I am using jsf servlet and created custom login page, used form with action j_spring_security_check ,method POST , used j_username and j_password. Problem i have when I click to Login button it's not redirecting to page but in Chrome network column it shows post method j_spring_security_check with 302 status code, am I using spring security proper way?
Login.jsf page:
<form action="j_spring_security_check" method="POST" >
<div class="input-group mb-3">
<div class="input-group-append">
<span class="input-group-text"><i class="fas fa-user"></i></span>
</div>
<p:inputText type="text" name="j_username" id="j_username" class="form-control input_user" value="" placeholder="username"/>
</div>
<div class="input-group mb-2">
<div class="input-group-append">
<span class="input-group-text"><i class="fas fa-key"></i></span>
</div>
<p:password type="password" id="j_password" name="j_password" class="form-control input_pass" value="" placeholder="password" />
</div>
<div class="d-flex justify-content-center mt-3 login_container">
<button type="submit" class="btn login_btn" >Login</button>
</div>
</form>
Web Security config:
@Override
protected void configure(HttpSecurity http) throws Exception {
http.authorizeRequests()
.antMatchers("/resources/**").permitAll()
.anyRequest().authenticated()
.and()
.formLogin().loginPage("/login").successForwardUrl("/WelcomePage.jsf").failureForwardUrl("/addPicture.jsf").permitAll()
.successForwardUrl("/WelcomePage.jsf")
.and()
.logout().permitAll();
http.csrf().disable();
}
Image from chrome:
