8wDlpd.png
8wDFp9.png
8wDEOx.png
8wDMfH.png
8wDKte.png

Spring Security 配置导致‘重定向过多’错误 - 如何解决?

Edric 2月前

21 0

我正在应用 spring boot security。当我在当前代码中打开浏览器时,它会无限重定向到 \'http://localhost:8080/login\' 并显示错误 \'localhost 已重定向您...

我正在应用 spring boot security。当我在当前代码中打开浏览器时,它会无限重定向到 \'http://localhost:8080/login\' 并显示错误 \'localhost 重定向您太​​多次。\'。由于 formLogin() 已被弃用,我使用了 lambda 表达式。

这是 CustomSecurityConfig 代码:

package edu.library.libraryspringboot.config;

import lombok.RequiredArgsConstructor;
import lombok.extern.log4j.Log4j2;
import org.springframework.boot.autoconfigure.security.servlet.PathRequest;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityCustomizer;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
import org.springframework.security.crypto.password.PasswordEncoder;
import org.springframework.security.web.SecurityFilterChain;

@Log4j2
@Configuration
@RequiredArgsConstructor
public class CustomSecurityConfig {

    @Bean
    public PasswordEncoder passwordEncoder() {
        return new BCryptPasswordEncoder();
    }

    @Bean
    public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {

        log.info("-----------------configuration---------------------");

        //http.formLogin();

        http
                .authorizeHttpRequests(authorize -> {
                    authorize
                            .anyRequest().authenticated();
                })
                .formLogin(formLogin -> {
                    formLogin
                            .loginPage("/login")
                            .permitAll();
                });

        return http.build();
    }

    @Bean
    public WebSecurityCustomizer webSecurityCustomizer() {

        log.info("---------------web configuration---------------------");
        return (web) -> web.ignoring().requestMatchers(PathRequest.toStaticResources().atCommonLocations());
    }
}

这是 CustomUserDetailsS​​ervice 代码。

package edu.library.libraryspringboot.security;

import org.springframework.security.core.userdetails.User;
import lombok.RequiredArgsConstructor;
import lombok.extern.log4j.Log4j2;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.core.userdetails.UsernameNotFoundException;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
import org.springframework.security.crypto.password.PasswordEncoder;
import org.springframework.stereotype.Service;

@Log4j2
@Service
public class CustomUserDetailsService implements UserDetailsService {

    private PasswordEncoder passwordEncoder;

    public CustomUserDetailsService() {
        this.passwordEncoder = new BCryptPasswordEncoder();
    }

    @Override
    public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException {

        log.info("loadUserByUsername: " + username);

        UserDetails userDetails = User.builder()
                .username("user1")
                //.password("1111")
                .password(passwordEncoder.encode("1111")) //Needs password encoding
                .authorities("ROLE_USER")
                .build();

        return userDetails;
    }
}

我想避免代码无限重定向。我应该如何修改代码才能看到登录页面?

先感谢您。

帖子版权声明 1、本帖标题:Spring Security 配置导致‘重定向过多’错误 - 如何解决?
    本站网址:http://xjnalaquan.com/
2、本网站的资源部分来源于网络,如有侵权,请联系站长进行删除处理。
3、会员发帖仅代表会员个人观点,并不代表本站赞同其观点和对其真实性负责。
4、本站一律禁止以任何方式发布或转载任何违法的相关信息,访客发现请向站长举报
5、站长邮箱:yeweds@126.com 除非注明,本帖由Edric在本站《spring-boot》版块原创发布, 转载请注明出处!
最新回复 (0)
返回
作者最近主题: