mindol1004/spring-session
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Mix-ins added for Jackson Serialization/deserialization

Browse Source 
Fixes gh-434
This commit is contained in:
Jitendra Singh Bisht
2016-03-17 10:27:32 +05:30
committed by Rob Winch
parent d3379029bb
commit 8b97a32db2
34 changed files with 8570 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

15
samples/httpsession-redis-json/src/main/java/sample/Application.java Normal file
View File

@@ -0,0 +1,15 @@
package sample;
import org.springframework.boot.SpringApplication;
import org.springframework.boot.autoconfigure.SpringBootApplication;
/**
* @author jitendra on 3/3/16.
*/
@SpringBootApplication
public class Application {
public static void main(String[] args) {
SpringApplication.run(Application.class, args);
}
}

36
samples/httpsession-redis-json/src/main/java/sample/config/SecurityConfig.java Normal file
View File

@@ -0,0 +1,36 @@
package sample.config;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
/**
* @author jitendra on 3/3/16.
*/
@EnableWebSecurity
public class SecurityConfig extends WebSecurityConfigurerAdapter {
@Override
protected void configure(HttpSecurity http) throws Exception {
http
.formLogin()
.loginPage("/login")
.permitAll()
.and()
.authorizeRequests()
.antMatchers("/resources/**").permitAll()
.anyRequest().authenticated()
.and()
.logout()
.permitAll();
}
@Autowired
public void configureGlobal(AuthenticationManagerBuilder builder) throws Exception {
builder
.inMemoryAuthentication()
.withUser("user").password("password").roles("USER");
}
}

37
samples/httpsession-redis-json/src/main/java/sample/config/SessionConfig.java Normal file
View File

@@ -0,0 +1,37 @@
package sample.config;
import com.fasterxml.jackson.databind.ObjectMapper;
import org.springframework.context.annotation.Bean;
import org.springframework.data.redis.connection.jedis.JedisConnectionFactory;
import org.springframework.data.redis.serializer.GenericJackson2JsonRedisSerializer;
import org.springframework.data.redis.serializer.RedisSerializer;
import org.springframework.security.jackson2.SecurityJacksonModules;
import org.springframework.session.data.redis.config.annotation.web.http.EnableRedisHttpSession;
/**
* @author jitendra on 3/3/16.
*/
@EnableRedisHttpSession
public class SessionConfig {
@Bean
public RedisSerializer<Object> springSessionDefaultRedisSerializer() {
return new GenericJackson2JsonRedisSerializer(objectMapper());
}
@Bean
public JedisConnectionFactory connectionFactory() {
return new JedisConnectionFactory();
}
/**
* Customized {@link ObjectMapper} to add mix-in for class that doesn't have default constructors
*
* @return
*/
ObjectMapper objectMapper() {
ObjectMapper mapper = new ObjectMapper();
mapper.registerModules(SecurityJacksonModules.getModules());
return mapper;
}
}

15
samples/httpsession-redis-json/src/main/java/sample/mixins/BadCredentialsExceptionMixin.java Normal file
View File

@@ -0,0 +1,15 @@
package sample.mixins;
import com.fasterxml.jackson.annotation.*;
/**
* @author jitendra on 15/3/16.
*/
@JsonIdentityInfo(generator=ObjectIdGenerators.IntSequenceGenerator.class, property="@id")
@JsonIgnoreProperties({"cause", "@id"})
public class BadCredentialsExceptionMixin {
@JsonCreator
public BadCredentialsExceptionMixin(@JsonProperty("detailMessage") String msg) {
}
}

21
samples/httpsession-redis-json/src/main/java/sample/mixins/DefaultCsrfTokenMixin.java Normal file
View File

@@ -0,0 +1,21 @@
package sample.mixins;
import com.fasterxml.jackson.annotation.JsonCreator;
import com.fasterxml.jackson.annotation.JsonProperty;
import com.fasterxml.jackson.annotation.JsonTypeInfo;
import org.springframework.security.web.PortResolver;
import javax.servlet.http.HttpServletRequest;
/**
* @author jitendra on 8/3/16.
*/
@JsonTypeInfo(use = JsonTypeInfo.Id.CLASS, include = JsonTypeInfo.As.PROPERTY, property = "@class")
public abstract class DefaultCsrfTokenMixin {
@JsonCreator
public DefaultCsrfTokenMixin(@JsonProperty("headerName") String headerName,
@JsonProperty("parameterName") String parameterName,
@JsonProperty("token") String token) {
}
}

