Spring Security 4：不支持請求方法'POST'

Question

問題是，當我點擊登錄按鈕時，tomcat上出現Request method 'POST' not supported錯誤。

這裏是我的代碼：

<form class="omb_loginForm" action="${/login}" method="POST" autocomplete="off"> 
          <div th:if="${param.error}" class="alert alert-error">Invalid username and password.</div> 
          <div th:if="${param.logout}" class="alert alert-success">You have been logged out.</div> 
          <div class="input-group"> 
           <span class="input-group-addon"><i class="fa fa-user"></i></span> 
           <input type="text" class="form-control" id="username" name="ssoId" 
            placeholder="email address" autocomplete="off" required="required" 
            style="cursor: auto; background-image: url(&quot;data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAABAAAAASCAYAAABSO15qAAAABmJLR0QA/wD/AP+gvaeTAAAACXBIWXMAAAsTAAALEwEAmpwYAAAAB3RJTUUH3QsPDhss3LcOZQAAAU5JREFUOMvdkzFLA0EQhd/bO7iIYmklaCUopLAQA6KNaawt9BeIgnUwLHPJRchfEBR7CyGWgiDY2SlIQBT/gDaCoGDudiy8SLwkBiwz1c7y+GZ25i0wnFEqlSZFZKGdi8iiiOR7aU32QkR2c7ncPcljAARAkgckb8IwrGf1fg/oJ8lRAHkR2VDVmOQ8AKjqY1bMHgCGYXhFchnAg6omJGcBXEZRtNoXYK2dMsaMt1qtD9/3p40x5yS9tHICYF1Vn0mOxXH8Uq/Xb389wff9PQDbQRB0t/QNOiPZ1h4B2MoO0fxnYz8dOOcOVbWhqq8kJzzPa3RAXZIkawCenHMjJN/+GiIqlcoFgKKq3pEMAMwAuCa5VK1W3SAfbAIopum+cy5KzwXn3M5AI6XVYlVt1mq1U8/zTlS1CeC9j2+6o1wuz1lrVzpWXLDWTg3pz/0CQnd2Jos49xUAAAAASUVORK5CYII=&quot;); background-attachment: scroll; background-position: 100% 50%; background-repeat: no-repeat;" /> 
          </div> 
          <span class="help-block"></span> 

          <div class="input-group"> 
           <span class="input-group-addon"><i class="fa fa-lock"></i></span> 
           <input type="password" class="form-control" id="password" name="password" 
            placeholder="Password" autocomplete="off" required="required" 
            style="cursor: auto; background-image: url(&quot;data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAABAAAAASCAYAAABSO15qAAAABmJLR0QA/wD/AP+gvaeTAAAACXBIWXMAAAsTAAALEwEAmpwYAAAAB3RJTUUH3QsPDhss3LcOZQAAAU5JREFUOMvdkzFLA0EQhd/bO7iIYmklaCUopLAQA6KNaawt9BeIgnUwLHPJRchfEBR7CyGWgiDY2SlIQBT/gDaCoGDudiy8SLwkBiwz1c7y+GZ25i0wnFEqlSZFZKGdi8iiiOR7aU32QkR2c7ncPcljAARAkgckb8IwrGf1fg/oJ8lRAHkR2VDVmOQ8AKjqY1bMHgCGYXhFchnAg6omJGcBXEZRtNoXYK2dMsaMt1qtD9/3p40x5yS9tHICYF1Vn0mOxXH8Uq/Xb389wff9PQDbQRB0t/QNOiPZ1h4B2MoO0fxnYz8dOOcOVbWhqq8kJzzPa3RAXZIkawCenHMjJN/+GiIqlcoFgKKq3pEMAMwAuCa5VK1W3SAfbAIopum+cy5KzwXn3M5AI6XVYlVt1mq1U8/zTlS1CeC9j2+6o1wuz1lrVzpWXLDWTg3pz/0CQnd2Jos49xUAAAAASUVORK5CYII=&quot;); background-attachment: scroll; background-position: 100% 50%; background-repeat: no-repeat;" /> 
          </div> 
          <input type="hidden" name="${_csrf.parameterName}" value="${_csrf.token}" /> 
          <button class="btn btn-lg btn-primary btn-block" type="submit">Login</button> 
         </form> 

我的控制器：

@RequestMapping(value = "/login", method = RequestMethod.GET) 
    public ModelAndView login(@RequestParam(value = "error", required = false) String error, 
      @RequestParam(value = "logout", required = false) String logout) { 

     System.out.println("login page"); 
     ModelAndView model = new ModelAndView(); 
     if (error != null) { 
      model.addObject("error", "Invalid username and password!"); 
     } 

     if (logout != null) { 
      model.addObject("msg", "You've been logged out successfully."); 
     } 
     model.setViewName("login"); 

     return model; 

    } 

我的春季安全配置：

package com.mintad.spring.security; 

import javax.sql.DataSource; 

import org.springframework.beans.factory.annotation.Autowired; 
import org.springframework.context.annotation.Configuration; 
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder; 
import org.springframework.security.config.annotation.web.builders.HttpSecurity; 
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity; 
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter; 

@Configuration 
@EnableWebSecurity 
public class SecurityConfiguration extends WebSecurityConfigurerAdapter { 

    @Autowired 
    DataSource dataSource; 

    @Autowired 
    public void configureGlobalSecurity(AuthenticationManagerBuilder auth) throws Exception { 
     // auth.inMemoryAuthentication().withUser("bill").password("abc123").roles("USER"); 
     // auth.inMemoryAuthentication().withUser("admin").password("root123").roles("ADMIN"); 
     // auth.inMemoryAuthentication().withUser("dba").password("root123").roles("ADMIN","DBA"); 
     auth.jdbcAuthentication().dataSource(dataSource) 
       .usersByUsernameQuery("select username,password, enabled from users where username=?") 
       .authoritiesByUsernameQuery("select username, role from userroles where username=?"); 
    } 

    @Override 
    protected void configure(HttpSecurity http) throws Exception { 

     http.authorizeRequests().antMatchers("/", "/index").permitAll() 
       // .antMatchers("/admin/**").access("hasRole('ADMIN')") 
       // .antMatchers("/db/**").access("hasRole('ADMIN') and 
       // hasRole('DBA')") 
       .and().formLogin().loginPage("/login").defaultSuccessUrl("/welcome").usernameParameter("ssoId") 
       .passwordParameter("password").and().csrf().and().exceptionHandling().accessDeniedPage("/Access_Denied"); 
    } 
} 

我試着從控制器，但在去除方法類型徒勞的。請任何幫助，歡迎！

Answer 1

嗯，這是一個恥辱:(

的解決方案是使用@替代$並添加擴展次行動如下：

<form class="omb_loginForm" th:action="@{/login}" method="POST" autocomplete="off">