1.protected void configure(HttpSecurity http) throws Exception {
http
.authorizeRequests()
.antMatchers("/js/**","/css/**").permitAll()
.anyRequest().authenticated()
.and()
.formLogin().loginPage("/login.html").loginProcessingUrl("/login").permitAll()
.and()
.logout().logoutUrl("/logout").logoutSuccessUrl("/login.html").invalidateHttpSession(true).deleteCookies("JSESSIONID")
.and()
.csrf().disable();
}
2.src/main/webapp/login.html
<!DOCTYPE html>
<html>
<head>
<meta charset="UTF-8">
<title>登陆</title>
</head>
<body>
<form action="/login" method="post">
用户名:<input name="username" type="text"><br/>
密码:<input name="password" type="password"><br/>
<input type="submit" value="登录">
</form>
</body>
</html>