春季安全性更改spring_security_login表单 [英] spring security changing spring_security_login form

问题描述

我正在使用Spring Security，我想知道如何更改默认登录表单

i am using spring security and i am wondering how to change the default login form

我发现我需要指向新表格的位置.我想保留具有所有登录异常显示的现有默认表单的现有功能.所以我必须先知道如何复制它.

i have found out that i need to point to my new form location. i want to keep the existing functions of the existing default form that has all the login exception display. so i must know how to reproduce it first.

在我的研究中，我偶然发现了它

in my research i come across with it

http://www .codercorp.com/blog/spring/security-spring/spring-security-login-logout-form.html

感谢他提供的代码

<%@ taglib prefix='c' uri='http://java.sun.com/jstl/core_rt' %>
<%@ page import="org.springframework.security.ui.AbstractProcessingFilter" %>
<%@ page import="org.springframework.security.ui.webapp.AuthenticationProcessingFilter" %>
<%@ page import="org.springframework.security.AuthenticationException" %>

<html>
  <head>
    <title>Login</title>
  </head>

  <body>
    <h1>Login</h1>

    <c:if test="${not empty param.login_error}">
      <font color="red">
        Your login attempt was not successful, try again.<br/><br/>
        Reason: <c:out value="${SPRING_SECURITY_LAST_EXCEPTION.message}"/>.
      </font>
    </c:if>

    <form name="f" action="<c:url value='j_spring_security_check'/>" method="POST">
      <table>
        <tr><td>User:</td><td><input type='text' name='j_username' value='<c:if test="${not empty param.login_error}"><c:out value="${SPRING_SECURITY_LAST_USERNAME}"/></c:if>'/></td></tr>
        <tr><td>Password:</td><td><input type='password' name='j_password'></td></tr>
        <tr><td><input type="checkbox" name="_spring_security_remember_me"></td><td>Don't ask for my password for two weeks</td></tr>

        <tr><td colspan='2'><input name="submit" type="submit"></td></tr>
        <tr><td colspan='2'><input name="reset" type="reset"></td></tr>
      </table>
    </form>
  </body>
</html>

但是对于Spring Security 3，该代码似乎无法正常工作.有些库已过时，我将它们一一替换.我将它们更改为以下

but the code seems not working well for spring security 3. some libraries where outdated and i replaced them one by one. i change them to this below

<%@ page import="org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter" %>
<%@ page import="org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter" %>
<%@ page import="org.springframework.security.core.AuthenticationException" %>

，但仍拒绝报告登录错误.我还应该尝试什么?

but it is still refuse to report login errors. what else should i try ?

推荐答案

使用自定义登录页面时，Spring Security不会自动指定由于登录错误而显示的登录页面.您应该手动执行此操作，通常是向authentication-failure-url添加一个参数，您的代码需要一个名为login_error的参数:

When you use a custom login page, Spring Security doesn't automatically specify that your login page was displayed as a result of login error. You should do it manually, usually by adding a parameter to authentication-failure-url, your code expects a parameter named login_error:

<form-login 
    login-page="/login.htm" 
    authentication-failure-url = "/login.htm?login_error=1" />

这篇关于春季安全性更改spring_security_login表单的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！