Spring Secuirty login redirects to Error Page












0















After Default Spring Security login, no of my controllers redirects to main page.
Code As Follows.
The main problem is that after Completed initialization and after typing spring-security fields specified in application properties there is no errors, just only error page. No redirects.



SecurityConfig. All pom dependencies are also added



@Configuration

@EnableWebSecurity

class SecurityConfiguration extends WebSecurityConfigurerAdapter{





    @Override

    protected void configure(AuthenticationManagerBuilder auth) throws Exception {

        auth.jdbcAuthentication()

                .usersByUsernameQuery(USERS_QUERY)

                .authoritiesByUsernameQuery(ROLES_QUERY)

                .dataSource(dataSource)

                .passwordEncoder(bCryptPasswordEncoder);

    }



    @Override

    protected void configure(HttpSecurity http) throws Exception{

        http.authorizeRequests()

                .antMatchers("/console/**", "/reset", "/login").permitAll()

                .antMatchers("/").permitAll()

                .antMatchers("/login").permitAll()

                .antMatchers("/signup").permitAll()

                .antMatchers("/home/**").hasAuthority("ADMIN").anyRequest()

                .authenticated().and().csrf().disable()

                .formLogin().loginPage("/login").failureUrl("/login?error=true")

                .defaultSuccessUrl("/home",true)

                .usernameParameter("email")

                .passwordParameter("password")

                .and().logout()

                .logoutRequestMatcher(new AntPathRequestMatcher("/logout"))

                .logoutSuccessUrl("/")

                .and().rememberMe()

                .tokenRepository(persistentTokenRepository())

                .tokenValiditySeconds(60*60)

                .and().exceptionHandling().accessDeniedPage("/access_denied");

    }





}


Controller



    @Controller

    public class UserController {



        @Autowired

        private UserService userService;



        @RequestMapping(value= {"/", "/login"}, method=RequestMethod.GET)

        public String login() {

            ModelAndView model = new ModelAndView();



            model.setViewName("user/login");

            return "login";

        }



        @RequestMapping(value= {"/signup"}, method=RequestMethod.GET)

        public ModelAndView signup() {

            ModelAndView model = new ModelAndView();

            User user = new User();

            model.addObject("user", user);

            model.setViewName("user/signup");



            return model;

        }



        @RequestMapping(value= {"/signup"}, method=RequestMethod.POST)

        public ModelAndView createUser(@Valid User user, BindingResult bindingResult) {

            ModelAndView model = new ModelAndView();

            User userExists = userService.findUserByEmail(user.getEmail());



            if(userExists != null) {

                bindingResult.rejectValue("email", "error.user", "This email already exists!");

            }

            if(bindingResult.hasErrors()) {

                model.setViewName("user/signup");

            } else {

                userService.saveUser(user);

                model.addObject("msg", "User has been registered successfully!");

                model.addObject("user", new User());

                model.setViewName("user/signup");

            }



            return model;

        }



        @RequestMapping(value= {"/home/home"}, method=RequestMethod.GET)

        public ModelAndView home() {

            ModelAndView model = new ModelAndView();

            Authentication auth = SecurityContextHolder.getContext().getAuthentication();

            User user = userService.findUserByEmail(auth.getName());



            model.addObject("userName", user.getFirstname() + " " + user.getLastname());

            model.setViewName("home/home");

            return model;

        }

    }


Probably all ant matchers could be okay, besides of this I have no idea, what goes wrong. Is it problem with spring-secuirty ?
Do I have to configure something else in another way ? Thanks for all answers.






java spring spring-security







share|improve this question

























  • What's the meaning of only error page ? How do you login ?

    – chaoluo
    Nov 25 '18 at 10:38











  • I will show this on images. imgur.com/a/BLS1xIE After typing localhost:8080 I got pic nr1 and after typing correct username and password I am redirected to every page included in controllers but as we can se I have whitelabel errorpage.

    – Return.h
    Nov 25 '18 at 10:48











  • What are the params that you send to the login processing filter ? username&password?

