配置如下:
package com.example.securitylogin; import org.springframework.context.annotation.Bean; import org.springframework.context.annotation.Configuration; import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder; import org.springframework.security.config.annotation.web.builders.HttpSecurity; import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter; import org.springframework.security.crypto.password.NoOpPasswordEncoder; import org.springframework.security.crypto.password.PasswordEncoder; /** * @author zyl * @date 2020/11/10 22:33 * @describe 描述 */ @Configuration public class SecurityConfig extends WebSecurityConfigurerAdapter { @Bean PasswordEncoder passwordEncoder() { return NoOpPasswordEncoder.getInstance(); } @Override protected void configure(AuthenticationManagerBuilder auth) throws Exception { auth.inMemoryAuthentication().withUser("zyl").password("123456").roles("admin"); } @Override protected void configure(HttpSecurity http) throws Exception { http.authorizeRequests().anyRequest().authenticated() .and().formLogin().loginPage("/login23.html") // .loginProcessingUrl("/doLogin") .permitAll() .and().csrf().disable(); } }
当没有设置loginProcessingUrl的时候,表单中的登录接口应该也是/login23.html
在static中有login23.html
<form action="/login23.html" method="post">
<input name="username" id="name"/>
<input name="password" id="password"/>
<button type="submit">denglu</button>
</form>
能够变量说明这一点的是:当你在IDEA用shift+F6重命名login23.html的时候,可以发现同时修改了loginPage和action的值为/log23.html
且在action中填写接口的时候,会有一个提示:
需要注意的一点是:当设置.loginProcessingUrl()的时候,例如.loginProcessingUrl("/doLogin")并不是真的需要一个接口doLogin,而只是需要你将form的action改成"/doLogin"即可。