在上一篇文章 spring security 起步:架構搭建 最後,我們可以看到spring security自動為我們生成了一個預設的登入頁。首先呢 那個登入頁太醜,其次呢登入時我們也想實作一些其他的功能:比如找回密碼,Remember me等。那麼 我們如何實作自定義登入頁功能呢?
添加登入頁 login.jsp
<%@ page language="java" contentType="text/html; charset=UTF-8"
pageEncoding="UTF-8"%>
<%@ taglib prefix="c" uri="http://java.sun.com/jsp/jstl/core"%>
<%@ taglib prefix="fmt" uri="http://java.sun.com/jsp/jstl/fmt"%>
<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<title>Insert title here</title>
<style>
.error {
padding: 15px;
margin-bottom: 20px;
border: 1px solid transparent;
border-radius: 4px;
color: #a94442;
background-color: #f2dede;
border-color: #ebccd1;
}
.msg {
padding: 15px;
margin-bottom: 20px;
border: 1px solid transparent;
border-radius: 4px;
color: #31708f;
background-color: #d9edf7;
border-color: #bce8f1;
}
#login-box {
width: 300px;
padding: 20px;
margin: 100px auto;
background: #fff;
-webkit-border-radius: 2px;
-moz-border-radius: 2px;
border: 1px solid #000;
}
</style>
</head>
<body οnlοad='document.loginForm.username.focus();'>
<div id="login-box">
<h2>請輸入您的使用者名與密碼</h2>
<form name='loginForm' action="" method='POST'>
<table>
<tr>
<td>使用者:</td>
<td><input type='text' name='username' value=''></td>
</tr>
<tr>
<td>密碼:</td>
<td><input type='password' name='password' /></td>
</tr>
<tr>
<td colspan='2'><input name="submit" type="submit" value="登入" /></td>
</tr>
</table>
</form>
</div>
</body>
</html>
實作登入的Controller
@Controller
public class LoginController {
@RequestMapping(value = "/login", method = RequestMethod.GET)
public String loginPage() {
return "login";
}
}
配置spring security
在上面的配置中,通過指定url /login 跳轉到login.jsp頁面。那麼接下來就是告訴spring security 我想使用自己定義的登入頁,而且還要告訴spring security不能攔截我的登入頁面。具體配置如下:
<?xml version="1.0" encoding="UTF-8"?>
<bean:beans xmlns="http://www.springframework.org/schema/security"
xmlns:bean="http://www.springframework.org/schema/beans" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd
http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security.xsd">
<http pattern="/login" security="none"></http>
<http auto-config="true" use-expressions="true">
<intercept-url pattern="/*" access="hasRole('ROLE_USER')" />
<form-login login-page="/login" />
</http>
<authentication-manager alias="authenticationManager">
<authentication-provider>
<user-service>
<user authorities="ROLE_USER" name="guest" password="guest" />
</user-service>
</authentication-provider>
</authentication-manager>
</bean:beans>
啟動項目 可以看到我們自定義的登入頁面
![](https://img.laitimes.com/img/_0nNw4CM6IyYiwiM6ICdiwiIyVGduV2QvwVe0lmdhJ3ZvwFM38CXlZHbvN3cpR2Lc1TPB10QGtWUCpEMJ9CXsxWam9CXwADNvwVZ6l2c052bm9CXUJDT1wkNhVzLcRnbvZ2LcZXUYpVd1kmYr50MZV3YyI2cKJDT29GRjBjUIF2LcRHelR3LcJzLctmch1mclRXY39DN1IjMzYDMwAzNwcDM2EDMy8CX0Vmbu4GZzNmLn9Gbi1yZtl2Lc9CX6MHc0RHaiojIsJye.jpg)
源碼下載下傳
https://github.com/SmallBadFish/spring_security_demo/archive/0.1.0-customlogin.zip