262
samples/httpsession-redis-json/src/main/java/sample/mixins/DefaultSavedRequestDeserializer.java Normal file
View File

@@ -0,0 +1,262 @@
package sample.mixins;
import com.fasterxml.jackson.core.JsonParser;
import com.fasterxml.jackson.core.JsonProcessingException;
import com.fasterxml.jackson.core.type.TypeReference;
import com.fasterxml.jackson.databind.DeserializationContext;
import com.fasterxml.jackson.databind.JsonNode;
import com.fasterxml.jackson.databind.ObjectMapper;
import com.fasterxml.jackson.databind.deser.std.StdDeserializer;
import com.sun.org.apache.xpath.internal.operations.Bool;
import org.springframework.security.web.PortResolverImpl;
import org.springframework.security.web.savedrequest.DefaultSavedRequest;
import org.springframework.security.web.savedrequest.SavedCookie;
import org.springframework.util.ObjectUtils;
import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletRequestWrapper;
import javax.servlet.http.HttpSession;
import java.io.IOException;
import java.lang.reflect.Proxy;
import java.util.*;
/**
* @author jitendra on 8/3/16.
*/
public class DefaultSavedRequestDeserializer extends StdDeserializer<DefaultSavedRequest> {
public DefaultSavedRequestDeserializer(Class<DefaultSavedRequest> requestClass) {
super(requestClass);
}
@Override
public DefaultSavedRequest deserialize(JsonParser p, DeserializationContext context) throws IOException, JsonProcessingException {
ObjectMapper mapper = (ObjectMapper) p.getCodec();
JsonNode jsonNode = mapper.readTree(p);
DummyServletRequest request = new DummyServletRequest();
request.setContextPath(jsonNode.get("contextPath").asText());
request.setMethod(jsonNode.get("method").asText());
request.setPathInfo(jsonNode.get("pathInfo").asText());
request.setQueryString(jsonNode.get("queryString").asText());
request.setRequestURI(jsonNode.get("requestURI").asText());
request.setRequestURL(jsonNode.get("requestURL").asText());
request.setScheme(jsonNode.get("scheme").asText());
request.setServerName(jsonNode.get("serverName").asText());
request.setServletPath(jsonNode.get("servletPath").asText());
request.setServerPort(jsonNode.get("serverPort").asInt());
List<Cookie> cookies = mapper.readValue(jsonNode.get("cookies").toString(), new TypeReference<List<Cookie>>() {
});
Map<String, String[]> params = mapper.readValue(jsonNode.get("parameterMap").toString(), new TypeReference<Map<String, String[]>>() {
});
ArrayList<Locale> locales = mapper.readValue(jsonNode.get("locales").toString(), new TypeReference<List<Locale>>() {
});
Map<String, List<String>> headers = mapper.readValue(jsonNode.get("headers").toString(), new TypeReference<Map<String, List<String>>>() {
});
request.setCookies(cookies.toArray(new Cookie[]{}));
request.setParameters(params);
request.setLocales(locales);
request.setHeaders(headers);
return new DefaultSavedRequest(request, new PortResolverImpl());
}
protected static class DummyServletRequest extends HttpServletRequestWrapper {
private static final HttpServletRequest UNSUPPORTED_REQUEST = (HttpServletRequest) Proxy
.newProxyInstance(DummyServletRequest.class.getClassLoader(),
new Class[]{HttpServletRequest.class},
new UnsupportedOperationExceptionInvocationHandler());
private String method;
private String pathInfo;
private String queryString;
private String requestURI;
private int serverPort;
private String requestURL;
private String scheme;
private String serverName;
private String contextPath;
private String servletPath;
private Cookie[] cookies;
private String remoteAddress;
private ArrayList<Locale> locales = new ArrayList<Locale>();
private Map<String, List<String>> headers = new TreeMap<String, List<String>>(String.CASE_INSENSITIVE_ORDER);
private Map<String, String[]> parameters = new TreeMap<String, String[]>();
private HttpSession session;
public DummyServletRequest() {
super(UNSUPPORTED_REQUEST);
}
public void setMethod(String method) {
this.method = method;
}
public void setPathInfo(String pathInfo) {
this.pathInfo = pathInfo;
}
public void setQueryString(String queryString) {
this.queryString = queryString;
}
public void setRequestURI(String requestURI) {
this.requestURI = requestURI;
}
public void setServerPort(int serverPort) {
this.serverPort = serverPort;
}
public void setRequestURL(String requestURL) {
this.requestURL = requestURL;
}
public void setScheme(String scheme) {
this.scheme = scheme;
}
public void setServerName(String serverName) {
this.serverName = serverName;
}
public void setContextPath(String contextPath) {
this.contextPath = contextPath;
}
public void setServletPath(String servletPath) {
this.servletPath = servletPath;
}
public void setCookies(Cookie[] cookies) {
this.cookies = cookies;
}
@Override
public Cookie[] getCookies() {
return cookies;
}
@Override
public Map<String, String[]> getParameterMap() {
return parameters;
}
public void setParameters(Map<String, String[]> params) {
this.parameters = params;
}
@Override
public Enumeration<String> getParameterNames() {
return Collections.enumeration(parameters.keySet());
}
@Override
public String[] getParameterValues(String name) {
return super.getParameterValues(name);
}
public void setLocales(ArrayList<Locale> locales) {
this.locales = locales;
}
public void setHeaders(Map<String, List<String>> headers) {
this.headers = headers;
}
@Override
public Enumeration<String> getHeaders(String name) {
return Collections.enumeration(headers.get(name));
}
@Override
public Enumeration<String> getHeaderNames() {
return Collections.enumeration(headers.keySet());
}
@Override
public String getMethod() {
return method;
}
@Override
public String getPathInfo() {
return pathInfo;
}
@Override
public String getQueryString() {
return (queryString == null || "null".equals(queryString)) ? "" : queryString;
}
@Override
public String getRequestURI() {
return requestURI;
}
@Override
public int getServerPort() {
return serverPort;
}
@Override
public StringBuffer getRequestURL() {
return new StringBuffer(requestURL);
}
@Override
public String getScheme() {
return scheme;
}
@Override
public String getServerName() {
return serverName;
}
@Override
public String getContextPath() {
return contextPath;
}
@Override
public String getServletPath() {
return servletPath;
}
@Override
public Enumeration<Locale> getLocales() {
return Collections.enumeration(locales);
}
public Map<String, List<String>> getHeaders() {
return headers;
}
public Map<String, String[]> getParameters() {
return parameters;
}
public String getRemoteAddr() {
return remoteAddress;
}
public void setRemoteAddr(String remoteAddress) {
this.remoteAddress = remoteAddress;
}
@Override
public HttpSession getSession() {
return session;
}
@Override
public HttpSession getSession(boolean create) {
return session;
}
public void setSession(HttpSession session) {
this.session = session;
}
}
}

