Closed manojsharma20 closed 3 years ago
Hi,
First of all thank for creating such a good plugin for spring boot based project.
Now my issue:
I have configure your recaptcha example and working fine, but the issue is i am able to login into the system without verify recaptcha.
I don't know what i am missing. Please help me to solve this issue.
Code form Spring Security configuration: `@Override protected void configure(HttpSecurity http) throws Exception {// @formatter:off http .authorizeRequests() .antMatchers("/js/", "/fonts/", "/css/", "/images/", "/favicon.ico").permitAll() .antMatchers("/register/").permitAll() // .antMatchers("/login/").permitAll()//Basically I'm allowing parameters for login so locale can be added and read. .anyRequest().authenticated(); enhancer.addRecaptchaSupport(http.formLogin()) .loginPage("/login") .successHandler(myUrlAuthenticationSuccessHandler) .permitAll() .and() .csrf() .disable() .logout().logoutRequestMatcher(new AntPathRequestMatcher("/logout")) .logoutSuccessUrl("/login") .invalidateHttpSession(true) .permitAll();
}`
Check this issue: https://github.com/mkopylec/recaptcha-spring-boot-starter/issues/8 It's the samething.
Hi,
First of all thank for creating such a good plugin for spring boot based project.
Now my issue:
I have configure your recaptcha example and working fine, but the issue is i am able to login into the system without verify recaptcha.
I don't know what i am missing. Please help me to solve this issue.
Code form Spring Security configuration: `@Override protected void configure(HttpSecurity http) throws Exception {// @formatter:off http .authorizeRequests() .antMatchers("/js/", "/fonts/", "/css/", "/images/", "/favicon.ico").permitAll() .antMatchers("/register/").permitAll() // .antMatchers("/login/").permitAll()//Basically I'm allowing parameters for login so locale can be added and read. .anyRequest().authenticated(); enhancer.addRecaptchaSupport(http.formLogin()) .loginPage("/login") .successHandler(myUrlAuthenticationSuccessHandler) .permitAll() .and() .csrf() .disable() .logout().logoutRequestMatcher(new AntPathRequestMatcher("/logout")) .logoutSuccessUrl("/login") .invalidateHttpSession(true) .permitAll();