Spring Security Custom Login Error

Question

I have been trying to add Spring Security Custom Login(Java Config) into my application, but a strange error keeps popping up.

I have gone through the Creating a Custom Login Form tutorial and it works just fine. I am not sure what is the issue with my application.

Error

Caused by: java.lang.IllegalArgumentException: 'login?error' is not a valid redirect URL

Security Config

@Configuration
@EnableWebSecurity
public class SecurityConfig extends WebSecurityConfigurerAdapter {
    @Autowired
    public void configure(AuthenticationManagerBuilder auth)
            throws Exception {
        auth
        .inMemoryAuthentication()
            .withUser("user").password("password").roles("USER");
    }

    @Override
    protected void configure(HttpSecurity http) throws Exception {
        http.authorizeRequests().antMatchers("/", "/about").permitAll();
        http
        .authorizeRequests()
        .antMatchers("/admin","/admin/**").hasRole("ADMIN")
        .anyRequest().authenticated()
        .and()
        .formLogin()
        .loginPage("login")
        .permitAll();
    }
}

LoginController

@Controller
public class LoginController {

    @RequestMapping(value = "login", method = RequestMethod.GET)
    public String loginView() {
        return "login";
    }

    @RequestMapping(value = "login", method = RequestMethod.POST)
    public String login(@ModelAttribute Login login) {
        return "home";
    }
}

Just commenting the method configure(HttpSecurity http) removes the exception. I tried adding RequestMapping with value login?error, but it didn't help. What am I missing here?

Link to complete stack trace

Answer 1

Your are missing a slash.

This:

.loginPage("login")

Should be:

 .loginPage("/login")