34
samples/httpsession-redis-json/src/main/java/sample/mixins/HttpCookieDeserializer.java Normal file
View File

@@ -0,0 +1,34 @@
package sample.mixins;
import com.fasterxml.jackson.core.JsonParser;
import com.fasterxml.jackson.core.JsonProcessingException;
import com.fasterxml.jackson.databind.DeserializationContext;
import com.fasterxml.jackson.databind.JsonDeserializer;
import com.fasterxml.jackson.databind.JsonNode;
import com.fasterxml.jackson.databind.ObjectMapper;
import javax.servlet.http.Cookie;
import java.io.IOException;
import static sample.utils.JsonNodeExtractor.*;
/**
* @author jitendra on 22/3/16.
*/
public class HttpCookieDeserializer extends JsonDeserializer<Cookie> {
@Override
public Cookie deserialize(JsonParser p, DeserializationContext ctxt) throws IOException, JsonProcessingException {
ObjectMapper mapper = (ObjectMapper) p.getCodec();
JsonNode jsonNode = mapper.readTree(p);
Cookie cookie = new Cookie(getStringValue(jsonNode, "name"), getStringValue(jsonNode, "value"));
cookie.setComment(getStringValue(jsonNode, "comment"));
cookie.setDomain(getStringValue(jsonNode, "domain", ""));
cookie.setMaxAge(getIntValue(jsonNode, "maxAge", -1));
cookie.setSecure(getBooleanValue(jsonNode, "secure"));
cookie.setVersion(getIntValue(jsonNode, "version"));
cookie.setPath(getStringValue(jsonNode, "path"));
cookie.setHttpOnly(getBooleanValue(jsonNode, "httpOnly", false));
return cookie;
}
}

