From 05ed028f9ddbaf4629562a4d2e8b56a0cde4967f Mon Sep 17 00:00:00 2001 From: Rob Winch Date: Mon, 9 Jul 2018 12:52:52 -0500 Subject: [PATCH] Modernize Default Log In Page Fixes: gh-5515 --- .../DefaultLoginPageConfigurerTests.groovy | 231 +++++++++++++----- .../FormLoginBeanDefinitionParserTests.java | 157 ++++++++---- .../samples/OAuth2LoginApplicationTests.java | 8 +- .../security/samples/pages/LoginPage.java | 4 +- .../security/samples/pages/LoginPage.java | 4 +- .../security/samples/pages/LoginPage.java | 4 +- .../security/samples/pages/LoginPage.java | 4 +- .../security/samples/pages/LoginPage.java | 4 +- .../security/samples/pages/LogoutPage.java | 6 +- .../security/samples/pages/LoginPage.java | 4 +- .../security/samples/pages/LogoutPage.java | 6 +- .../ui/DefaultLoginPageGeneratingFilter.java | 137 ++++++----- .../ui/LoginPageGeneratingWebFilter.java | 3 +- 13 files changed, 384 insertions(+), 188 deletions(-) diff --git a/config/src/test/groovy/org/springframework/security/config/annotation/web/configurers/DefaultLoginPageConfigurerTests.groovy b/config/src/test/groovy/org/springframework/security/config/annotation/web/configurers/DefaultLoginPageConfigurerTests.groovy index 25f10dbba7..32b7188b0f 100644 --- a/config/src/test/groovy/org/springframework/security/config/annotation/web/configurers/DefaultLoginPageConfigurerTests.groovy +++ b/config/src/test/groovy/org/springframework/security/config/annotation/web/configurers/DefaultLoginPageConfigurerTests.groovy @@ -53,15 +53,33 @@ public class DefaultLoginPageConfigurerTests extends BaseSpringSpec { request.requestURI = "/login" springSecurityFilterChain.doFilter(request,response,chain) then: - response.getContentAsString() == """Login Page -

Login with Username and Password

- - - - - -
User:
Password:
-
""" + response.getContentAsString() == """ + + + + + + + Please sign in + + + + +
+ +""" when: "fail to log in" super.setup() request.servletPath = "/login" @@ -77,15 +95,33 @@ public class DefaultLoginPageConfigurerTests extends BaseSpringSpec { request.queryString = "error" springSecurityFilterChain.doFilter(request,response,chain) then: - response.getContentAsString() == """Login Page -

Your login attempt was not successful, try again.

Reason: Bad credentials

Login with Username and Password

- - - - - -
User:
Password:
-
""" + response.getContentAsString() == """ + + + + + + + Please sign in + + + + +
+ +""" when: "login success" super.setup() request.servletPath = "/login" @@ -106,15 +142,33 @@ public class DefaultLoginPageConfigurerTests extends BaseSpringSpec { request.method = "GET" springSecurityFilterChain.doFilter(request,response,chain) then: "sent to default success page" - response.getContentAsString() == """Login Page -

You have been logged out

Login with Username and Password

- - - - - -
User:
Password:
-
""" + response.getContentAsString() == """ + + + + + + + Please sign in + + + + +
+ +""" } @Configuration @@ -191,16 +245,34 @@ public class DefaultLoginPageConfigurerTests extends BaseSpringSpec { request.requestURI = "/login" springSecurityFilterChain.doFilter(request,response,chain) then: - response.getContentAsString() == """Login Page -

Login with Username and Password

- - - - - - -
User:
Password:
Remember me on this computer.
-
""" + response.getContentAsString() == """ + + + + + + + Please sign in + + + + +
+ +""" } @Configuration @@ -224,13 +296,29 @@ public class DefaultLoginPageConfigurerTests extends BaseSpringSpec { request.requestURI = "/login" springSecurityFilterChain.doFilter(request,response,chain) then: - response.getContentAsString() == """Login Page

Login with OpenID Identity

- - - -
Identity:
- -
""" + response.getContentAsString() == """ + + + + + + + Please sign in + + + + +
+ +""" } @Configuration @@ -252,23 +340,44 @@ public class DefaultLoginPageConfigurerTests extends BaseSpringSpec { request.requestURI = "/login" springSecurityFilterChain.doFilter(request,response,chain) then: - response.getContentAsString() == """Login Page -

