Spring Security simple login page cant login

Question

So I am trying to creating simple Login Page with help of the Spring Boot and Security. So what I currently have is custom login page and in memory authentication with one user and role. The problem is that when I am entering proper user/password spirng is not authenticating it as valid data, and redirecting me again to login page, but this time with: /login#error On client side I am using thymeleaf. form snippet:

Configuration class: @Configuration @EnableWebSecurity public class SecurityConfiguration extends WebSecurityConfigurerAdapter { @Override protected void configure(AuthenticationManagerBuilder auth) throws Exception { auth.inMemoryAuthentication()// .withUser("root").password("root").roles("USER"); } @Override protected void configure(HttpSecurity http) throws Exception { http.authorizeRequests() // .antMatchers("/").hasRole("USER") // .antMatchers("/login*").permitAll().and() // .formLogin() // .loginPage("/login")// .loginProcessingUrl("/perform_login")// .and()// .logout()// .permitAll(); } } And controller is simple @Controller @RequestMapping("/login") public class LoginController { @GetMapping public String getLoginPage() { return "login"; } } Any idea what I am doing wrong? JavaScript questions and answers, JavaScript questions pdf, JavaScript question bank, JavaScript questions and answers pdf, mcq on JavaScript pdf, JavaScript questions and solutions, JavaScript mcq Test , Interview JavaScript questions, JavaScript Questions for Interview, JavaScript MCQ (Multiple Choice Questions)

Answer 1

The easiest way (for me) is to make a @Bean and use WebSecurityConfigurerAdapter and implement WebMvcConfigurer to configure everything with few steps. This is the smallest example ever made: @Configuration @SpringBootApplication public class DemoApplication implements WebMvcConfigurer { public static void main(String[] args) { SpringApplication.run(DemoApplication.class, args); } @Controller public class HomeController { @RequestMapping(value = "/", method = RequestMethod.GET) public String home(Model model, Authentication authentication, Principal principal) { if (authentication == null) { return "forward:/login"; } else { model.addAttribute("user", principal.getName()); return "home"; } } } @Bean public WebSecurityConfigurerAdapter webSecurityConfig() { return new WebSecurityConfigurerAdapter() { @Override protected void configure(HttpSecurity http) throws Exception { http.csrf().disable().authorizeRequests() .anyRequest().authenticated() .and().formLogin().loginPage("/login") .defaultSuccessUrl("/") .permitAll() .and().logout().permitAll(); http.headers().frameOptions().disable(); } @Override protected void configure(AuthenticationManagerBuilder builder) throws Exception { builder.authenticationProvider(new AuthenticationProvider() { @Override public Authentication authenticate(Authentication authentication) throws AuthenticationException { String username = authentication.getName(); String password = authentication.getCredentials().toString(); if (username.equals("username") && password.equals("password")) { List grantedAuthorities = new ArrayList<>(); grantedAuthorities.add(new SimpleGrantedAuthority("ROLE_USER")); return new UsernamePasswordAuthenticationToken(username, password, grantedAuthorities); } throw new AuthenticationServiceException("Invalid credentials."); } @Override public boolean supports(Class<?> authentication) { return authentication.equals(UsernamePasswordAuthenticationToken.class); } }); } }; } public void addViewControllers(ViewControllerRegistry registry) { registry.addViewController("/home").setViewName("home"); registry.addViewController("/login").setViewName("login"); } } You said that you are using thymeleaf so lets say your login.html form will be something like this: <!doctype html> login example

And the home.html page when you are logged in: <!doctype html> home page Hello,
sign out