification page is shown below:
You can find that this is the login page we just customized.