Login with Username and Password

- - - - - - -
User:
Password:
Remember me on this computer.
-

Login with OpenID Identity

- - - - -
Identity:
Remember me on this computer.
- -
""" + response.getContentAsString() == """ + + + + + + + Please sign in + + + + +
+ + +""" } @Configuration diff --git a/config/src/test/java/org/springframework/security/config/http/FormLoginBeanDefinitionParserTests.java b/config/src/test/java/org/springframework/security/config/http/FormLoginBeanDefinitionParserTests.java index 86a3290c65..7bd087725c 100644 --- a/config/src/test/java/org/springframework/security/config/http/FormLoginBeanDefinitionParserTests.java +++ b/config/src/test/java/org/springframework/security/config/http/FormLoginBeanDefinitionParserTests.java @@ -54,14 +54,32 @@ public class FormLoginBeanDefinitionParserTests { this.spring.configLocations(this.xml("Simple")).autowire(); String expectedContent = - "Login Page\n" + - "

Login with Username and Password

\n" + - "\n" + - " \n" + - " \n" + - " \n" + - "
User:
Password:
\n" + - "
"; + "\n" + + "\n" + + " \n" + + " \n" + + " \n" + + " \n" + + " \n" + + " Please sign in\n" + + " \n" + + " \n" + + " \n" + + " \n" + + "
\n" + + "
\n" + + " \n" + + "

\n" + + " \n" + + " \n" + + "

\n" + + "

\n" + + " \n" + + " \n" + + "

\n" + + " \n" + + "
\n" + + ""; this.mvc.perform(get("/login")).andExpect(content().string(expectedContent)); } @@ -73,14 +91,31 @@ public class FormLoginBeanDefinitionParserTests { this.spring.configLocations(this.xml("WithCustomAttributes")).autowire(); String expectedContent = - "Login Page\n" + - "

Login with Username and Password

\n" + - "\n" + - " \n" + - " \n" + - " \n" + - "
User:
Password:
\n" + - "
"; + "\n" + + "\n" + " \n" + + " \n" + + " \n" + + " \n" + + " \n" + + " Please sign in\n" + + " \n" + + " \n" + + " \n" + + " \n" + + "
\n" + + "
\n" + + " \n" + + "

\n" + + " \n" + + " \n" + + "

\n" + + "

\n" + + " \n" + + " \n" + + "

\n" + + " \n" + + "
\n" + + ""; this.mvc.perform(get("/login")).andExpect(content().string(expectedContent)); } @@ -92,19 +127,38 @@ public class FormLoginBeanDefinitionParserTests { this.spring.configLocations(this.xml("WithOpenId")).autowire(); String expectedContent = - "Login Page\n" + - "

Login with Username and Password

\n" + - "\n" + - " \n" + - " \n" + - " \n" + - "
User:
Password:
\n" + - "

Login with OpenID Identity

\n" + - "\n" + - " \n" + - " \n" + - "
Identity:
\n" + - "
"; + "\n" + "\n" + " \n" + + " \n" + + " \n" + + " \n" + + " \n" + + " Please sign in\n" + + " \n" + + " \n" + + " \n" + + " \n" + + "
\n" + + "
\n" + + " \n" + + "

\n" + + " \n" + + " \n" + + "

\n" + + "

\n" + + " \n" + + " \n" + + "

\n" + + " \n" + + "
\n" + + "
\n" + + " \n" + + "

\n" + + " \n" + + " \n" + + "

\n" + + " \n" + + "
\n" + + ""; this.mvc.perform(get("/login")).andExpect(content().string(expectedContent)); } @@ -116,19 +170,38 @@ public class FormLoginBeanDefinitionParserTests { this.spring.configLocations(this.xml("WithOpenIdCustomAttributes")).autowire(); String expectedContent = - "Login Page\n" + - "

Login with Username and Password

\n" + - "\n" + - " \n" + - " \n" + - " \n" + - "
User:
Password:
\n" + - "

Login with OpenID Identity

\n" + - "\n" + - " \n" + - " \n" + - "
Identity:
\n" + - "
"; + "\n" + "\n" + " \n" + + " \n" + + " \n" + + " \n" + + " \n" + + " Please sign in\n" + + " \n" + + " \n" + + " \n" + + " \n" + + "
\n" + + "
\n" + + " \n" + + "

\n" + + " \n" + + " \n" + + "

\n" + + "

\n" + + " \n" + + " \n" + + "

\n" + + " \n" + + "
\n" + + "
\n" + + " \n" + + "

