Adding code in the configuration main class
@Overrideprotected voidConfigure (Httpsecurity http)throwsException {http.authorizerequests (). Antmatchers (Newstring[]{"/js/**", "/css/**", "/picture/**", "/images/**", "/fonts/**", "/**/favicon.ico"}). Permitall (). Antmatchers ("/home/*"). Permitall (). Anyrequest (). Authenticated ()//. Antmatchers (Staticparams.pathregx.noauth,staticparams.pathregx.css,staticparams.pathregx.js, StaticParams.PATHREGX.IMG). Permitall ()//No access rights required//. Antmatchers (StaticParams.PATHREGX.AUTHADMIN). Hasauthority (StaticParams.USERROLE.ROLE_ADMIN)//Admin Role access rights//. Antmatchers (StaticParams.PATHREGX.AUTHUSER). Hasauthority (StaticParams.USERROLE.ROLE_USER)//User role access rights STATICPARAMS custom enumeration. and (). Formlogin (). Successhandler (Zhu ())//Configure Filters. LoginPage ("/login"). Failureurl ("/login?error") //. Defaultsuccessurl ("/equipment/getindex", True). Permitall (). and (). Logout (). Invalidatehttpsession (true)//whether to clear the contents of the HTTP session. Permitall (). and (). CSRF ()//Turn off CSRF verification. disable (); } @Bean PublicMyauthenticationsuccesshandler Zhu () {return NewMyauthenticationsuccesshandler ();//self-written security filter}
View Code
New Myauthenticationsuccesshandler implements Authenticationsuccesshandler interface
/*** * Security Jump Filter *@authorSu Junyuan **/@Component//defining the Filter class Public classMyauthenticationsuccesshandlerImplementsAuthenticationsuccesshandler {@Override Public voidonauthenticationsuccess (httpservletrequest request, httpservletresponse response, authentication arg2) throwsIOException, servletexception {//TODO auto-generated Method StubString f = Request.getparameter ("F"); Add a hidden field named F to the login front-end page formif(Stringutils.isnotempty (f)) {if(F.equals ("su")){ //response.setcharacterencoding ("UTF-8"); //response.getwriter (). Write ("Login succeeded 123"); Response.sendredirect ("/"); } }Else{Request.getrequestdispatcher ("/"). Forward (request, response); } }
Spring boot security implementation jumps to different page functions as appropriate