Home > AI > Backend > SpringBoot > spring-boot-starter-security >

Customize login (4) – failureUrl

spring-boot-starter-security shark 3 min read

By default, Spring Security will direct user to /login?error if login failed.

You can customized this behavior by failureUrl

Example

Dependencies

<dependency>
    <groupId>org.springframework.boot</groupId>
    <artifactId>spring-boot-starter-web</artifactId>
</dependency>
 
 
<dependency>
    <groupId>org.springframework.boot</groupId>
    <artifactId>spring-boot-starter-thymeleaf</artifactId>
</dependency>
 
 
<dependency>
    <groupId>org.springframework.boot</groupId>
    <artifactId>spring-boot-starter-security</artifactId>
</dependency>
 
 
<dependency>
    <groupId>org.springframework.security</groupId>
    <artifactId>spring-security-test</artifactId>
    <scope>test</scope>
</dependency>

WebSecurityConfig.java

@Configuration
public class WebSecurityConfig extends WebSecurityConfigurerAdapter {


    @Override
    protected void configure(HttpSecurity http) throws Exception {
        http
                .authorizeRequests()
                    .antMatchers("/").permitAll()
                    .anyRequest().authenticated()
                .and()
                    .formLogin()
                    .loginPage("/login")
                    .defaultSuccessUrl("/login_success")
                    .failureUrl("/login_error")
                    .permitAll();

    }







    @Bean
    public BCryptPasswordEncoder passwordEncoder() {
        return new BCryptPasswordEncoder();
    }

    @Override
    protected void configure(AuthenticationManagerBuilder auth) throws Exception {
        auth.inMemoryAuthentication()
                .passwordEncoder(passwordEncoder())
                .withUser("user")
                .password(passwordEncoder().encode("user"))
                .roles("USER");
    }



}

WebMVCConfig.java

@Configuration
public class WebMVCConfig implements WebMvcConfigurer {
    @Override
    public void addViewControllers(ViewControllerRegistry registry) {

        registry.addViewController("/").setViewName("index");
        registry.addViewController("/home").setViewName("home");

        registry.addViewController("/login").setViewName("login");
        registry.addViewController("/login_success").setViewName("login_success");
        registry.addViewController("/login_error").setViewName("login_error");


    }

}

templates/login.html

<!DOCTYPE html>
<html xmlns:th="http:/www.thymeleaf.org">
<head>
    <meta charset="ISO-8859-1">
    <title>Login - Company ABC</title>
</head>
<body>
<div>
    <form th:action="@{/login}" method="post" style="max-width: 400px; margin: 0 auto;">
        <p>
            Username: <input type="text" name="username" required />
        </p>
        <p>
            Password: <input type="password" name="password" required />
        </p>
        <p>
            <input type="submit" value="Login" />
        </p>
    </form>
</div>
</body>
</html>

templates/login_success.html

<!DOCTYPE html>
<html lang="en">
<head>
    <meta charset="UTF-8">
    <title>Title</title>
</head>
<body>
Login Successfully
</body>
</html>

templates/login_error.html

<!DOCTYPE html>
<html lang="en">
<head>
    <meta charset="UTF-8">
    <title>Title</title>
</head>
<body>
Oops,you log in wrongly.
</body>
</html>

templates/index.html

<!DOCTYPE html>
<html lang="en">
<head>
    <meta charset="UTF-8">
    <title>Title</title>
</head>
<body>
Index (not protected)
</body>
</html>

templates/home.html

<!DOCTYPE html>
<html lang="en">
<head>
    <meta charset="UTF-8">
    <title>Title</title>
</head>
<body>
Home (protected)
</body>
</html>

templates/error.html

<!DOCTYPE html>
<html>
<head>
    <title>Error occurred</title>
</head>
<body>
<h1>Error occurred</h1>

<p>
    An error has occurred. Please contact the administrator; - template generic
</p>

</body>
</html>
Share this post:
Related posts:

Leave a Reply