Spring 引导安全无效 requestURI
Spring boot security invalid requestURI
尝试使用 Spring boot 和 thymeleaf 创建一个简单的登录页面。但是由于某种原因,当用户在成功输入详细信息后尝试登录时,会将他们带到无效页面,即 javascript 页面
requestURI: arg1=/js/jquery-1.11.2.min.js; arg2=/login (property not equals)
例如,用户点击 /cms/home 并被带到登录页面,一旦他们登录,他们应该被带回 /cms/home。这是我的代码
@Configuration
@EnableWebMvcSecurity
public class SecurityConfig extends WebSecurityConfigurerAdapter {
@Override
public void configure(HttpSecurity httpSecurity) throws Exception{
httpSecurity
.authorizeRequests()
.antMatchers("/", "/resources/**").permitAll()
.anyRequest().fullyAuthenticated()
.and()
.formLogin()
.loginPage("/login")
.failureUrl("/login?error")
.permitAll()
.and()
.logout()
.logoutUrl("/logout")
.logoutSuccessUrl("/")
.permitAll();
}
@Override
public void configure(WebSecurity security){
security.ignoring().antMatchers("/css/**","/fonts/**","js/**","/CMS/css/**","/CMS/js/**","/libs/**");
}
这是登录页面
<!DOCTYPE html>
<html xmlns="http://www.w3.org/1999/xhtml"
xmlns:th="http://www.thymeleaf.org">
<head>
<meta charset="UTF-8"/>
<link href="../static/css/bootstrap.min.css"
th:href="@{/css/bootstrap.min.css}"
rel="stylesheet" media="screen" />
<script href="../static/js/bootstrap.min.js"
th:href="@{/js/bootstrap.min.js}"
></script>
<script href="../static/js/jquery-1.11.2.min.js"
th:src="@{/js/jquery-1.11.2.min.js}"></script>
<link href="../static/CMS/css/login.css"
th:href="@{/CMS/css/login.css}"
rel="stylesheet" media="screen" />
<title>CMS Login</title>
</head>
<body>
<div class="container">
<div class="row" id="pwd-container">
<div class="col-md-4"></div>
<div class="col-md-4">
<section class="login-form">
<div th:if="${param.error}">
Invalid username and password.
</div>
<div th:if="${param.logout}">
You have been logged out.
</div>
<form th:action="@{/login}" method="post" role="login">
<input type="text" name="username" placeholder="Email" required="" class="form-control input-lg" value="myOwnUser" />
<input type="password" name="password" class="form-control input-lg" id="password" placeholder="Password" required="" value="myOwnPassword"/>
<button type="submit" name="go" class="btn btn-lg btn-primary btn-block">Sign in</button>
<div>
<a href="#">reset password</a>
</div>
</form>
<div class="form-links">
<a href="#">www.website.com</a>
</div>
</section>
</div>
<div class="col-md-4"></div>
</div>
</div>
</body>
</html>
如果有人能提供帮助那就太好了
在你的蚂蚁匹配器中你忘记了 "js/**" 中的 / 所以它不允许加载 /js/jquery-1.11.2.min.js 直到用户登录然后登录后的第一件事您的应用加载现在已授权的文件。
尝试使用 Spring boot 和 thymeleaf 创建一个简单的登录页面。但是由于某种原因,当用户在成功输入详细信息后尝试登录时,会将他们带到无效页面,即 javascript 页面
requestURI: arg1=/js/jquery-1.11.2.min.js; arg2=/login (property not equals)
例如,用户点击 /cms/home 并被带到登录页面,一旦他们登录,他们应该被带回 /cms/home。这是我的代码
@Configuration
@EnableWebMvcSecurity
public class SecurityConfig extends WebSecurityConfigurerAdapter {
@Override
public void configure(HttpSecurity httpSecurity) throws Exception{
httpSecurity
.authorizeRequests()
.antMatchers("/", "/resources/**").permitAll()
.anyRequest().fullyAuthenticated()
.and()
.formLogin()
.loginPage("/login")
.failureUrl("/login?error")
.permitAll()
.and()
.logout()
.logoutUrl("/logout")
.logoutSuccessUrl("/")
.permitAll();
}
@Override
public void configure(WebSecurity security){
security.ignoring().antMatchers("/css/**","/fonts/**","js/**","/CMS/css/**","/CMS/js/**","/libs/**");
}
这是登录页面
<!DOCTYPE html>
<html xmlns="http://www.w3.org/1999/xhtml"
xmlns:th="http://www.thymeleaf.org">
<head>
<meta charset="UTF-8"/>
<link href="../static/css/bootstrap.min.css"
th:href="@{/css/bootstrap.min.css}"
rel="stylesheet" media="screen" />
<script href="../static/js/bootstrap.min.js"
th:href="@{/js/bootstrap.min.js}"
></script>
<script href="../static/js/jquery-1.11.2.min.js"
th:src="@{/js/jquery-1.11.2.min.js}"></script>
<link href="../static/CMS/css/login.css"
th:href="@{/CMS/css/login.css}"
rel="stylesheet" media="screen" />
<title>CMS Login</title>
</head>
<body>
<div class="container">
<div class="row" id="pwd-container">
<div class="col-md-4"></div>
<div class="col-md-4">
<section class="login-form">
<div th:if="${param.error}">
Invalid username and password.
</div>
<div th:if="${param.logout}">
You have been logged out.
</div>
<form th:action="@{/login}" method="post" role="login">
<input type="text" name="username" placeholder="Email" required="" class="form-control input-lg" value="myOwnUser" />
<input type="password" name="password" class="form-control input-lg" id="password" placeholder="Password" required="" value="myOwnPassword"/>
<button type="submit" name="go" class="btn btn-lg btn-primary btn-block">Sign in</button>
<div>
<a href="#">reset password</a>
</div>
</form>
<div class="form-links">
<a href="#">www.website.com</a>
</div>
</section>
</div>
<div class="col-md-4"></div>
</div>
</div>
</body>
</html>
如果有人能提供帮助那就太好了
在你的蚂蚁匹配器中你忘记了 "js/**" 中的 / 所以它不允许加载 /js/jquery-1.11.2.min.js 直到用户登录然后登录后的第一件事您的应用加载现在已授权的文件。