-1
私のアプリケーションを起動したり、ベースURL http://localhost:8180/MyProject/を使ってアクセスすると、ログインページを渡して実際のホームページを表示することになり、最初にログインページをロードしてから、検証後、ホームページを表示する必要があります。提案は高く評価されます!ログインissue spring security
**** **** SecurityConfig
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.authentication.AuthenticationProvider;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.ldap.authentication.ad.ActiveDirectoryLdapAuthenticationProvider;
@Configuration
@EnableWebSecurity
public class SecurityConfiguration extends WebSecurityConfigurerAdapter {
@Autowired
protected void configureGlobal(AuthenticationManagerBuilder auth) throws Exception {
auth.authenticationProvider(activeDirectoryLdapAuthenticationProvider());
}
@Override
protected void configure(HttpSecurity http) throws Exception {
http.authorizeRequests()
.antMatchers("/", "/home").permitAll()
.antMatchers("/admin/**").access("hasRole('ADMIN')")
.and().formLogin().loginPage("/login")
.usernameParameter("ssoId").passwordParameter("password")
.and().csrf()
.and().exceptionHandling().accessDeniedPage("/Access_Denied");
}
@Bean
public AuthenticationProvider activeDirectoryLdapAuthenticationProvider() {
ActiveDirectoryLdapAuthenticationProvider authenticationProvider =
new ActiveDirectoryLdapAuthenticationProvider("", "");
authenticationProvider.setConvertSubErrorCodesToExceptions(true);
authenticationProvider.setUseAuthenticationRequestCredentials(true);
return authenticationProvider;
}
}
MyController
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.security.web.authentication.logout.SecurityContextLogoutHandler;
import org.springframework.stereotype.Controller;
import org.springframework.ui.ModelMap;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
import org.springframework.web.bind.annotation.RequestParam;
import org.springframework.web.bind.annotation.ResponseBody;
@Controller
public class MyController{
@RequestMapping(value="/processAccount", method = RequestMethod.POST)
public @ResponseBody String processRequestAccount(ModelMap model,@RequestParam("accountNumber") String accountNumber,@RequestParam("companyNumber") String companyNumber) {
//String accountNumber = request.getParameter("accountNumber");
String responseMessage = null;
//String companyNumber = request.getParameter("companyNumber");
System.out.println(companyNumber);
MyServiceImpl accService = new MyServiceImpl();
boolean responseFlag = accService.verifyAndProcessAccount(accountNumber, companyNumber);
System.out.println(responseFlag);
if(responseFlag)
{
//model.addAttribute("message", "The account number"+" "+accountNumber+" "+"is processed successfully!");
responseMessage = "The account number"+" "+accountNumber+" "+"is processed successfully!";
}
else
{
responseMessage = "Account number"+" "+accountNumber+" "+"cannot not be found, email has sent to the support team";
}
return responseMessage;
}
@RequestMapping(value = { "/", "/home" }, method = RequestMethod.GET)
public String homePage(ModelMap model) {
model.addAttribute("user", getPrincipal());
model.addAttribute("companyNumber","1");
return "accountsearch";
}
@RequestMapping(value = "/admin", method = RequestMethod.GET)
public String adminPage(ModelMap model) {
model.addAttribute("user", getPrincipal());
return "admin";
}
@RequestMapping(value = "/db", method = RequestMethod.GET)
public String dbaPage(ModelMap model) {
model.addAttribute("user", getPrincipal());
return "dba";
}
@RequestMapping(value = "/Access_Denied", method = RequestMethod.GET)
public String accessDeniedPage(ModelMap model) {
model.addAttribute("user", getPrincipal());
return "accessDenied";
}
@RequestMapping(value = "/login", method = RequestMethod.GET)
public String loginPage() {
return "login";
}
@RequestMapping(value="/logout", method = RequestMethod.GET)
public String logoutPage (HttpServletRequest request, HttpServletResponse response) {
Authentication auth = SecurityContextHolder.getContext().getAuthentication();
if (auth != null){
new SecurityContextLogoutHandler().logout(request, response, auth);
}
return "redirect:/login?logout";
}
private String getPrincipal(){
String userName = null;
Object principal = SecurityContextHolder.getContext().getAuthentication().getPrincipal();
if (principal instanceof UserDetails) {
userName = ((UserDetails)principal).getUsername();
} else {
userName = principal.toString();
}
return userName;
}
}
を試してみてください。私のアンチマッチに何か間違っていますか? – sam
これは、そのページにすべてのユーザーを許可することを意味します。ただし、LDAP ActiveDirectoryLdapAuthenticationProviderを使用する代わりにユーザー名とパスワードをハードコードすると、ログインページを読み込むことができますが、ADを追加すると匿名ユーザーが許可されます。 – sam
私は私のコントローラクラスと関係がありますか?上記のコントローラクラスをペーストしました。私は正しい方向を指示していない場合、リダイレクトについてはわかりませんか?しかし、リダイレクトを変更しようとしたときにも、CSSの表示にも影響があります。 – sam