\n" + + " \n" + + " \n" + + "

\n" + + " \n" + + "
\n" + + ""; this.mvc.perform(get("/login")).andExpect(content().string(expectedContent)); } diff --git a/samples/boot/oauth2login/src/integration-test/java/org/springframework/security/samples/OAuth2LoginApplicationTests.java b/samples/boot/oauth2login/src/integration-test/java/org/springframework/security/samples/OAuth2LoginApplicationTests.java index 1c722da290..68fb179c61 100644 --- a/samples/boot/oauth2login/src/integration-test/java/org/springframework/security/samples/OAuth2LoginApplicationTests.java +++ b/samples/boot/oauth2login/src/integration-test/java/org/springframework/security/samples/OAuth2LoginApplicationTests.java @@ -218,7 +218,7 @@ public class OAuth2LoginApplicationTests { page = this.webClient.getPage(new URL(authorizationResponseUri)); assertThat(page.getBaseURL()).isEqualTo(loginErrorPageUrl); - HtmlElement errorElement = page.getBody().getFirstByXPath("p"); + HtmlElement errorElement = page.getBody().getFirstByXPath("div"); assertThat(errorElement).isNotNull(); assertThat(errorElement.asText()).contains("authorization_request_not_found"); } @@ -248,7 +248,7 @@ public class OAuth2LoginApplicationTests { page = this.webClient.getPage(new URL(authorizationResponseUri)); assertThat(page.getBaseURL()).isEqualTo(loginErrorPageUrl); - HtmlElement errorElement = page.getBody().getFirstByXPath("p"); + HtmlElement errorElement = page.getBody().getFirstByXPath("div"); assertThat(errorElement).isNotNull(); assertThat(errorElement.asText()).contains("authorization_request_not_found"); } @@ -284,13 +284,13 @@ public class OAuth2LoginApplicationTests { page = this.webClient.getPage(new URL(authorizationResponseUri)); assertThat(page.getBaseURL()).isEqualTo(loginErrorPageUrl); - HtmlElement errorElement = page.getBody().getFirstByXPath("p"); + HtmlElement errorElement = page.getBody().getFirstByXPath("div"); assertThat(errorElement).isNotNull(); assertThat(errorElement.asText()).contains("invalid_redirect_uri_parameter"); } private void assertLoginPage(HtmlPage page) throws Exception { - assertThat(page.getTitleText()).isEqualTo("Login Page"); + assertThat(page.getTitleText()).isEqualTo("Please sign in"); int expectedClients = 4; diff --git a/samples/javaconfig/helloworld/src/integration-test/java/org/springframework/security/samples/pages/LoginPage.java b/samples/javaconfig/helloworld/src/integration-test/java/org/springframework/security/samples/pages/LoginPage.java index 0a118128d2..6d72ee7c03 100644 --- a/samples/javaconfig/helloworld/src/integration-test/java/org/springframework/security/samples/pages/LoginPage.java +++ b/samples/javaconfig/helloworld/src/integration-test/java/org/springframework/security/samples/pages/LoginPage.java @@ -37,7 +37,7 @@ public class LoginPage { } public LoginPage assertAt() { - assertThat(this.webDriver.getTitle()).isEqualTo("Login Page"); + assertThat(this.webDriver.getTitle()).isEqualTo("Please sign in"); return this; } @@ -49,7 +49,7 @@ public class LoginPage { private WebDriver webDriver; private WebElement username; private WebElement password; - @FindBy(css = "input[type=submit]") + @FindBy(css = "button[type=submit]") private WebElement submit; public LoginForm(WebDriver webDriver) { diff --git a/samples/javaconfig/jdbc/src/integration-test/java/org/springframework/security/samples/pages/LoginPage.java b/samples/javaconfig/jdbc/src/integration-test/java/org/springframework/security/samples/pages/LoginPage.java index 0a118128d2..6d72ee7c03 100644 --- a/samples/javaconfig/jdbc/src/integration-test/java/org/springframework/security/samples/pages/LoginPage.java +++ b/samples/javaconfig/jdbc/src/integration-test/java/org/springframework/security/samples/pages/LoginPage.java @@ -37,7 +37,7 @@ public class LoginPage { } public LoginPage assertAt() { - assertThat(this.webDriver.getTitle()).isEqualTo("Login Page"); + assertThat(this.webDriver.getTitle()).isEqualTo("Please