Menu
I'm developing a simple login Form using a Thymeleaf & Spring Boot. When i try hitting the following URL in Chrome: "http://localhost:8080/login" i get an error saying "ERR_TOO_MANY_REDIRECTS". I've tried clearing my cache & cookies in the browser and still get the same error.
I tried disabling the default security login screen by putting the following property into my application.properties: security.basic.enabled=false
and added the following configuration to my SecurityConfig so any URL except "/login" and "/resources" would get authenticated:
@Configuration
@EnableWebSecurity
public class SecurityConfig extends WebSecurityConfigurerAdapter {
@Autowired
private UserRepository userRepository;
@Override
protected void configure(HttpSecurity http) throws Exception {
http
.authorizeRequests()
.antMatchers("/resources/**").permitAll()
.anyRequest().authenticated()
.and()
.formLogin()
.loginPage("/login")
.permitAll()
.and()
.logout()
.permitAll();
}
My LoginController is strightforward:
@Controller
public class LoginController {
@RequestMapping(value="/login", method=RequestMethod.GET)
public String loadForm(Model model) {
model.addAttribute("user", new User());
return "redirect:/login";
}
Anyone have any idea's why this happens?
912
What does the ERR_TOO_MANY_REDIRECTS mean? The error too many redirects is shown when the browser can't establish a connection between the initial page and the destination page in a redirect. If you use Google Chrome, the warning looks like this: “This page isn't working. www.example.com redirected you too many times.
Don't use more than 3 redirects in a redirect chain. Google Bot will not follow 301 redirects over multiple hubs. Using too many redirects in a chain is also bad user experience. The page speed will slow down with every redirect you use.
The reason you see the “too many redirects” error is because your website has been set up in a way that keeps redirecting it between different web addresses. When your browser tries to load your site, it goes back and forth between those web addresses in a way that will never complete — a redirect loop.
Your Controller catches and redirects to the same url:
@RequestMapping(value="/login", method=RequestMethod.GET)
public String loadForm(Model model) {
model.addAttribute("user", new User());
return "redirect:/login";
}
Also, your SecurityConfig defines this:
@Configuration
@EnableWebSecurity
public class SecurityConfig extends WebSecurityConfigurerAdapter {
protected void configure(HttpSecurity http) throws Exception {
...
.loginPage("/login")
}
.loginPage()'s javadoc says this:
login page to redirect to if authentication is required
So, any secured request made or direct access to /login will:
.loginPage("/login") in your SecurityConfig
@RequestMapping(value="/login"
/login with "redirect:/login"
154
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