    – chaoluo
    Nov 25 '18 at 10:57











  • I've specified them in application.properties. In my DB I have no account so by default are choosen fields from spring-security ( imo, I might be wrong ) as bellow spring.security.user.name=user spring.security.user.password=user

    – Return.h
    Nov 25 '18 at 11:30













  • Could you share the http request when login?

    – chaoluo
    Nov 25 '18 at 11:56


















0















After Default Spring Security login, no of my controllers redirects to main page.
Code As Follows.
The main problem is that after Completed initialization and after typing spring-security fields specified in application properties there is no errors, just only error page. No redirects.



SecurityConfig. All pom dependencies are also added



@Configuration

@EnableWebSecurity

class SecurityConfiguration extends WebSecurityConfigurerAdapter{





    @Override

    protected void configure(AuthenticationManagerBuilder auth) throws Exception {

        auth.jdbcAuthentication()

                .usersByUsernameQuery(USERS_QUERY)

                .authoritiesByUsernameQuery(ROLES_QUERY)

                .dataSource(dataSource)

                .passwordEncoder(bCryptPasswordEncoder);

    }



    @Override

    protected void configure(HttpSecurity http) throws Exception{

        http.authorizeRequests()

                .antMatchers("/console/**", "/reset", "/login").permitAll()

                .antMatchers("/").permitAll()

                .antMatchers("/login").permitAll()

                .antMatchers("/signup").permitAll()

                .antMatchers("/home/**").hasAuthority("ADMIN").anyRequest()

                .authenticated().and().csrf().disable()

                .formLogin().loginPage("/login").failureUrl("/login?error=true")

                .defaultSuccessUrl("/home",true)

                .usernameParameter("email")

                .passwordParameter("password")

                .and().logout()

                .logoutRequestMatcher(new AntPathRequestMatcher("/logout"))

                .logoutSuccessUrl("/")

                .and().rememberMe()

                .tokenRepository(persistentTokenRepository())

                .tokenValiditySeconds(60*60)

                .and().exceptionHandling().accessDeniedPage("/access_denied");

    }





}


Controller



    @Controller

    public class UserController {



        @Autowired

        private UserService userService;



        @RequestMapping(value= {"/", "/login"}, method=RequestMethod.GET)

        public String login() {

            ModelAndView model = new ModelAndView();



            model.setViewName("user/login");

            return "login";

        }



        @RequestMapping(value= {"/signup"}, method=RequestMethod.GET)

        public ModelAndView signup() {

            ModelAndView model = new ModelAndView();

            User user = new User();

            model.addObject("user", user);

            model.setViewName("user/signup");



            return model;

        }



        @RequestMapping(value= {"/signup"}, method=RequestMethod.POST)

        public ModelAndView createUser(@Valid User user, BindingResult bindingResult) {

            ModelAndView model = new ModelAndView();

            User userExists = userService.findUserByEmail(user.getEmail());



            if(userExists != null) {

                bindingResult.rejectValue("email", "error.user", "This email already exists!");

            }

            if(bindingResult.hasErrors()) {

                model.setViewName("user/signup");

            } else {

                userService.saveUser(user);

                model.addObject("msg", "User has been registered successfully!");

                model.addObject("user", new User());

                model.setViewName("user/signup");

            }



            return model;

        }



        @RequestMapping(value= {"/home/home"}, method=RequestMethod.GET)

        public ModelAndView home() {

            ModelAndView model = new ModelAndView();

            Authentication auth = SecurityContextHolder.getContext().getAuthentication();

            User user = userService.findUserByEmail(auth.getName());



            model.addObject("userName", user.getFirstname() + " " + user.getLastname());

            model.setViewName("home/home");

            return model;

        }

    }


Probably all ant matchers could be okay, besides of this I have no idea, what goes wrong. Is it problem with spring-secuirty ?
Do I have to configure something else in another way ? Thanks for all answers.






java spring spring-security







share|improve this question

























  • What's the meaning of only error page ? How do you login ?

    – chaoluo
    Nov 25 '18 at 10:38











  • I will show this on images. imgur.com/a/BLS1xIE After typing localhost:8080 I got pic nr1 and after typing correct username and password I am redirected to every page included in controllers but as we can se I have whitelabel errorpage.

    – Return.h
    Nov 25 '18 at 10:48











  • What are the params that you send to the login processing filter ? username&password?

    – chaoluo
    Nov 25 '18 at 10:57











  • I've specified them in application.properties. In my DB I have no account so by default are choosen fields from spring-security ( imo, I might be wrong ) as bellow spring.security.user.name=user spring.security.user.password=user

    – Return.h
    Nov 25 '18 at 11:30













  • Could you share the http request when login?

    – chaoluo
    Nov 25 '18 at 11:56
















0












0








0








After Default Spring Security login, no of my controllers redirects to main page.
Code As Follows.
The main problem is that after Completed initialization and after typing spring-security fields specified in application properties there is no errors, just only error page. No redirects.



SecurityConfig. All pom dependencies are also added



@Configuration

@EnableWebSecurity

class SecurityConfiguration extends WebSecurityConfigurerAdapter{





    @Override

    protected void configure(AuthenticationManagerBuilder auth) throws Exception {

        auth.jdbcAuthentication()

                .usersByUsernameQuery(USERS_QUERY)

                .authoritiesByUsernameQuery(ROLES_QUERY)

                .dataSource(dataSource)

                .passwordEncoder(bCryptPasswordEncoder);

    }



    @Override

    protected void configure(HttpSecurity http) throws Exception{

        http.authorizeRequests()

                .antMatchers("/console/**", "/reset", "/login").permitAll()

                .antMatchers("/").permitAll()

                .antMatchers("/login").permitAll()

                .antMatchers("/signup").permitAll()

                .antMatchers("/home/**").hasAuthority("ADMIN").anyRequest()

                .authenticated().and().csrf().disable()

                .formLogin().loginPage("/login").failureUrl("/login?error=true")

                .defaultSuccessUrl("/home",true)

                .usernameParameter("email")

                .passwordParameter("password")

                .and().logout()

                .logoutRequestMatcher(new AntPathRequestMatcher("/logout"))

                .logoutSuccessUrl("/")

                .and().rememberMe()

                .tokenRepository(persistentTokenRepository())

                .tokenValiditySeconds(60*60)

                .and().exceptionHandling().accessDeniedPage("/access_denied");

    }





}


Controller



    @Controller

    public class UserController {



        @Autowired

        private UserService userService;



        @RequestMapping(value= {"/", "/login"}, method=RequestMethod.GET)

        public String login() {

            ModelAndView model = new ModelAndView();



            model.setViewName("user/login");

            return "login";

        }



        @RequestMapping(value= {"/signup"}, method=RequestMethod.GET)

        public ModelAndView signup() {

            ModelAndView model = new ModelAndView();

            User user = new User();

            model.addObject("user", user);

            model.setViewName("user/signup");



            return model;

        }



        @RequestMapping(value= {"/signup"}, method=RequestMethod.POST)

        public ModelAndView createUser(@Valid User user, BindingResult bindingResult) {

            ModelAndView model = new ModelAndView();

            User userExists = userService.findUserByEmail(user.getEmail());



            if(userExists != null) {

                bindingResult.rejectValue("email", "error.user", "This email already exists!");

            }

            if(bindingResult.hasErrors()) {

                model.setViewName("user/signup");

            } else {

                userService.saveUser(user);

                model.addObject("msg", "User has been registered successfully!");

                model.addObject("user", new User());

                model.setViewName("user/signup");

            }



            return model;

        }



        @RequestMapping(value= {"/home/home"}, method=RequestMethod.GET)

        public ModelAndView home() {

            ModelAndView model = new ModelAndView();

            Authentication auth = SecurityContextHolder.getContext().getAuthentication();

