I'm currently trying to convert from using the Spring Security XML configuration to the Java class based configuration.
I am using Spring MVC and Spring Security version 3.2.6.RELEASE
I think I've done all the mapping right but it's still not working. When submit my login form I get a 404 for /j_spring_security_check.
Here is the XML config:
<?xml version="1.0" encoding="UTF-8"?>
<beans:beans xmlns="http://ift.tt/1c8inpe"
xmlns:beans="http://ift.tt/GArMu6" xmlns:xsi="http://ift.tt/ra1lAU"
xsi:schemaLocation="http://ift.tt/GArMu6
http://ift.tt/QEDs1e
http://ift.tt/1c8inpe
http://ift.tt/1epvZ6L">
<global-method-security pre-post-annotations="enabled"/>
<beans:bean id="encoder" class="org.springframework.security.crypto.password.StandardPasswordEncoder">
</beans:bean>
<beans:bean id="rememberMeServices" class="org.springframework.security.web.authentication.rememberme.TokenBasedRememberMeServices">
<beans:property name="userDetailsService" ref="myUserDetailsService"/>
<beans:property name="key" value="MYKEY"/>
<beans:property name="cookieName" value="REMEMBER_ME" />
</beans:bean>
<http auto-config="true" use-expressions="true">
<form-login login-page="/login"
default-target-url="/userHome"
authentication-failure-url="/error-login" />
<logout logout-url="/logout" logout-success-url="/" />
<remember-me key="MYKEY" services-ref="rememberMeServices"/>
</http>
<authentication-manager>
<authentication-provider user-service-ref="myUserDetailsService">
<password-encoder ref="encoder" />
</authentication-provider>
</authentication-manager>
</beans:beans>
Here is my attempt to convert this to Java Config
@Configuration
@EnableWebSecurity
@EnableGlobalMethodSecurity(prePostEnabled=true)
public class SecurityConfig extends WebSecurityConfigurerAdapter
{
@Resource(name="myUserDetailsService")
private UserDetailsService myUserDetailsService;
@Bean
public StandardPasswordEncoder encoder()
{
return new StandardPasswordEncoder();
}
@Bean
public TokenBasedRememberMeServices rememberMeServices()
{
TokenBasedRememberMeServices services = new TokenBasedRememberMeServices("MYKEY", myUserDetailsService);
services.setCookieName("REMEMBER_ME");
return services;
}
@Override
protected void configure(HttpSecurity http) throws Exception {
http
.formLogin()
.loginPage("/login")
.defaultSuccessUrl("/userHome")
.failureUrl("/error-login")
.loginProcessingUrl("/j_spring_security_check")
.and()
.logout()
.logoutUrl("/logout")
.logoutSuccessUrl("/")
.and()
.rememberMe()
.key("MYKEY")
.rememberMeServices(rememberMeServices());
}
@Autowired
public void registerAuthentication(AuthenticationManagerBuilder auth) throws Exception {
auth.userDetailsService(myUserDetailsService).passwordEncoder(encoder());
}
}
All I am doing is @ImportResource("classpath:spring-security.xml") from my WebAppConfig file and adding the Java config class instead but when I do this I get page not found for /j_spring_security_check.
What am I missing?
Aucun commentaire:
Enregistrer un commentaire