How is it possible to send a POST request if the controller expects a GET?

P

P_Alexander2018-06-27 14:06:39

Java

P_Alexander, 2018-06-27 14:06:39

Good afternoon, I'm trying to implement User Login with spring security, and of course I google to find examples to see how it's done, and I came across one example that I can't understand, and now I came here for you to help me understand it.
source one source twohttps://www.youtube.com/watch?v=iivY8B5A0Tk

https://memorynotfound.com/spring-security-user-registration-example-thymeleaf/

Source Three

https://hellokoding.com/registration-and-login-example-with-spring-xml-configuration-maven-jsp-and-mysql/

The logic of work in those applications is the same, 1 and 3 are generally the same, just in the first source, in the video in which everything was rewritten under a clean one from 3 sources. I also found code from 3 sources on the github and everything is there as in the article.

https://github.com/hellokoding/registration-login-spring-xml-maven-jsp-mysql/blob/master/src/main/java/com/hellokoding/account/web/UserController.java

I will talk about 3 and 1.
I'm interested in how the entrance to the office takes place there!?!?!, the form indicates that it will be processed by a POST request, and in the controller, this url is mapped only to a GET request! This is mistake ??? In the first source (this is in the video) exactly the same code and he ran it and it somehow worked for him !! AS? Explain to me please.
Here is the code from the 3 source
page

<div class="container">

    <form method="POST" action="${contextPath}/login" class="form-signin">
        <h2 class="form-heading">Log in</h2>

        <div class="form-group ${error != null ? 'has-error' : ''}">
            <span>${message}</span>
            <input name="username" type="text" class="form-control" placeholder="Username"
                   autofocus="true"/>
            <input name="password" type="password" class="form-control" placeholder="Password"/>
            <span>${error}</span>
            <input type="hidden" name="${_csrf.parameterName}" value="${_csrf.token}"/>

            <button class="btn btn-lg btn-primary btn-block" type="submit">Log In</button>
            <h4 class="text-center"><a href="${contextPath}/registration">Create an account</a></h4>
        </div>

    </form>

</div>

Controller

@Controller
public class UserController {
    @Autowired
    private UserService userService;

    @Autowired
    private SecurityService securityService;

    @Autowired
    private UserValidator userValidator;

    @RequestMapping(value = "/registration", method = RequestMethod.GET)
    public String registration(Model model) {
        model.addAttribute("userForm", new User());

        return "registration";
    }

    @RequestMapping(value = "/registration", method = RequestMethod.POST)
    public String registration(@ModelAttribute("userForm") User userForm, BindingResult bindingResult, Model model) {
        userValidator.validate(userForm, bindingResult);

        if (bindingResult.hasErrors()) {
            return "registration";
        }

        userService.save(userForm);

        securityService.autologin(userForm.getUsername(), userForm.getPasswordConfirm());

        return "redirect:/welcome";
    }

    @RequestMapping(value = "/login", method = RequestMethod.GET)
    public String login(Model model, String error, String logout) {
        if (error != null)
            model.addAttribute("error", "Your username and password is invalid.");

        if (logout != null)
            model.addAttribute("message", "You have been logged out successfully.");

        return "login";
    }

    @RequestMapping(value = {"/", "/welcome"}, method = RequestMethod.GET)
    public String welcome(Model model) {
        return "welcome";
    }
}

I threw off the entire controller, because maybe I'm blind and don't see what I need.
And spring security

<http auto-config="true">
        <intercept-url pattern="/" access="hasRole('ROLE_USER')"/>
        <intercept-url pattern="/welcome" access="hasRole('ROLE_USER')"/>
        <form-login login-page="/login" default-target-url="/welcome" authentication-failure-url="/login?error" username-parameter="username" password-parameter="password"/>
        <logout logout-success-url="/login?logout" />
    </http>

    <authentication-manager alias="authenticationManager">
        <authentication-provider user-service-ref="userDetailsServiceImpl">
            <password-encoder ref="encoder"></password-encoder>
        </authentication-provider>
    </authentication-manager>

    <beans:bean id="userDetailsServiceImpl" class="com.hellokoding.account.service.UserDetailsServiceImpl"></beans:bean>

    <beans:bean id="encoder"
          class="org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder">
        <beans:constructor-arg name="strength" value="11"/>
    </beans:bean>
</beans:beans>

Reply

Answer the question

In order to leave comments, you need to log in

1 answer(s)

A

Andrew, 2014-10-15
@OLS

Such things are counted backwards, i.e. the probability of "non-selection" is estimated.
In one trial, the probability of "not being selected" is 8/10.
In N consecutive trials (8/10)^N, since the events are independent.
Now set the required probability of "non-selection", for example, 0.01 (this will correspond to the probability of showing 99%) and look for the logarithm in how many trials you will reach it.
PS This will be the probability for one word. If you need a 99% probability for everyone - specify.