Spring boot - how to configure multiple login pages?
With my team, we created a Spring application + SAPUI5 portal using Spring Boot. For example, a web application is broken down into three separate locations:
WebApp: - app1 - app2 - app3
To access these applications, we have implemented a login page. Based on the user's role, we redirect users to the exact application.
My Spring security looks like this:
@Override
protected void configure(HttpSecurity http) throws Exception {
http.authorizeRequests()
.antMatchers("/app1/**/*.*")
.permitAll()
.antMatchers("/register.html")
.permitAll()
//
.antMatchers("/app2/*.*")
.hasRole("USER")
//
//
.antMatchers("/login*")
.permitAll()
.antMatchers("/soap/*")
.permitAll()
.antMatchers("/postLogin")
.authenticated()
//
.antMatchers("/app3/*")
//.permitAll()
.hasRole("ADMIN")
//
.anyRequest()
.authenticated()
// log in
.and()
.formLogin()
.loginPage("/login")
.failureUrl("/login?error=loginError")
.defaultSuccessUrl("/postLogin")
// logout
.and().logout().logoutUrl("/**/logout")
.logoutSuccessUrl("/login").deleteCookies("JSESSIONID").and()
.csrf()
.disable()
and of course we have a class with a redirect. We now need to provide a different login page for each application. I tried to configure Spring Security to accept multiple login forms on different pages, but that doesn't work. Is it possible? I've read the documentation, but it's not convincing.
source to share
You should do this by setting up multiple HttpSecurity objects using different instances. It is similar to this question and Spring Security
source to share