Error logging in using Spring Security

0

Recently I started using Spring Security to make my application safe, the problem is that when I hit the login button the correct one was to take me to the application home page, but when clicking you are returning me a .js file that is in the js folder, then I click to go back to the previous page and click log in again and it takes me to the correct page, has this already happened to you? I'll add the images step-by-step:

I'llputthelogincodeandthemethodthatreceivestheSpringSecurityactionandconfiguration:

<!DOCTYPE html>
<html xmlns="http://www.w3.org/1999/xhtml"
	xmlns:th="http://www.thymeleaf.org"
	xmlns:layout="http://www.ultraq.net.nz/thymeleaf/layout"
	xmlns:sec="http://www.thymeleaf.org/thymeleaf-extras-springsecurity4"
	layout:decorator="LayoutPadrao">
<head>
<title>LogSys</title>
</head>

<section layout:fragment="conteudo">
	<body>
		<div class="row">
			<div class="col-sm-4 col-sm-offset-4">
				<div th:if="${param.error}">
					<div class="alert alert-danger">Usuário ou Senha inválidos!</div>
				</div>

				<div th:if="${param.logout}">
					<div class="alert alert-info">Até logo!</div>
				</div>

				<div class="panel panel-info">
					<div class="panel-heading">
						<h3 class="panel-title">ENTRE</h3>
					</div>
					<div class="panel-body">
						<form th:action="@{/entrar}" method="post">
							<div class="form-group">
								<input name="username" class="form-control"
									placeholder="Usuário" />
							</div>

							<div class="form-group">
								<input type="password" name="password" class="form-control"
									placeholder="Senha" />
							</div>

							<div class="form-group">
								<button class="btn btn-primary btn-block">Entrar</button>
							</div>


						</form>
					</div>
				</div>
			</div>
		</div>
</section>

</body>
</html>

Configuration Class:

@Configuration
public class WebSecurityConfig extends WebSecurityConfigurerAdapter {

@Autowired
private ImplementsUserDetailService userDetailsService;

@Override
protected void configure(HttpSecurity http) throws Exception {


    http.
    authorizeRequests()
        .antMatchers(HttpMethod.GET,"/").permitAll()
        .anyRequest()
        .authenticated()
    .and()
    .formLogin()
        .loginPage("/entrar")
        .permitAll()
    .and()
    .logout().logoutRequestMatcher(new AntPathRequestMatcher("/logout"))
        ;
}

@Override
protected void configure(AuthenticationManagerBuilder auth) throws Exception {
    auth.userDetailsService(userDetailsService).passwordEncoder(new BCryptPasswordEncoder());

}

@Override
public void configure(WebSecurity web) throws Exception {
    web.ignoring().antMatchers("/css/**","/fonts/**","/images/**");
}

}

Method that receives the request and returns the page:

@RequestMapping(method = RequestMethod.GET, path = "/entrar")
    public String entrar() {
        return "Entrar";
    }
    
asked by anonymous 21.11.2018 / 12:00

1 answer

0

Friend, you have to ignore the folder where the .js scripts are, I believe this will solve your problem:

@Override 
public void configure(WebSecurity web) throws Exception {
web.ignoring().antMatchers("/js/**", "/css/**","/fonts/**","/images/**"); 
}
    
07.12.2018 / 20:55