我想要两个不同的登录页面。一份供管理员使用,另一份供用户使用。
@Order(1)当我从静态类中删除注释时,仅使用下面的代码@Order,只有最后一个有效。我在两个不同的ConfigSecurity文件中使用它们,但它不起作用。
我期待他们俩都能工作。然而只有一个在工作。
package com.example.FlightAgency.security;
import com.example.FlightAgency.service.UserService;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.core.annotation.Order;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.crypto.password.NoOpPasswordEncoder;
import org.springframework.security.crypto.password.PasswordEncoder;
import org.springframework.security.web.SecurityFilterChain;
@Configuration
@EnableWebSecurity
public class SecurityConfig {
@Configuration
@Order(1)
public static class App1ConfigurationAdapter {
@Bean
public UserDetailsService userDetailsService() {
return new UserService();
}
@Bean
public PasswordEncoder passwordEncoder() {
return NoOpPasswordEncoder.getInstance();
}
@Bean
public SecurityFilterChain filterChainApp1(HttpSecurity http) throws Exception {
http
.authorizeRequests()
.requestMatchers("/user/**").hasAuthority("USER")
.and()
.formLogin()
.loginPage("/user/login")
.usernameParameter("email")
.loginProcessingUrl("/user/login")
.defaultSuccessUrl("/user/")
.permitAll()
.and()
.logout() …