通过HttpSecurity.formLogin()开启一个FormLoginConfigurer配置。
FormLoginConfigurer继承自AbstractAuthenticationFilterConfigurer。
loginPage(String loginPage):指定默认登录页面地址。
方法注释:
Specifies the URL to send users to if login is required. If used with WebSecurityConfigurerAdapter a default login page will be generated when this attribute is not specified.
If a URL is specified or this is not being used in conjunction with WebSecurityConfigurerAdapter, users are required to process the specified URL to generate a login page. In general, the login page should create a form that submits a request with the following requirements to work with UsernamePasswordAuthenticationFilter:
· It must be an HTTP POST
· It must be submitted to loginProcessingUrl(String)
· It should include the username as an HTTP parameter by the name of usernameParameter(String)
· It should include the password as an HTTP parameter by the name of passwordParameter(String)
如果不设置,父类AbstractAuthenticationFilterConfigurer构造器会默认为"/login"。
/**
* Creates a new instance with minimal defaults
*/
protected AbstractAuthenticationFilterConfigurer() {
setLoginPage("/login");
}
usernameParameter(String usernameParameter):设置登录时系统读取的用户名属性的属性名。默认为"username"。
方法注释:The HTTP parameter to look for the username when performing authentication. Default is "username".。
passwordParameter(String passwordParameter):设置登录时系统读取的密码属性的属性名。默认为"password"。
方法注释:The HTTP parameter to look for the password when performing authentication. Default is "password".。
failureForwardUrl(String forwardUrl):认证失败后处理逻辑地址。
方法注释:Forward Authentication Failure Handler。
successForwardUrl(String forwardUrl):认证成功后处理逻辑地址。
方法注释:Forward Authentication Success Handler。
