spring scurity自定义登录方法
<security:http pattern="/plugins/**" security="none"/>
<security:http pattern="/css/**" security="none"/>
<security:http pattern="/js/**" security="none"/>
<security:http pattern="/img/**" security="none"/>
<security:http pattern="/*.html" security="none"/>
<security:http pattern="/shopseller/save" security="none"/>
<security:http pattern="/verify" security="none"/>
<security:http entry-point-ref="entryPoint">
<security:intercept-url pattern="/**" access="hasRole('SELECT')"/>
<security:intercept-url pattern="/mylogin" access="permitAll()"/>
<security:csrf disabled="true"/>
<security:headers>
<security:frame-options policy="SAMEORIGIN"/>
</security:headers>
<security:logout logout-url="/logout"/>
</security:http>
<security:authentication-manager id="authenticationManager">
<security:authentication-provider user-service-ref="userDetailsService">
<security:password-encoder ref="bcryptEncoder"/>
</security:authentication-provider>
</security:authentication-manager>
<bean id="entryPoint"
class="org.springframework.security.web.authentication.LoginUrlAuthenticationEntryPoint">
<constructor-arg name="loginFormUrl" value="/mylogin"/>
</bean>
<bean id="bcryptEncoder" class="org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder"/>
<bean id="userDetailsService" class="com.pinyougou.shop.service.UserDetailsServiceImpl">
<property name="sellerService" ref="SellerService"/>
</bean>
<dubbo:application name="pinyougou.shop.web"/>
<dubbo:registry protocol="zookeeper" address="192.168.126.200:2181"/>
<dubbo:reference id="SellerService" interface="com.pinyougou.service.SellerService"/>
在打开登录页面的时候出现错误
原因是执行/mylogin要求需要权限,没有权限就会重定向到/mylogin,然后如此循环.再看一下xml文件,发现security:intercept-url的顺序写错了
需要先写permitAll(),让/mylogin可以到下面的LoginUrlAuthenticationEntryPoint去寻找自定义的登录方法路径.
改成这样
就可以了