            User user = userService.findUserByEmail(auth.getName());



            model.addObject("userName", user.getFirstname() + " " + user.getLastname());

            model.setViewName("home/home");

            return model;

        }

    }


Probably all ant matchers could be okay, besides of this I have no idea, what goes wrong. Is it problem with spring-secuirty ?
Do I have to configure something else in another way ? Thanks for all answers.






java spring spring-security







share|improve this question
















After Default Spring Security login, no of my controllers redirects to main page.
Code As Follows.
The main problem is that after Completed initialization and after typing spring-security fields specified in application properties there is no errors, just only error page. No redirects.



SecurityConfig. All pom dependencies are also added



@Configuration

@EnableWebSecurity

class SecurityConfiguration extends WebSecurityConfigurerAdapter{





    @Override

    protected void configure(AuthenticationManagerBuilder auth) throws Exception {

        auth.jdbcAuthentication()

                .usersByUsernameQuery(USERS_QUERY)

                .authoritiesByUsernameQuery(ROLES_QUERY)

                .dataSource(dataSource)

                .passwordEncoder(bCryptPasswordEncoder);

    }



    @Override

    protected void configure(HttpSecurity http) throws Exception{

        http.authorizeRequests()

                .antMatchers("/console/**", "/reset", "/login").permitAll()

                .antMatchers("/").permitAll()

                .antMatchers("/login").permitAll()

                .antMatchers("/signup").permitAll()

                .antMatchers("/home/**").hasAuthority("ADMIN").anyRequest()

                .authenticated().and().csrf().disable()

                .formLogin().loginPage("/login").failureUrl("/login?error=true")

                .defaultSuccessUrl("/home",true)

                .usernameParameter("email")

                .passwordParameter("password")

                .and().logout()

                .logoutRequestMatcher(new AntPathRequestMatcher("/logout"))

                .logoutSuccessUrl("/")

                .and().rememberMe()

                .tokenRepository(persistentTokenRepository())

                .tokenValiditySeconds(60*60)

                .and().exceptionHandling().accessDeniedPage("/access_denied");

    }





}


Controller



    @Controller

    public class UserController {



        @Autowired

        private UserService userService;



        @RequestMapping(value= {"/", "/login"}, method=RequestMethod.GET)

        public String login() {

            ModelAndView model = new ModelAndView();



            model.setViewName("user/login");

            return "login";

        }



        @RequestMapping(value= {"/signup"}, method=RequestMethod.GET)

        public ModelAndView signup() {

            ModelAndView model = new ModelAndView();

            User user = new User();

            model.addObject("user", user);

            model.setViewName("user/signup");



            return model;

        }



        @RequestMapping(value= {"/signup"}, method=RequestMethod.POST)

        public ModelAndView createUser(@Valid User user, BindingResult bindingResult) {

            ModelAndView model = new ModelAndView();

            User userExists = userService.findUserByEmail(user.getEmail());



            if(userExists != null) {

                bindingResult.rejectValue("email", "error.user", "This email already exists!");

            }

            if(bindingResult.hasErrors()) {

                model.setViewName("user/signup");

            } else {

                userService.saveUser(user);

                model.addObject("msg", "User has been registered successfully!");

                model.addObject("user", new User());

                model.setViewName("user/signup");

            }



            return model;

        }



        @RequestMapping(value= {"/home/home"}, method=RequestMethod.GET)

        public ModelAndView home() {

            ModelAndView model = new ModelAndView();

            Authentication auth = SecurityContextHolder.getContext().getAuthentication();

            User user = userService.findUserByEmail(auth.getName());



            model.addObject("userName", user.getFirstname() + " " + user.getLastname());

            model.setViewName("home/home");

            return model;

        }

    }


Probably all ant matchers could be okay, besides of this I have no idea, what goes wrong. Is it problem with spring-secuirty ?
Do I have to configure something else in another way ? Thanks for all answers.






java spring spring-security




java spring spring-security






share|improve this question















share|improve this question













share|improve this question




share|improve this question








edited Nov 25 '18 at 8:40







Return.h

















asked Nov 25 '18 at 8:35









Return.hReturn.h

413




413













  • What's the meaning of only error page ? How do you login ?

