# Create a custom login page

By
Paul Tomoiu
In 
Published 2022-12-03

This tutorial explains how you can create custom login form with Spring 5.

Adding/ creating a custom login page is a common task in Web Application development. This you send the user to a login form with more useful information and can be the entry point into your application.

Supposing you are a secured web application which use the default login page. You can take a look at the tutorial named SPRING SECURITY: Secure Web Application.

I will use this application and I will add a custom login page to it.

This task is very simple and you have to:

  1. create the login page (a normal web page with a submission form inside). Here it is a simple example:

  2. Add the code needed into the Web Controller (WebController.java in my case):

  3. Add security rules into the security configuration (WebSecurityConfig class in my case):

package com.example.config;
 
import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.crypto.factory.PasswordEncoderFactories;
import org.springframework.security.crypto.password.NoOpPasswordEncoder;
import org.springframework.security.crypto.password.PasswordEncoder;
 
@Configuration
@EnableWebSecurity
public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
 
    @Override
    protected void configure(AuthenticationManagerBuilder auth) throws Exception {
        PasswordEncoder passwordEncoder = PasswordEncoderFactories.createDelegatingPasswordEncoder();
         
        String encoded = passwordEncoder.encode("pass1");
         
        System.out.println("encoded="+encoded);
         
        auth.inMemoryAuthentication().passwordEncoder(NoOpPasswordEncoder.getInstance())
            .withUser("user").password("u").authorities("USER")
            .and()
            .withUser("admin").password("a").authorities("USER","ADMIN");
    }
     
    @Override
    protected void configure(HttpSecurity http) throws Exception {
        http 
        .authorizeRequests()
        .antMatchers("/").permitAll()
        .antMatchers("/login1").permitAll()
        .antMatchers("/myLogout").permitAll()
        .antMatchers("/shared/**").permitAll()
        .antMatchers("/no-access/*").denyAll()
        .antMatchers("/secured/**").hasAuthority("USER")
        .antMatchers("/admin-content/**").hasAuthority("ADMIN")
        .and()
        .formLogin()
           .loginPage("/login1")
              .defaultSuccessUrl("/shared/MySpringMvcPage1").failureUrl("/shared/failureAUTH")
        .and()
        .logout().logoutSuccessUrl("/myLogout").permitAll()
        .and().csrf().disable();
         
    }
}

Now when you are not logged in and you want to access a secured page you will see your login page:

© Copyright www.free-it-tutorials.com, 2022-2024. All rights reserved. This website does not represent any corporation (Oracle, Microsoft, etc) in any way. This site is not using cookies, but it use some services that might use cookies. All information is supposed to be accurate, but it is not guaranteed to be correct. The usage of the information from this website is strictly at your own risk. If you don't like these policies, you have to stop using the website.