Where is the default login page generated in Spring Security 4 when you use the simplest of configurations?
<http>
...
<form-login/>
</http>
I am using this basic sample web application for Spring Security.
Is almost the same as this question Where is the default login page for the spring security core plugin? but for Java.
Spring security secures all HTTP endpoints by default. A user has to login in a default HTTP form. To enable Spring Boot security, we add spring-boot-starter-security to the dependencies.
By default, Spring Boot will only log to the console and will not write log files. If you want to write log files in addition to the console output you need to set a logging. file or logging. path property (for example in your application.
As of Spring Security version 5.7. 1, the default username is user and the password is randomly generated and displayed in the console (e.g. 8e557245-73e2-4286-969a-ff57fe326336 ).
It is generated from this class org.springframework.security.web.authentication.ui.DefaultLoginPageGeneratingFilter
:
private String generateLoginPageHtml(HttpServletRequest request, boolean loginError, boolean logoutSuccess) {
String errorMsg = "none";
[...]
StringBuilder sb = new StringBuilder();
sb.append("<html><head><title>Login Page</title></head>");
if (formLoginEnabled) {
sb.append("<body onload='document.f.").append(usernameParameter).append(".focus();'>\n");
}
[...]
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With