    – chaoluo
    Nov 25 '18 at 10:38











  • I will show this on images. imgur.com/a/BLS1xIE After typing localhost:8080 I got pic nr1 and after typing correct username and password I am redirected to every page included in controllers but as we can se I have whitelabel errorpage.

    – Return.h
    Nov 25 '18 at 10:48











  • What are the params that you send to the login processing filter ? username&password?

    – chaoluo
    Nov 25 '18 at 10:57











  • I've specified them in application.properties. In my DB I have no account so by default are choosen fields from spring-security ( imo, I might be wrong ) as bellow spring.security.user.name=user spring.security.user.password=user

    – Return.h
    Nov 25 '18 at 11:30













  • Could you share the http request when login?

    – chaoluo
    Nov 25 '18 at 11:56





















  • What's the meaning of only error page ? How do you login ?

    – chaoluo
    Nov 25 '18 at 10:38











  • I will show this on images. imgur.com/a/BLS1xIE After typing localhost:8080 I got pic nr1 and after typing correct username and password I am redirected to every page included in controllers but as we can se I have whitelabel errorpage.

    – Return.h
    Nov 25 '18 at 10:48











  • What are the params that you send to the login processing filter ? username&password?

    – chaoluo
    Nov 25 '18 at 10:57











  • I've specified them in application.properties. In my DB I have no account so by default are choosen fields from spring-security ( imo, I might be wrong ) as bellow spring.security.user.name=user spring.security.user.password=user

    – Return.h
    Nov 25 '18 at 11:30













  • Could you share the http request when login?

    – chaoluo
    Nov 25 '18 at 11:56



















What's the meaning of only error page ? How do you login ?

– chaoluo
Nov 25 '18 at 10:38





What's the meaning of only error page ? How do you login ?

– chaoluo
Nov 25 '18 at 10:38













I will show this on images. imgur.com/a/BLS1xIE After typing localhost:8080 I got pic nr1 and after typing correct username and password I am redirected to every page included in controllers but as we can se I have whitelabel errorpage.

– Return.h
Nov 25 '18 at 10:48





I will show this on images. imgur.com/a/BLS1xIE After typing localhost:8080 I got pic nr1 and after typing correct username and password I am redirected to every page included in controllers but as we can se I have whitelabel errorpage.

– Return.h
Nov 25 '18 at 10:48













What are the params that you send to the login processing filter ? username&password?

– chaoluo
Nov 25 '18 at 10:57





What are the params that you send to the login processing filter ? username&password?

– chaoluo
Nov 25 '18 at 10:57













I've specified them in application.properties. In my DB I have no account so by default are choosen fields from spring-security ( imo, I might be wrong ) as bellow spring.security.user.name=user spring.security.user.password=user

– Return.h
Nov 25 '18 at 11:30







I've specified them in application.properties. In my DB I have no account so by default are choosen fields from spring-security ( imo, I might be wrong ) as bellow spring.security.user.name=user spring.security.user.password=user

– Return.h
Nov 25 '18 at 11:30















Could you share the http request when login?

– chaoluo
Nov 25 '18 at 11:56







Could you share the http request when login?

– chaoluo
Nov 25 '18 at 11:56














0






active

oldest

votes











Your Answer






StackExchange.ifUsing("editor", function () {
StackExchange.using("externalEditor", function () {
StackExchange.using("snippets", function () {
StackExchange.snippets.init();
});
});
}, "code-snippets");

StackExchange.ready(function() {
var channelOptions = {
tags: "".split(" "),
id: "1"
};
initTagRenderer("".split(" "), "".split(" "), channelOptions);

StackExchange.using("externalEditor", function() {
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled) {
StackExchange.using("snippets", function() {
createEditor();
});
}
else {
createEditor();
}
});

function createEditor() {
StackExchange.prepareEditor({
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: true,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: 10,
bindNavPrevention: true,
postfix: "",
imageUploader: {
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
},
onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
});


}
});














draft saved

draft discarded


















StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f53465871%2fspring-secuirty-login-redirects-to-error-page%23new-answer', 'question_page');
}
);

Post as a guest















Required, but never shown

























0






active

oldest

votes








0






active

oldest

votes









active

oldest

votes






active

oldest

votes
















draft saved

draft discarded




















































Thanks for contributing an answer to Stack Overflow!


  • Please be sure to answer the question. Provide details and share your research!

But avoid



  • Asking for help, clarification, or responding to other answers.

  • Making statements based on opinion; back them up with references or personal experience.


To learn more, see our tips on writing great answers.




draft saved


draft discarded














StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f53465871%2fspring-secuirty-login-redirects-to-error-page%23new-answer', 'question_page');
}
);

Post as a guest















Required, but never shown





















































Required, but never shown














Required, but never shown












Required, but never shown







Required, but never shown

































Required, but never shown














Required, but never shown












Required, but never shown







Required, but never shown







-

Popular posts from this blog

Create new schema in PostgreSQL using DBeaver

Image
0 At the beginning of my current job I had limited access to DB but recently my role is changed to superuser, admin, and owner. My colleague who was the previous DB admin is able to create a schema or change the permissions as there is a permission tab in the properties and he can change permissions by clicking easily. Would you please let me know how I can create schema and change permissions as well? Why his dbeaver looks different from me? He can easily right click on the schema folder on top of all schemas on the left side column and select create new schema while I do not have that, like the following picture I found on the internet. postgresql database-schema dbeaver share | improve this question
Read more

Deepest pit of an array with Javascript: test on Codility

Image
0 $begingroup$ This is the question from a Codility test, as a task in an interview: DeepestPit - problem description A non-empty zero-indexed array A consisting of N integers is given. A pit in this array is any triplet of integers (P, Q, R) such that: ·         0 ≤ P < Q < R < N; ·         sequence [A[P], A[P+1], ..., A[Q]] is strictly decreasing, i.e. A[P] > A[P+1] > ... > A[Q]; ·         sequence A[Q], A[Q+1], ..., A[R] is strictly increasing, i.e. A[Q] < A[Q+1] < ... < A[R]. The depth of a pit (P, Q, R) is the number min {A[P] − A[Q], A[R] − A[Q]}. For example, consider array A consisting of 10 elements such that: A[0] = 0 A[1] = 1 A[2] = 3 A[3] = -2 A[4] = 0 A[5] = 1 A[6] = 0 A[7] = -3 A[8] = 2 A[9] = 3 Triplet (2, 3, 4) is
Read more

Costa Masnaga

Image
.mw-parser-output .avviso .mbox-text-div>div,.mw-parser-output .avviso .mbox-text-full-div>div{font-size:90%}.mw-parser-output .avviso .mbox-image div{width:52px}.mw-parser-output .avviso .mbox-text-full-div .hide-when-compact{display:block} Questa voce o sezione sull'argomento Lombardia non cita le fonti necessarie o quelle presenti sono insufficienti . Puoi migliorare questa voce aggiungendo citazioni da fonti attendibili secondo le linee guida sull'uso delle fonti. Segui i suggerimenti del progetto di riferimento. Costa Masnaga comune Localizzazione Stato   Italia Regione Lombardia Provincia Lecco Amministrazione Sindaco Sabina Panzeri (Al centro il cittadino) dall'08/06/2009 Territorio Coordinate 45°46′N 9°17′E  /  45.766667°N 9.283333°E 45.766667; 9.283333  ( Costa Masnaga ) Coordinate: 45°46′N 9°17′E  /  45.766667°N 9.283333°E 45.766667; 9.283333  ( Costa Masnaga ) Altitudine 318 m s.l.m
Read more