Home > Software design >  Spring Security -> SecurityConfig causes ERR_TOO_MANY_REDIRECTS
Spring Security -> SecurityConfig causes ERR_TOO_MANY_REDIRECTS

Time:02-01

What is causing "ERROR_TOO_MANY_REDIRECTS" when trying to access the login page in my Spring SecurityConfig? I am not sure if the Problem lies within the SecurityConfig but that's what I assume.

I am using Spring Boot 3.0.2 with the IntelliJ IDE Community Edition.

I have set up my SecurityConfig for my Spring application and it allows users to register successfully. However, when I try to access the login page, I am faced with the "ERROR_TOO_MANY_REDIRECTS" error. I have tried to troubleshoot the issue, but have been unable to find a solution.

I have provided my SecurityConfig code below. Can someone help me identify what is causing this issue and how to resolve it?

package com.fbwgame.config;

import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.core.userdetails.User;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.provisioning.InMemoryUserDetailsManager;
import org.springframework.security.web.SecurityFilterChain;

@Configuration
@EnableWebSecurity
public class SecurityConfig {

    @Bean
    public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception {
        http.authorizeHttpRequests((requests) -> requests
                        .requestMatchers("/", "/index", "/register").permitAll()
                        .anyRequest().authenticated()
                )
                .formLogin((form) -> form
                        .loginPage("/login")
                        .permitAll()
                )
                .logout((logout) -> logout.permitAll());

        return http.build();
    }

    @Bean
    public UserDetailsService userDetailsService() {
        UserDetails user =
                User.withDefaultPasswordEncoder()
                        .username("user")
                        .password("password")
                        .roles("USER")
                        .build();

        return new InMemoryUserDetailsManager(user);
    }
}
  1. Note that if I remove .loginPage("/login") I can access the built-in login-form.
  2. My UserController Class has no Mappings including /login

CodePudding user response:

Try adding an @Controller with a @GetMapping for /login. This is required when customizing the login page as you have done. If you don’t wish to customize the login page, you can remove that line.

Page link:https//www.codepudding.com/Softwaredesign/689343.html

Prev:Immediately return first emitted value from two Monos while continuing to process the other asynchro
Next:Oauth2 jwt token enriched with userinfo enpoint
  • Related

About Us:  Contact Us      Terms of Service       Privacy Policy

Copyright © 2010-2023,Powered By CodePudding