sign in"); return this; } @@ -49,7 +49,7 @@ public class LoginPage { private WebDriver webDriver; private WebElement username; private WebElement password; - @FindBy(css = "input[type=submit]") + @FindBy(css = "button[type=submit]") private WebElement submit; public LoginForm(WebDriver webDriver) { diff --git a/samples/javaconfig/ldap/src/integration-test/java/org/springframework/security/samples/pages/LoginPage.java b/samples/javaconfig/ldap/src/integration-test/java/org/springframework/security/samples/pages/LoginPage.java index 0a118128d2..6d72ee7c03 100644 --- a/samples/javaconfig/ldap/src/integration-test/java/org/springframework/security/samples/pages/LoginPage.java +++ b/samples/javaconfig/ldap/src/integration-test/java/org/springframework/security/samples/pages/LoginPage.java @@ -37,7 +37,7 @@ public class LoginPage { } public LoginPage assertAt() { - assertThat(this.webDriver.getTitle()).isEqualTo("Login Page"); + assertThat(this.webDriver.getTitle()).isEqualTo("Please sign in"); return this; } @@ -49,7 +49,7 @@ public class LoginPage { private WebDriver webDriver; private WebElement username; private WebElement password; - @FindBy(css = "input[type=submit]") + @FindBy(css = "button[type=submit]") private WebElement submit; public LoginForm(WebDriver webDriver) { diff --git a/samples/xml/helloworld/src/integration-test/java/org/springframework/security/samples/pages/LoginPage.java b/samples/xml/helloworld/src/integration-test/java/org/springframework/security/samples/pages/LoginPage.java index 0a118128d2..6d72ee7c03 100644 --- a/samples/xml/helloworld/src/integration-test/java/org/springframework/security/samples/pages/LoginPage.java +++ b/samples/xml/helloworld/src/integration-test/java/org/springframework/security/samples/pages/LoginPage.java @@ -37,7 +37,7 @@ public class LoginPage { } public LoginPage assertAt() { - assertThat(this.webDriver.getTitle()).isEqualTo("Login Page"); + assertThat(this.webDriver.getTitle()).isEqualTo("Please sign in"); return this; } @@ -49,7 +49,7 @@ public class LoginPage { private WebDriver webDriver; private WebElement username; private WebElement password; - @FindBy(css = "input[type=submit]") + @FindBy(css = "button[type=submit]") private WebElement submit; public LoginForm(WebDriver webDriver) { diff --git a/samples/xml/jaas/src/integration-test/java/org/springframework/security/samples/pages/LoginPage.java b/samples/xml/jaas/src/integration-test/java/org/springframework/security/samples/pages/LoginPage.java index 6a13e93eca..1737af5de7 100644 --- a/samples/xml/jaas/src/integration-test/java/org/springframework/security/samples/pages/LoginPage.java +++ b/samples/xml/jaas/src/integration-test/java/org/springframework/security/samples/pages/LoginPage.java @@ -39,7 +39,7 @@ public class LoginPage { } public LoginPage assertAt() { - assertThat(this.webDriver.getTitle()).isEqualTo("Login Page"); + assertThat(this.webDriver.getTitle()).isEqualTo("Please sign in"); return this; } @@ -51,7 +51,7 @@ public class LoginPage { private WebDriver webDriver; private WebElement username; private WebElement password; - @FindBy(css = "input[type=submit]") + @FindBy(css = "button[type=submit]") private WebElement submit; public LoginForm(WebDriver webDriver) { diff --git a/samples/xml/jaas/src/integration-test/java/org/springframework/security/samples/pages/LogoutPage.java b/samples/xml/jaas/src/integration-test/java/org/springframework/security/samples/pages/LogoutPage.java index abaf6ccdb3..a4a7e324ee 100644 --- a/samples/xml/jaas/src/integration-test/java/org/springframework/security/samples/pages/LogoutPage.java +++ b/samples/xml/jaas/src/integration-test/java/org/springframework/security/samples/pages/LogoutPage.java @@ -27,8 +27,8 @@ import static org.assertj.core.api.Assertions.assertThat; * @author Michael Simons */ public class LogoutPage extends LoginPage { - @FindBy(css = "p") - private