In Spring Security 4.0 there is so called Default Login Page which looks like the following:
Dug a bit into the source code I found the Filter org.springframework.security.web.authentication.ui.DefaultLoginPageGeneratingFilter
which renders that login page. Actually, it has private String generateLoginPageHtml(HttpServletRequest request, boolean loginError, boolean logoutSuccess) method, which contains the following code snippet:
if (formLoginEnabled) {
sb.append("<h3>Login with Username and Password</h3>");
sb.append("<form name='f' action='").append(request.getContextPath()).append(authenticationUrl).append("' method='POST'>\n");
sb.append(" <table>\n");
sb.append(" <tr><td>User:</td><td><input type='text' name='");
sb.append(usernameParameter).append("' value='").append("'></td></tr>\n");
sb.append(" <tr><td>Password:</td><td><input type='password' name='").append(passwordParameter).append("'/></td></tr>\n");
if (rememberMeParameter != null) {
sb.append(" <tr><td><input type='checkbox' name='").append(rememberMeParameter).append("'/></td><td>Remember me on this computer.</td></tr>\n");
}
sb.append(" <tr><td colspan='2'><input name=\"submit\" type=\"submit\" value=\"Login\"/></td></tr>\n");
renderHiddenInputs(sb, request);
sb.append(" </table>\n");
sb.append("</form>");
}
The issue is I want to remove that filter from the filter chain in order to customize my login page, located by the http://my-domain/login url. Is it possible?
My security-config:
<http auto-config="true">
<intercept-url pattern="/admin**"
access="hasRole('ROLE_USER')" />
<form-login login-page="/login"
default-target-url="/admin"
authentication-failure-url="/login?error=true"
username-parameter="user"
password-parameter="password"
login-processing-url="/login"/>
<logout logout-success-url="/login?logout" logout-url="/logout" />
</http>
Aucun commentaire:
Enregistrer un commentaire