Hello, while creating your own login form, there was a problem: when trying to login, an error appears with the message bad credentials (although if you login through the form, everything goes well)
web.xml
& lt; filter & gt;
& lt; filter-name & gt; springSecurityFilterChain & lt; / filter-name & gt;
& lt; filter-class & gt; org.springframework.web.filter.DelegatingFilterProxy & lt; / filter-class & gt;
& lt; / filter & gt;
& lt; filter-mapping & gt;
& lt; filter-name & gt; springSecurityFilterChain & lt; / filter-name & gt;
& lt; url-pattern & gt; / * & lt; / url-pattern & gt;
& lt; / filter-mapping & gt;
& lt; security: http pattern = "/ admin / **" use-expressions = "true" name = "securityFilterChain" create-session = "stateless" & gt;
& lt; security: http-basic / & gt;
& lt; security: intercept-url pattern = "/ **" access = "hasRole ('ADMIN')" / & gt;
& lt; / security: http & gt;
& lt; security: http use-expressions = "true" & gt;
& lt; security: intercept-url pattern = "/ login" access = "permitAll ()" / & gt;
& lt; security: intercept-url pattern = "/ **" access = "isAuthenticated ()" / & gt;
& lt; security: form-login login-page = "/ login"
default-target-url = "/ restaurants"
authentication-failure-url = "/ login? error = true"
login-processing-url = "/ spring_security_check" / & gt;
& lt; security: logout logout-success-url = "/ login" / & gt;
& lt; / security: http & gt;
& lt; security: authentication-manager & gt;
& lt; security: authentication-provider & gt;
& lt; security: user-service & gt;
& lt; security: user name = "[email protected]" password = "pastol" authorities = "ADMIN" / & gt;
& lt; / security: user-service & gt;
& lt;! - & lt; security: jdbc-user-service data-source-ref = "dataSource"
users-by-username-query = "SELECT email, password FROM users WHERE email =?"
authorities-by-username-query = "SELECT u.email, r.role FROM users u, roles r WHERE u.id = r.userid AND u.email =?" / & gt; - & gt;
& lt; / security: authentication-provider & gt;
& lt; / security: authentication-manager & gt;
Login form
& lt; form: form class = "navbar-form navbar-right" role = "form" action = "spring_security_check" method = "post" & gt;
& lt; div class = "form-group" & gt;
& lt; input type = "text" placeholder = "Email" class = "form-control" name = 'username' & gt;
& lt; / div & gt;
& lt; div class = "form-group" & gt;
& lt; input type = "password" placeholder = "Password" class = "form-control" name = 'password' & gt;
& lt; / div & gt;
& lt; button type = "submit" class = "btn btn-success" & gt; Login & lt; / button & gt;
& lt; / form: form & gt;
Answer 1, authority 100%
You did not specify field names in the input form.
& lt; security: form-login login-page = "/ login"
default-target-url = "/ restaurants"
authentication-failure-url = "/ login? error = true"
username-parameter = "username"
password-parameter = "password" / & gt;
Second, why login-processing-url
? When this parameter is set, a method with this url is required, which will process this request. What for? You can also use the standard one. Actually, the error is precisely because this url is missing.
& lt; c: url var = "loginUrl" value = "/ login" / & gt;
& lt; form action = "$ {loginUrl}" method = "post" & gt;
Third, if you have Spring Security 4, take a look at this answer of mine .
Good luck!