WebElement p; + @FindBy(css = "div[role=alert]") + private WebElement alert; public LogoutPage(WebDriver webDriver) { super(webDriver); @@ -38,7 +38,7 @@ public class LogoutPage extends LoginPage { public LogoutPage assertAt() { super.assertAt(); - assertThat(p.getText()).isEqualTo("You have been logged out"); + assertThat(this.alert.getText()).isEqualTo("You have been signed out"); return this; } } diff --git a/samples/xml/ldap/src/integration-test/java/org/springframework/security/samples/pages/LoginPage.java b/samples/xml/ldap/src/integration-test/java/org/springframework/security/samples/pages/LoginPage.java index 6a13e93eca..1737af5de7 100644 --- a/samples/xml/ldap/src/integration-test/java/org/springframework/security/samples/pages/LoginPage.java +++ b/samples/xml/ldap/src/integration-test/java/org/springframework/security/samples/pages/LoginPage.java @@ -39,7 +39,7 @@ public class LoginPage { } public LoginPage assertAt() { - assertThat(this.webDriver.getTitle()).isEqualTo("Login Page"); + assertThat(this.webDriver.getTitle()).isEqualTo("Please sign in"); return this; } @@ -51,7 +51,7 @@ public class LoginPage { private WebDriver webDriver; private WebElement username; private WebElement password; - @FindBy(css = "input[type=submit]") + @FindBy(css = "button[type=submit]") private WebElement submit; public LoginForm(WebDriver webDriver) { diff --git a/samples/xml/ldap/src/integration-test/java/org/springframework/security/samples/pages/LogoutPage.java b/samples/xml/ldap/src/integration-test/java/org/springframework/security/samples/pages/LogoutPage.java index abaf6ccdb3..a4a7e324ee 100644 --- a/samples/xml/ldap/src/integration-test/java/org/springframework/security/samples/pages/LogoutPage.java +++ b/samples/xml/ldap/src/integration-test/java/org/springframework/security/samples/pages/LogoutPage.java @@ -27,8 +27,8 @@ import static org.assertj.core.api.Assertions.assertThat; * @author Michael Simons */ public class LogoutPage extends LoginPage { - @FindBy(css = "p") - private WebElement p; + @FindBy(css = "div[role=alert]") + private WebElement alert; public LogoutPage(WebDriver webDriver) { super(webDriver); @@ -38,7 +38,7 @@ public class LogoutPage extends LoginPage { public LogoutPage assertAt() { super.assertAt(); - assertThat(p.getText()).isEqualTo("You have been logged out"); + assertThat(this.alert.getText()).isEqualTo("You have been signed out"); return this; } } diff --git a/web/src/main/java/org/springframework/security/web/authentication/ui/DefaultLoginPageGeneratingFilter.java b/web/src/main/java/org/springframework/security/web/authentication/ui/DefaultLoginPageGeneratingFilter.java index 74c0ae6796..783fe6fb01 100644 --- a/web/src/main/java/org/springframework/security/web/authentication/ui/DefaultLoginPageGeneratingFilter.java +++ b/web/src/main/java/org/springframework/security/web/authentication/ui/DefaultLoginPageGeneratingFilter.java @@ -208,7 +208,7 @@ public class DefaultLoginPageGeneratingFilter extends GenericFilterBean { private String generateLoginPageHtml(HttpServletRequest request, boolean loginError, boolean logoutSuccess) { - String errorMsg = "none"; + String errorMsg = "Invalid credentials"; if (loginError) { HttpSession session = request.getSession(false); @@ -216,82 +216,76 @@ public class DefaultLoginPageGeneratingFilter extends GenericFilterBean { if (session != null) { AuthenticationException ex = (AuthenticationException) session .getAttribute(WebAttributes.AUTHENTICATION_EXCEPTION); - errorMsg = ex != null ? ex.getMessage() : "none"; + errorMsg = ex != null ? ex.getMessage() : "Invalid credentials"; } } StringBuilder sb = new StringBuilder(); - sb.append("Login Page"); + sb.append("\n" + + "\n" + + " \n" + + " \n" + + " \n" + + " \n" + + " \n" + + " Please sign in\n" + + " \n" + + " \n" + + " \n" + + " \n" + + "
\n"); - if (formLoginEnabled) { - sb.append("\n"); - } - - if (loginError) { - sb.append("

