My Spring Security Config
@Configuration
@EnableWebSecurity
@ComponentScan({"org.app.genesis.client.auth"})
public class SecurityConfig extends WebSecurityConfigurerAdapter {
@Autowired
private AuthenticationProvider customAuthProvider;
@Autowired
public void configureGlobal(AuthenticationManagerBuilder auth) throws Exception {
auth.authenticationProvider(customAuthProvider);
}
@Override
public void configure(HttpSecurity http) throws Exception {
http.authorizeRequests()
.and()
.formLogin().loginPage("/").failureUrl("/?error")
.and()
.logout().logoutSuccessUrl("/?logout")
.and()
.csrf();
}
}
my application.properties
spring.view.prefix: /WEB-INF/jsp/
spring.view.suffix: .jsp
security.basic.enabled=false
logging.level.org.springframework.security=INFO
my Spring boot configuration
@SpringBootApplication
@ComponentScan({"org.app.genesis.client.controller","org.app.genesis.commons.service",
"org.app.genesis.commons.security","org.app.genesis.inventory.service","org.app.genesis.client.auth"})
@EnableJpaRepositories(basePackages = "org.app.genesis.*.repo")
@EntityScan(basePackages = "org.app.genesis.*.model")
public class Application extends SpringBootServletInitializer {
public static void main(String[] args) {
ApplicationContext ctx = SpringApplication.run(Application.class, args);
}
@Override
protected SpringApplicationBuilder configure(SpringApplicationBuilder application) {
return application.sources(Application.class);
}
}
A Gist of my pom.xml
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-tomcat</artifactId>
<scope>provided</scope>
</dependency>
<!-- Spring Framework Dependencies -->
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-web</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-actuator</artifactId>
</dependency>
<dependency>
<groupId>org.apache.tomcat.embed</groupId>
<artifactId>tomcat-embed-jasper</artifactId>
<scope>provided</scope>
</dependency>
<dependency>
<groupId>javax.servlet</groupId>
<artifactId>jstl</artifactId>
<scope>provided</scope>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-security</artifactId>
</dependency>
The login form
<form class="form-signin"name="f" action="${pageContext.request.contextPath}/j_spring_security_check" method="POST">
<fieldset>
<input class="form-control form-group" type="text" name="j_username" placeholder="Username">
<input class="form-control" type="password" name="j_password" placeholder="Password" >
<a class="forgot pull-right" href="#">Forgot password?</a>
<button name="submit" class="btn btn-block btn-primary" type="submit">Sign in</button>
</fieldset>
</form>
The controller that generates the page
@RequestMapping(value="/")
public String index() {
return "index";
}
However upon logging in this error shows
I am trying to migrate my existing security.xml configuration on annotation. but however the said error pops up. here is my security.xml
<?xml version="1.0" encoding="UTF-8"?>
<beans:beans xmlns="http://ift.tt/1c8inpe"
xmlns:beans="http://ift.tt/GArMu6"
xmlns:context="http://ift.tt/GArMu7"
xmlns:xsi="http://ift.tt/ra1lAU"
xsi:schemaLocation="http://ift.tt/GArMu6
http://ift.tt/QEDs1e
http://ift.tt/1c8inpe
http://ift.tt/18sW2ay
http://ift.tt/GArMu7
http://ift.tt/1jdLYo7">
<context:component-scan base-package="org.brightworks.genesis.client.auth"/>
<http pattern="/resources/**" security="none"/>
<http pattern="/index.jsp" security="none"/>
<http>
<intercept-url pattern="/api/*" requires-channel="https"/>
<!--TODO Add RESOURCE PATTERN checker -->
<form-login login-page="/index.jsp" default-target-url="/dashboard"/>
<logout />
</http>
<!-- Test Login values -->
<authentication-manager>
<!--use inMemoryUserDetailsService for faux auth -->
<authentication-provider ref="customAuthenticationProvider"/>
</authentication-manager>
</beans:beans>
Just in case you guys need to see the package structure
Have I missed anything in the configurations?
Aucun commentaire:
Enregistrer un commentaire