CODEWITHSUNDEEP
springsecurityspring-bootthymeleaf
Tr Sorin
Tr Sorin

Reputation: 125

Spring Boot + Thymeleaf Security not recognized

i've been trying to use thymeleaf's security tags but i can't get them to work. This is my security class:

@Configuration
@EnableWebSecurity
@EnableGlobalMethodSecurity(prePostEnabled = true)
public class SecurityConfig extends WebSecurityConfigurerAdapter {

    @Autowired
    private Environment env;

    @Autowired
    private UserSecurityService userSecurityService;

    private BCryptPasswordEncoder passwordEncoder() {
        return SecurityUtility.passwordEncoder();
    }

    private static final String[] PUBLIC_MATCHERS = { "/css/**", "/js/**", "/image/**", "/", "/myAccount" };

    @Override
    protected void configure(HttpSecurity http) throws Exception {
        http.authorizeRequests().
                antMatchers(PUBLIC_MATCHERS).permitAll().anyRequest().authenticated();

        http.csrf().disable().cors().disable().formLogin().failureUrl("/login?error").defaultSuccessUrl("/")
                .loginPage("/login").permitAll().and().logout()
                .logoutRequestMatcher(new AntPathRequestMatcher("/logout")).logoutSuccessUrl("/?logout")
                .deleteCookies("remember-me").permitAll().and().rememberMe();

    }

    @Autowired
    public void configureGlobal(AuthenticationManagerBuilder auth) throws Exception {
        auth.userDetailsService(userSecurityService).passwordEncoder(passwordEncoder());
    }

}

Pom.xml

<dependencies>
        <dependency>
            <groupId>org.springframework.boot</groupId>
            <artifactId>spring-boot-starter-data-jpa</artifactId>
        </dependency>
        <dependency>
            <groupId>org.springframework.boot</groupId>
            <artifactId>spring-boot-starter-security</artifactId>
        </dependency>
        <dependency>
            <groupId>org.springframework.boot</groupId>
            <artifactId>spring-boot-starter-thymeleaf</artifactId>
        </dependency>
        <dependency>
            <groupId>org.springframework.boot</groupId>
            <artifactId>spring-boot-starter-web</artifactId>
        </dependency>

        <dependency>
            <groupId>mysql</groupId>
            <artifactId>mysql-connector-java</artifactId>
            <scope>runtime</scope>
        </dependency>
        <dependency>
            <groupId>org.springframework.boot</groupId>
            <artifactId>spring-boot-starter-test</artifactId>
            <scope>test</scope>
        </dependency>
        <dependency>
            <groupId>org.springframework.security</groupId>
            <artifactId>spring-security-test</artifactId>
            <scope>test</scope>
        </dependency>
        <dependency>
            <groupId>org.thymeleaf.extras</groupId>
            <artifactId>thymeleaf-extras-springsecurity4</artifactId>
        </dependency>
    </dependencies>

Index.html

<html lang="en" xmlns:th="http://www.thymeleaf.org"
    xmlns:sec="http://www.thymeleaf.org/extras/spring-security">

            <ul class="navbar-nav navbar-right">
                    <li class="nav-item"><a class="nav-link" href="#">Shopping
                            Cart</a></li>
                    <li class="nav-item"><a sec:authorize="isAnonymous()"
                        class="nav-link" th:href="@{/login}">My Account</a></li>
                    <li class="nav-item"><a sec:authorize="isAuthenticated()"
                        class="nav-link" th:href="@{/myProfile}">My Account</a></li>
                    <li class="nav-item"><a class="nav-link"
                        sec:authorize="isAuthenticated()" href="@{/logout}">Logout</a></li>
                </ul>

My problem is that both the nav-items called My Account are showing on the page and i guess the tag sec:authorize doesn't get recognized or something like that or i'm clearly doing something wrong:( Do i need to do any other configurations? I'm using spring boot 2, i've tried solving this in different ways from changing the version of thymeleaf-extras-springsecurity4 to adding a bean in the spring context but it's still not working:(

Upvotes: 0

Views: 560

Answers (1)

Syed Mainul Hasan
Syed Mainul Hasan

Reputation: 62

In spring boot auto configuration, an instance of SpringSecurityDialect is not auto configured. Therefore, you are having this problem. Try adding a bean of SpringSecurityDialect like below, and I hope, it will work.

@Bean
public SpringSecurityDialect securityDialect() {
    return new SpringSecurityDialect();
}

Upvotes: 2

Related Questions