Your login attempt was not successful, try again.

Reason: "); - sb.append(errorMsg); - sb.append("

"); - } - - if (logoutSuccess) { - sb.append("

You have been logged out

"); - } - - if (formLoginEnabled) { - sb.append("

Login with Username and Password

"); - sb.append("
\n"); - sb.append("\n"); - sb.append(" \n"); - sb.append(" \n"); - - if (rememberMeParameter != null) { - sb.append(" \n"); - } - - sb.append(" \n"); - renderHiddenInputs(sb, request); - sb.append("
User:
Password:
Remember me on this computer.
\n"); - sb.append("
"); + String contextPath = request.getContextPath(); + if (this.formLoginEnabled) { + sb.append("
\n" + + " \n" + + createError(loginError, errorMsg) + + createLogoutSuccess(logoutSuccess) + + "

\n" + + " \n" + + " \n" + + "

\n" + + "

\n" + + " \n" + + " \n" + + "

\n" + + createRememberMe(this.rememberMeParameter) + + renderHiddenInputs(request) + + " \n" + + "
\n"); } if (openIdEnabled) { - sb.append("

Login with OpenID Identity

"); - sb.append("
\n"); - sb.append("\n"); - sb.append(" \n"); - - if (openIDrememberMeParameter != null) { - sb.append(" \n"); - } - - sb.append(" \n"); - sb.append("
Identity:
Remember me on this computer.
\n"); - renderHiddenInputs(sb, request); - sb.append("
"); + sb.append("
\n" + + " \n" + + createError(loginError, errorMsg) + + createLogoutSuccess(logoutSuccess) + + "

\n" + + " \n" + + " \n" + + "

\n" + + createRememberMe(this.openIDrememberMeParameter) + + renderHiddenInputs(request) + + " \n" + + "
\n"); } if (oauth2LoginEnabled) { - sb.append("

Login with OAuth 2.0

"); - sb.append("\n"); + sb.append(""); + sb.append(createError(loginError, errorMsg)); + sb.append(createLogoutSuccess(logoutSuccess)); + sb.append("
\n"); for (Map.Entry clientAuthenticationUrlToClientName : oauth2AuthenticationUrlToClientName.entrySet()) { sb.append(" \n"); } - sb.append("
"); - sb.append(""); - sb.append(HtmlUtils.htmlEscape(clientAuthenticationUrlToClientName.getValue(), "UTF-8")); + String url = clientAuthenticationUrlToClientName.getKey(); + sb.append(""); + String clientName = HtmlUtils.htmlEscape(clientAuthenticationUrlToClientName.getValue()); + sb.append(clientName); sb.append(""); sb.append("
\n"); + sb.append("
\n"); } sb.append(""); @@ -299,10 +293,21 @@ public class DefaultLoginPageGeneratingFilter extends GenericFilterBean { return sb.toString(); } - private void renderHiddenInputs(StringBuilder sb, HttpServletRequest request) { + private String renderHiddenInputs(HttpServletRequest request) { + StringBuilder sb = new StringBuilder(); for(Map.Entry input : this.resolveHiddenInputs.apply(request).entrySet()) { - sb.append(" \n"); + sb.append("\n"); } + return sb.toString(); + } + + private String createRememberMe(String paramName) { + if (paramName == null) { + return ""; + } + return "

Remember me on this computer.

\n"; } private boolean isLogoutSuccess(HttpServletRequest request) { @@ -317,6 +322,14 @@ public class DefaultLoginPageGeneratingFilter extends GenericFilterBean { return matches(request, failureUrl); } + private static String createError(boolean isError, String message) { + return isError ? "
" + HtmlUtils.htmlEscape(message) + "
" : ""; + } + + private static String createLogoutSuccess(boolean isLogoutSuccess) { + return isLogoutSuccess ? "
You have been signed out
" : ""; + } + private boolean matches(HttpServletRequest request, String url) { if (!"GET".equals(request.getMethod()) || url == null) { return false; diff --git a/web/src/main/java/org/springframework/security/web/server/ui/LoginPageGeneratingWebFilter.java b/web/src/main/java/org/springframework/security/web/server/ui/LoginPageGeneratingWebFilter.java index 74f63f806e..7bf0cfaa35 100644 --- a/web/src/main/java/org/springframework/security/web/server/ui/LoginPageGeneratingWebFilter.java +++ b/web/src/main/java/org/springframework/security/web/server/ui/LoginPageGeneratingWebFilter.java @@ -122,7 +122,8 @@ public class LoginPageGeneratingWebFilter implements WebFilter { boolean isLogoutSuccess = queryParams.containsKey("logout"); return "
\n" + " \n" - + createError(isError) + createLogoutSuccess(isLogoutSuccess) + + createError(isError) + + createLogoutSuccess(isLogoutSuccess) + "

\n" + " \n" + " \n"