已解決430363個問題，去搜搜看，總會有你想問的

Spring Security 5 身份驗證失敗

首頁猿問 Spring Security 5...

Spring Security 5 身份驗證失敗

Java

烙印99 2022-04-28 17:22:26

我正在嘗試使用 spring security 5 驗證使用。@Configuration@ComponentScan(basePackages = { "com.lashes.studio.security" })@EnableWebSecuritypublic class CustomSecurityService extends WebSecurityConfigurerAdapter { @Autowired private AuthenticationSuccessHandler myAuthenticationSuccessHandler; @Autowired private AuthenticationFailureHandler authenticationFailureHandler; @Autowired private LogoutSuccessHandler myLogoutSuccessHandler; @Autowired private MyUserDetailsService userDetailsService; @Autowired public void configureGlobal(AuthenticationManagerBuilder auth) throws Exception { auth.userDetailsService(userDetailsService).passwordEncoder(SecurityUtils.passwordEncoder()); } @Override protected void configure(HttpSecurity http) throws Exception { http.authorizeRequests() .antMatchers("/", "/mail.js/**", "/font-awesome/**", "/css/**", "/js/**", "/img/**", "/fonts/**", "/login*", "/login*", "/logout*", "/signin/**", "/signup/**", "/customLogin", "/user/registration*", "/registrationConfirm*", "/expiredAccount*", "/registration*", "/badUser*", "/user/resendRegistrationToken*", "/forgetPassword*", "/user/resetPassword*", "/user/changePassword*", "/adminlogin/**", "/eauthenticationmanagerbuildermailError*", "/admin/**", "/admin/js/**", "/resources/**", "/old/user/registration*", "/successRegister*") .permitAll() }

查看完整描述

1 回答

青春有我

TA貢獻1784條經驗獲得超8個贊

在您的登錄頁面中，我沒有看到任何csrf token字段。而且我沒有http.csrf().disable()在您的安全配置中看到，所以我懷疑 Spring Security 拒絕登錄 POST，因為缺少令牌。

例如，一個 JSP 可以有標簽

<input type="hidden"
       name="${_csrf.parameterName}"
       value="${_csrf.token}"/>

https://docs.spring.io/spring-security/site/docs/4.2.x/reference/html/csrf.html

反對回復 2022-04-28

1 回答
0 關注
229 瀏覽

關注

添加回答

舉報

0/150

提交

取消

亚洲在线久爱草,狠狠天天香蕉网,天天搞日日干久草,伊人亚洲日本欧美

熱搜

最近搜索清空

Spring Security 5 身份驗證失敗

Spring Security 5 身份驗證失敗

1 回答

添加回答