Costomize Spring Boot Security Login Page using Vaadin

Francois44 · May 9, 2019, 5:11pm

Hi evryone of you.
I’m new here and need your help.
I’m using spring boot with vaadin.
And I want to make the spring security login page be a Vaadin UI.
But Here are the errors I’ve Got.

This is my security configuration

//...

@Override
protected void configure(HttpSecurity http) throws Exception {
	http
			.authorizeRequests()
			.antMatchers("/").permitAll()
			.antMatchers("/VAADIN/**", "/PUSH/**", "/UIDL/**", "/login", "/login/**", "/error/**", "/accessDenied/**", "/vaadinServlet/**").permitAll()
			.antMatchers("/rest/**").authenticated()
			;
}
// ...

This is my login page.

/***
 ***/

package com.ntech.bookstore.views;

import com.vaadin.annotations.Theme;
import com.vaadin.annotations.Title;
import com.vaadin.server.VaadinRequest;
import com.vaadin.shared.ui.MarginInfo;
import com.vaadin.spring.annotation.SpringUI;
import com.vaadin.ui.*;
import com.vaadin.ui.themes.ValoTheme;


@SpringUI(path = "/login")
@Title("LoginPage")
@Theme("valo")
public class LoginUI extends UI {

    TextField user;
    PasswordField password;
    Button loginButton = new Button("Login", this::loginButtonClick);
    private static final String username = "username";
    private static final String passwordValue = "test123";

    @Override
    protected void init(VaadinRequest request) {
        setSizeFull();

        user = new TextField("User:");
        user.setWidth("300px");
        user.setRequiredIndicatorVisible(true);
        user.setPlaceholder("Your username");

        password = new PasswordField("Password:");
        password.setWidth("300px");
        password.setRequiredIndicatorVisible(true);
        password.setValue("");

        VerticalLayout fields = new VerticalLayout(user, password, loginButton);
        fields.setCaption("Please login to access the application");
        fields.setSpacing(true);
        fields.setMargin(new MarginInfo(true, true, true, false));
        fields.setSizeUndefined();

        VerticalLayout uiLayout = new VerticalLayout(fields);
        uiLayout.setSizeFull();
        uiLayout.setComponentAlignment(fields, Alignment.MIDDLE_CENTER);
        setStyleName(ValoTheme.LABEL_COLORED);
        setFocusedComponent(user);

        setContent(uiLayout);
    }

    public void loginButtonClick(Button.ClickEvent e) {

    }

}

Help me please. If you need another information, let me now. I will send it for you.

Stuart · May 15, 2019, 12:02pm

Hi François

I have this… (so perhaps you need the formLogin().loginPage(…) adding to your http directives )

http.csrf().disable().authorizeRequests()
				.antMatchers("/VAADIN/**", "/HEARTBEAT/**", "/vaadinServlet/**", "/frontend/**", "/images/**").permitAll()
				.regexMatchers(HttpMethod.POST, "/\\?v-r=.*").permitAll()
				.anyRequest().authenticated().and().formLogin().loginPage("/login").permitAll().defaultSuccessUrl("/app", false).and()
				.logout().logoutRequestMatcher(new AntPathRequestMatcher("/logout"));

Stuart

Francois44 · May 15, 2019, 4:33pm

Hi Stuart. I try it and it works. Thanks you.

this also works.

@Override
protected void configure(HttpSecurity http) throws Exception {
	http
			.authorizeRequests()
			.antMatchers("/", "/**").permitAll()
			.antMatchers("/VAADIN/**", "/PUSH/**", "/UIDL/**", "/login", "/login/**", "/error/**", "/accessDenied/**", "/vaadinServlet/**").permitAll()
			.antMatchers("/rest/**").authenticated()
			;
}

Thank you.