通过HttpSecurity.formLogin()
开启一个FormLoginConfigurer
配置。
FormLoginConfigurer
继承自AbstractAuthenticationFilterConfigurer
。
loginPage(String loginPage)
:指定默认登录页面地址。
方法注释:
Specifies the URL to send users to if login is required. If used with WebSecurityConfigurerAdapter a default login page will be generated when this attribute is not specified.
If a URL is specified or this is not being used in conjunction with WebSecurityConfigurerAdapter, users are required to process the specified URL to generate a login page. In general, the login page should create a form that submits a request with the following requirements to work with UsernamePasswordAuthenticationFilter:
· It must be an HTTP POST
· It must be submitted to loginProcessingUrl(String)
· It should include the username as an HTTP parameter by the name of usernameParameter(String)
· It should include the password as an HTTP parameter by the name of passwordParameter(String)
如果不设置,父类AbstractAuthenticationFilterConfigurer
构造器会默认为"/login"
。
/**
* Creates a new instance with minimal defaults
*/
protected AbstractAuthenticationFilterConfigurer() {
setLoginPage("/login");
}
usernameParameter(String usernameParameter)
:设置登录时系统读取的用户名属性的属性名。默认为"username"
。
方法注释:The HTTP parameter to look for the username when performing authentication. Default is "username".
。
passwordParameter(String passwordParameter)
:设置登录时系统读取的密码属性的属性名。默认为"password"
。
方法注释:The HTTP parameter to look for the password when performing authentication. Default is "password".
。
failureForwardUrl(String forwardUrl)
:认证失败后处理逻辑地址。
方法注释:Forward Authentication Failure Handler
。
successForwardUrl(String forwardUrl)
:认证成功后处理逻辑地址。
方法注释:Forward Authentication Success Handler
。