java - Spring security 4.x login redirects to '.../favicon' instead of expected URL -


i have spring security java configuration

@configuration @enablewebsecurity public class blogwebsecurityconfigurer extends websecurityconfigureradapter {      @override         public void configure(websecurity web) throws exception {             web.ignoring().antmatchers("/resources/**");         }          @override         protected void configure(httpsecurity http) throws exception {             http                 .authorizerequests()                     .antmatchers("/").permitall()                                        .antmatchers("/resources/**").permitall()                                                            .antmatchers("/detail/**").permitall()                     .antmatchers("/post/**").hasrole("admin")                     .anyrequest().authenticated()                     .and()                 .formlogin()                     .loginpage("/login").defaultsuccessurl("/")                     .permitall()                     .and()                 .logout()                     .logouturl("/logout");         }          @autowired         public void registerglobal(authenticationmanagerbuilder auth) throws exception {           auth               .inmemoryauthentication()                 .withuser("admin")                 .password("admin")                 .roles("user", "admin");           }  } 

and login form

<form name='login' action="<spring:url value='/login'/>" method='post'>         <input class="input-field" type='text' name='username' placeholder="admin name">         <input class="input-field" type='password' name='password' placeholder="admin password" /><br>         <input name="submit" type="submit" value="login" />                    <input type="hidden" name="${_csrf.parametername}" value="${_csrf.token}" />     </form> 

loginlogoutcontroller is

@controller public class loginlogoutcontroller {     @autowired     private blogservice serviceimplementation;      @requestmapping(value = "/login", method = requestmethod.get)     public string adminhome() {              return "login";     }      @requestmapping(value = "/login", method = requestmethod.post)     public string adminlogin(model model) {         model.addattribute("posts", serviceimplementation.getallposts());         return "redirect:/";     }      @requestmapping(value = "/logout", method = requestmethod.get)     public string logoutpage(httpservletrequest request,             httpservletresponse response) {         authentication auth = securitycontextholder.getcontext()                 .getauthentication();         if (auth != null) {             new securitycontextlogouthandler().logout(request, response, auth);         }         return "redirect:/";     } } 

all things work when hit login button takes me

localhost:8080/app/favicon.jpg 

and 404/ not found error after when hit button of browser see self logged in app. how can fix bug security not take /favicon.jpg request suggestions please.

you need make explicit .permitall() /favicon.* in security configuration if isn't stored in /, /resources/**, /detail/** or /post/** or if don't have favicon @ all.

the latter is, because (some) browsers try find 1 , requesting @ url. more sophisticated explanation on see http://blog.codeleak.pl/2014/02/configure-faviconico-in-spring-mvc.html


Comments

Popular posts from this blog

get url and add instance to a model with prefilled foreign key :django admin -

css - Make div keyboard-scrollable in jQuery Mobile? -

ruby on rails - Seeing duplicate requests handled with Unicorn -