I am using spring security 3.0.4 and the code below is related to its config. When I run the program, no page contains css code and only the html file is loaded, and the page is messed up. I also used some stackoverflow links(like this), but none of them worked.
@Configuration
public class SecurityConfig {
public static final String ROLE_PASSENGER = "passenger";
@Bean
public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
http.csrf().ignoringRequestMatchers("/", "/home", "/search", "/search/page")
.and().authorizeHttpRequests()
.requestMatchers("/reserve-flight", "/panel").authenticated()
.requestMatchers("/", "/home", "/search/**").permitAll().and()
.formLogin().loginPage("/login").permitAll().defaultSuccessUrl("/panel")
.failureUrl("/login?error=true").and().logout().permitAll()
.logoutSuccessUrl("/login?logout=true").invalidateHttpSession(true);
return http.build();
}
@Bean
public BCryptPasswordEncoder getEncoder() {
return new BCryptPasswordEncoder();
}
}
Authprovider:
@Component
public class UserPassAuthProvider implements AuthenticationProvider {
private final PassengerDetailsService passengerDetailsService;
private final PasswordEncoder encoder;
public UserPassAuthProvider(PassengerDetailsService passengerDetailsService, PasswordEncoder encoder) {
this.passengerDetailsService = passengerDetailsService;
this.encoder = encoder;
}
@Override
public Authentication authenticate(Authentication authentication) throws AuthenticationException {
String email = authentication.getName();
String password = authentication.getCredentials().toString();
PassengerDetails passenger = passengerDetailsService.findByEmailAddress(email);
if (passenger != null && encoder.matches(password, passenger.getPassword())) {
return new UsernamePasswordAuthenticationToken(email, null, Collections.singleton(() -> ROLE_PASSENGER));
}
return null;
}
@Override
public boolean supports(Class<?> authentication) {
return UsernamePasswordAuthenticationToken.class.equals(authentication);
}
}
homepage:
