Ich verwende spring Security 4.0.4
.inMemoryAuthentication hat nicht funktioniert
Aber wenn ich meinen Benutzernamen und Passwort zu '\ Login' posten. es wird immer abgelehnt.
Ich benutze java-base config.
@Configuration
@EnableWebSecurity
public class SecurityConfig extends WebSecurityConfigurerAdapter {
@Autowired
public void configureGlobalSecurity(AuthenticationManagerBuilder auth) throws Exception {
auth.inMemoryAuthentication().withUser("bill").password("abc123").roles("USER");
auth.inMemoryAuthentication().withUser("admin").password("root123").roles("ADMIN");
auth.inMemoryAuthentication().withUser("dba").password("root123").roles("ADMIN","DBA");//dba have two roles.
}
@Override
protected void configure(HttpSecurity http) throws Exception {
http.authorizeRequests()
.antMatchers("/", "/index").access("hasRole('ADMIN')")
.and().formLogin().loginPage("/login")
.usernameParameter("nickname").passwordParameter("password")
.and().csrf()
.and().exceptionHandling().accessDeniedPage("/Access_Denied");
}
}
und meine login.html
<form class="form-horizontal" ng-controller="loginCtrl" action="/login" method="post">
<div class="form-group input-login">
<label class="control-label sr-only">Email</label>
<div class="col-md-12">
<input type="nickname" class="form-control" ng-model="user.username" name="nickname" placeholder="NickName">
</div>
</div>
<div class="form-group input-login">
<label class="control-label sr-only">Password</label>
<div class="col-md-12">
<input type="password" class="form-control" ng-model="user.password" name="password" placeholder="Password">
</div>
</div>
<div class="form-group sub-login">
<div class=" col-md-12">
<button type="submit" class="btn btn-primary btn-login">Login</button>
</div>
</div>
</form>
Ich habe versucht, Post den Spitznamen 'admin' und das Passwort 'root123' .Aber immer denied.I weiß nicht, wo das Problem ist.