如何在spring security中实现多个入口点?
我试过这个https://www.baeldung.com/spring-security-two-login-pages 但它不起作用,第一个顺序(1)与顺序(2)重叠。
我需要为用户和管理员单独登录页面。
我不使用Spring Boot。我正在使用SpringMVC
@订单(1)
@EnableWebSecurity
@Order(1)
public class UserConfig extends WebSecurityConfigurerAdapter {
@Autowired
public void configure(AuthenticationManagerBuilder auth) throws Exception {
auth
.inMemoryAuthentication()
.withUser("user")
.password(encoder().encode("user"))
.roles("USER");
}
protected void configure(HttpSecurity http) throws Exception {
http
.authorizeRequests()
.antMatchers("/loginUser").anonymous()
.antMatchers("/").permitAll()
.antMatchers("/userPage/**").hasRole("USER")
.anyRequest().authenticated()
.and()
.formLogin()
.loginPage("/loginUser")
.loginProcessingUrl("/user_login")
.defaultSuccessUrl("/userPage")
.failureUrl("/loginUser?error=loginError")
.and()
.logout()
.logoutUrl("/user_logout")
.logoutSuccessUrl("/")
.deleteCookies("JSESSIONID")
.invalidateHttpSession(true)
.and()
.csrf().disable();
}
@Bean
public static PasswordEncoder encoder() {
return new BCryptPasswordEncoder();
}
}@订单(2)
@EnableWebSecurity
@Order(2)
public class AdminConfig extends WebSecurityConfigurerAdapter {
@Autowired
public void configure(AuthenticationManagerBuilder auth) throws Exception {
auth
.inMemoryAuthentication()
.withUser("admin")
.password(encoder().encode("admin"))
.roles("ADMIN");
}
@Override
protected void configure(HttpSecurity http) throws Exception {
http
.authorizeRequests()
.antMatchers("/loginAdmin").anonymous()
.antMatchers("/").permitAll()
.antMatchers("/adminPage/**").hasRole("ADMIN")
.anyRequest().authenticated()
.and()
.formLogin()
.loginPage("/loginAdmin")
.loginProcessingUrl("/admin_login")
.defaultSuccessUrl("/adminPage")
.failureUrl("/loginAdmin?error=loginError")
.and()
.logout()
.logoutUrl("/admin_logout")
.logoutSuccessUrl("/")
.deleteCookies("JSESSIONID")
.invalidateHttpSession(true)
.and()
.csrf().disable();
}
@Bean
public static PasswordEncoder encoder() {
return new BCryptPasswordEncoder();
}
}
暂无答案!
目前还没有任何答案,快来回答吧!