Clever Geek Handbook

Creating a custom login with spring security

I am creating a custom login form using spring security 3.1, primefaces 5.0, jsf 2.0. Application Access URL: Testing: 8080 / TEST When loading the application, the login page is displayed. When you click submit, the hello.xhtml page appears (URL: testing: 8080 / TEST / welcome). Currently, http 404 is displayed instead of hello.xhtml. I think the problem is with the URL. Can anyone help with this?

spring-security.xml

<beans xmlns="http://www.springframework.org/schema/beans"
xmlns:mvc="http://www.springframework.org/schema/mvc" xmlns:security="http://www.springframework.org/schema/security"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"

xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-3.1.xsd
http://www.springframework.org/schema/security  http://www.springframework.org/schema/security/spring-security-3.1.xsd
http://www.springframework.org/schema/mvc   http://www.springframework.org/schema/mvc/spring-mvc-3.1.xsd">



<security:http auto-config="true" use-expressions="true">
    <security:intercept-url pattern="/login"
        access="permitAll" />
    <security:intercept-url pattern="/loginfailed"
        access="permitAll" />
    <security:intercept-url pattern="/welcome"
        access="permitAll" />

    <security:intercept-url pattern="/admin**"
        access="hasAnyRole('ROLE_USER')" />



    <security:form-login login-page="/login"
        default-target-url="/welcome" always-use-default-target="true"
        authentication-failure-url="/login?error" username-parameter="username"
        password-parameter="password" />

    <security:logout logout-success-url="/login?logout" />
    </security:http>


<security:authentication-manager>
    <security:authentication-provider>
        <security:user-service>
            <security:user name="admin" password="admin"
                authorities="ROLE_USER" />
        </security:user-service>
    </security:authentication-provider>
</security:authentication-manager>

web.xml

 <?xml version="1.0" encoding="UTF-8"?>
 <web-app xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns="http://java.sun.com/xml/ns/javaee" xmlns:web="http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd"
xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_3_0.xsd"
id="WebApp_ID" version="3.0">
<display-name>TEST</display-name>
<welcome-file-list>
    <welcome-file>index.xhtml</welcome-file>
</welcome-file-list>
<servlet>
    <servlet-name>Faces Servlet</servlet-name>
    <servlet-class>javax.faces.webapp.FacesServlet</servlet-class>
</servlet>
<servlet>
    <servlet-name>mvc-dispatcher</servlet-name>
    <servlet-class>org.springframework.web.servlet.DispatcherServlet</servlet-class>
    <load-on-startup>1</load-on-startup>
</servlet>
<servlet-mapping>
    <servlet-name>mvc-dispatcher</servlet-name>
    <url-pattern>/</url-pattern>
</servlet-mapping>

<servlet-mapping>
    <servlet-name>Faces Servlet</servlet-name>
    <url-pattern>*.xhtml</url-pattern>
</servlet-mapping>

<context-param>
    <param-name>javax.faces.DEFAULT_SUFFIX</param-name>
    <param-value>.xhtml</param-value>
</context-param>

<!-- Loads Spring Security config file -->
<context-param>
    <param-name>contextConfigLocation</param-name>
    <param-value>
    classpath:spring-context.xml,/WEB-INF/spring-security.xml
    </param-value>
</context-param>

<!-- Spring Security -->
<filter>
    <filter-name>springSecurityFilterChain</filter-name>
    <filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
</filter>

<filter-mapping>
    <filter-name>springSecurityFilterChain</filter-name>
    <url-pattern>/*</url-pattern>
</filter-mapping>

<listener>
    <listener-class>org.springframework.web.context.ContextLoaderListener</listener-class>
</listener>

index.xhtml

<!DOCTYPE html>
   <html xmlns="http://www.w3.org/1999/xhtml"
    xmlns:h="http://java.sun.com/jsf/html"
    xmlns:f="http://java.sun.com/jsf/core"
    xmlns:ui="http://java.sun.com/jsf/facelets"
     xmlns:c="http://java.sun.com/jsp/jstl/core"
    xmlns:p="http://primefaces.org/ui">

   <f:view>


   <h:head>
        <title>Login Page</title>

  </h:head>
  <h:body>

    <h1>Spring Security Custom Login Form (XML)</h1>

    <div id="login-box">

        <h3>Login with Username and Password</h3>

    <c:if test="${not empty error}">
            <div class="error">${error}</div>
        </c:if>
        <c:if test="${not empty msg}">
            <div class="msg">${msg}</div>
        </c:if> 

        <form name='loginForm' action="j_spring_security_check" method='POST'>

            <table>
                <tr>
                    <td>User:</td>
                    <td><input type='text' name='username' value=''/></td>
                </tr>
                <tr>
                    <td>Password:</td>
                    <td><input type='password' name='password' /></td>
                </tr>
                <tr>
                    <td colspan='2'><input name="submit" type="submit"
                        value="submit" /></td>
                </tr>
            </table>


         </form>
     </div>

  </h:body>

Login.java

package mu.sil.managedBeans;

@Controller
public class Login {

    @RequestMapping(value = "/welcome", method = RequestMethod.POST)
    public ModelAndView welcomePage() {

        ModelAndView model = new ModelAndView();
        model.addObject("title", "Spring Security Custom Login Form");
        model.addObject("message", "This is welcome page!");
        model.setViewName("hello");
        return model;
    }

    @RequestMapping(value = "/admin**", method = RequestMethod.GET)
    public ModelAndView adminPage() {

        ModelAndView model = new ModelAndView();
        model.addObject("title", "Spring Security Custom Login Form");
        model.addObject("message", "This is protected page!");
        model.setViewName("admin");

        return model;
    }

    // Spring Security see this :
    @RequestMapping(value = "/login", method = RequestMethod.GET)
    public ModelAndView login(
            @RequestParam(value = "error", required = false) String error,
            @RequestParam(value = "logout", required = false) String logout) {

        ModelAndView model = new ModelAndView();
        if (error != null) {
            model.addObject("error", "Invalid username and password!");
        }

        if (logout != null) {
            model.addObject("msg", "You've been logged out successfully.");
        }
        model.setViewName("index");

        return model;
    }
}

applicationContext.xml

 <?xml version="1.0" encoding="UTF-8"?>
 <beans xmlns="http://www.springframework.org/schema/beans"
 xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"     xmlns:mvc="http://www.springframework.org/schema/mvc"
  xmlns:context="http://www.springframework.org/schema/context"
xmlns:tx="http://www.springframework.org/schema/tx" 

   xsi:schemaLocation="
       http://www.springframework.org/schema/mvc http://www.springframework.org/schema   /mvc/spring-mvc-3.1.xsd
        http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-3.1.xsd
         http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context-3.1.xsd">
     <import resource="classpath:spring-context.xml" />
     <context:annotation-config />
 </beans>
+3


source to share


1 answer


On clicking submit, the hello.xhtml page should render

greetings will not show up in the url, but the inner page came back - this is what you sat here



model.setViewName ("Hello");

0


source






More articles:


All Articles