上一节我们再配置类中配置了两个用户an和an2,现在就来设置一下登录成功handler和失败handler,
@Configuration
public class SecurityConfig extends WebSecurityConfigurerAdapter {
@Bean
PasswordEncoder passwordEncoder() {
return new BCryptPasswordEncoder();
}
@Override
protected void configure(AuthenticationManagerBuilder auth) throws Exception {
auth.inMemoryAuthentication()
.withUser("an").password("$2a$10$xAcjyGL.09bV7wJmRYm3e.QrNnlH5dP7TevGn98DUwjU.kv6yF.bu").roles("admin")
.and()
.withUser("an2").password("$2a$10$wDlXv4/MhAV7q/TEZ66vGufG.uPooRWjHMj3PzMSr6ym3yfZjEg5W").roles("user");
}
@Override
protected void configure(HttpSecurity http) throws Exception {
http.authorizeRequests()
.antMatchers("/admin/**").hasRole("admin") // admin角色才能访问
.antMatchers("/user/**").hasAnyRole("admin", "user")