I’m a beginner in spring boot and I have a problem, I coded authentication and authorization and it’s worked successfully and return access token code but id postman
but the problem is there’s no login form, the spring security not loaded it :
This is my dependencies :
<?xml version="1.0" encoding="UTF-8"?>
<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 https://maven.apache.org/xsd/maven-4.0.0.xsd">
<modelVersion>4.0.0</modelVersion>
<parent>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-parent</artifactId>
<version>2.7.0</version>
<relativePath/> <!-- lookup parent from repository -->
</parent>
<groupId>com.example</groupId>
<artifactId>invoices</artifactId>
<version>0.0.1-SNAPSHOT</version>
<name>invoices</name>
<description>Demo project for Spring Boot</description>
<properties>
<java.version>1.8</java.version>
</properties>
<dependencies>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-data-jpa</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-thymeleaf</artifactId>
<version>2.7.0</version>
</dependency>
<dependency>
<groupId>org.projectlombok</groupId>
<artifactId>lombok</artifactId>
<version>1.18.20</version>
<scope>provided</scope>
</dependency>
<dependency>
<groupId>org.webjars</groupId>
<artifactId>jquery</artifactId>
<version>3.4.1</version>
</dependency>
<dependency>
<groupId>org.webjars</groupId>
<artifactId>bootstrap</artifactId>
<version>4.3.1</version>
</dependency>
<dependency>
<groupId>org.webjars</groupId>
<artifactId>webjars-locator-core</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-security</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-web</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-test</artifactId>
<scope>test</scope>
</dependency>
<dependency>
<groupId>io.jsonwebtoken</groupId>
<artifactId>jjwt</artifactId>
<version>0.9.1</version>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-validation</artifactId>
</dependency>
<dependency>
<groupId>org.postgresql</groupId>
<artifactId>postgresql</artifactId>
<scope>runtime</scope>
</dependency>
<dependency>
<groupId>mysql</groupId>
<artifactId>mysql-connector-java</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-devtools</artifactId>
<scope>runtime</scope>
<optional>true</optional>
</dependency>
</dependencies>
<build>
<plugins>
<plugin>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-maven-plugin</artifactId>
</plugin>
</plugins>
</build>
</project>
Also, I Implement a SignUp page, put also not appearing and return this:
I added it to view controller:
@Controller
public class ViewController {
@Autowired
IEmployeeRepository employeeRepository;
@GetMapping("")
public String viewHomePage(){
return "index";
}
@GetMapping("/register")
public String showRegistrationForm(Model model) {
model.addAttribute("user", new Employee());
return "signup_form";
}
@GetMapping("/login")
public String showLoginForm() {
return "login_form";
}
@PostMapping("/process_register")
public String processRegister(Employee user) {
BCryptPasswordEncoder passwordEncoder = new BCryptPasswordEncoder();
String encodedPassword = passwordEncoder.encode(user.getPassword());
user.setPassword(encodedPassword);
employeeRepository.save(user);
return "register_success";
}
@GetMapping("/addCustomer")
public String addCustomer() {
return "addcustomer";
}
@GetMapping("/addItem")
public String addItem() {
return "additem";
}
}
and this is my security config:
@EnableWebSecurity(debug = true)
@CrossOrigin
public class ApplicationSecurityConfig extends WebSecurityConfigurerAdapter {
@Autowired
private IEmployeeRepository userRepo;
@Autowired
JwtTokenFilter jwtTokenFilter;
@Override
protected void configure(AuthenticationManagerBuilder auth) throws Exception {
auth.userDetailsService(
username -> userRepo.findByEmail(username)
.orElseThrow(
() -> new UsernameNotFoundException("User " + username + " not found.")));
}
@Bean
public PasswordEncoder passwordEncoder() {
return new BCryptPasswordEncoder();
}
@Override
@Bean
public AuthenticationManager authenticationManagerBean() throws Exception {
return super.authenticationManagerBean();
}
@Override
protected void configure(HttpSecurity http) throws Exception {
http.csrf().disable();
http.sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS);
http.authorizeRequests().antMatchers("/login").permitAll()
.and().authorizeRequests().antMatchers("/cutomer").hasRole("superuser")
.antMatchers("/abe").hasAnyRole("Superuser, user, auditor")
.and().authorizeRequests().anyRequest().authenticated().and().httpBasic();
http.exceptionHandling()
.authenticationEntryPoint(
(request, response, ex) -> {
response.sendError(
HttpServletResponse.SC_UNAUTHORIZED,
ex.getMessage()
);
}
);
http.addFilterBefore(jwtTokenFilter, UsernamePasswordAuthenticationFilter.class);
}
}
Auth controller:
@RestController
public class AuthController {
@Autowired
AuthenticationManager authenticationManager;
@Autowired
JwtTokenUtil jwtUtil;
@PostMapping("/login")
public ResponseEntity<?> login(@RequestBody @Valid AuthRequest request) {
try {
System.out.println("user data:"+request.getEmail()+ request.getPassword());
Authentication authentication = authenticationManager.authenticate(
new UsernamePasswordAuthenticationToken(
request.getEmail(), request.getPassword())
);
Employee user = (Employee) authentication.getPrincipal();
String accessToken = jwtUtil.generateAccessToken(user);
AuthResponse response = new AuthResponse(user.getEmail(), accessToken);
return ResponseEntity.ok().body(response);
} catch (BadCredentialsException ex) {
return ResponseEntity.status(HttpStatus.UNAUTHORIZED).build();
}
}
}
How can I connect a login page I implement – not require spring security login screen – in html? So when login another screen appears (any screen) And how can I make the registration form accessible too without authentication? And make it as main page?
I’m a beginner, and this is my first time within spring boot, so any kind of helps are welcome so i can complete my work, I don’t how where i should search ..