17
samples/httpsession-redis-json/src/main/java/sample/mixins/SavedCookieMixin.java Normal file
View File

@@ -0,0 +1,17 @@
package sample.mixins;
import com.fasterxml.jackson.annotation.JsonCreator;
import com.fasterxml.jackson.annotation.JsonProperty;
import com.fasterxml.jackson.annotation.JsonTypeInfo;
/**
* @author jitendra on 8/3/16.
*/
public abstract class SavedCookieMixin {
@JsonCreator
SavedCookieMixin(@JsonProperty("name") String name, @JsonProperty("value") String value, @JsonProperty("comment") String comment,
@JsonProperty("domain") String domain, @JsonProperty("maxAge") int maxAge, @JsonProperty("path") String path,
@JsonProperty("secure") boolean secure, @JsonProperty("version") int version){
}
}

15
samples/httpsession-redis-json/src/main/java/sample/mixins/SimpleGrantedAuthorityMixin.java Normal file
View File

@@ -0,0 +1,15 @@
package sample.mixins;
import com.fasterxml.jackson.annotation.JsonCreator;
import com.fasterxml.jackson.annotation.JsonProperty;
/**
* @author jitendra on 14/3/16.
*/
public abstract class SimpleGrantedAuthorityMixin {
@JsonCreator
public SimpleGrantedAuthorityMixin(@JsonProperty("authority") String role) {
}
}

16
samples/httpsession-redis-json/src/main/java/sample/mixins/UnmodifiableSetMixin.java Normal file
View File

@@ -0,0 +1,16 @@
package sample.mixins;
import com.fasterxml.jackson.annotation.JsonCreator;
import com.fasterxml.jackson.annotation.JsonProperty;
import java.util.Set;
/**
* @author jitendra on 14/3/16.
*/
public abstract class UnmodifiableSetMixin {
@JsonCreator
UnmodifiableSetMixin(@JsonProperty("s") Set s) {
}
}

14
samples/httpsession-redis-json/src/main/java/sample/mixins/UnsupportedOperationExceptionInvocationHandler.java Normal file
View File

@@ -0,0 +1,14 @@
package sample.mixins;
import java.lang.reflect.InvocationHandler;
import java.lang.reflect.Method;
/**
* @author jitendra on 8/3/16.
*/
public class UnsupportedOperationExceptionInvocationHandler implements InvocationHandler {
@Override
public Object invoke(Object proxy, Method method, Object[] args) throws Throwable {
throw new UnsupportedOperationException(method + " is not supported");
}
}

38
samples/httpsession-redis-json/src/main/java/sample/mixins/UserDeserializer.java Normal file
View File

@@ -0,0 +1,38 @@
package sample.mixins;
import com.fasterxml.jackson.core.JsonParser;
import com.fasterxml.jackson.core.JsonProcessingException;
import com.fasterxml.jackson.core.type.TypeReference;
import com.fasterxml.jackson.databind.DeserializationContext;
import com.fasterxml.jackson.databind.JsonDeserializer;
import com.fasterxml.jackson.databind.JsonNode;
import com.fasterxml.jackson.databind.ObjectMapper;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.core.userdetails.User;
import java.io.IOException;
import java.util.Set;
import static sample.utils.JsonNodeExtractor.*;
/**
* @author jitendra on 14/3/16.
*/
public class UserDeserializer extends JsonDeserializer<User> {
@Override
public User deserialize(JsonParser p, DeserializationContext ctxt) throws IOException, JsonProcessingException {
ObjectMapper mapper = (ObjectMapper) p.getCodec();
JsonNode jsonNode = mapper.readTree(p);
Set<GrantedAuthority> authorities = mapper.readValue(jsonNode.get("authorities").toString(), new TypeReference<Set<GrantedAuthority>>() {});
return new User(
getStringValue(jsonNode, "username"),
getStringValue(jsonNode, "password", ""),
getBooleanValue(jsonNode, "enabled"),
getBooleanValue(jsonNode, "accountNonExpired"),
getBooleanValue(jsonNode, "credentialsNonExpired"),
getBooleanValue(jsonNode, "accountNonLocked"),
authorities
);
}
}

46
samples/httpsession-redis-json/src/main/java/sample/mixins/UsernamePasswordAuthenticationTokenDeserializer.java Normal file
View File

@@ -0,0 +1,46 @@
package sample.mixins;
import com.fasterxml.jackson.core.JsonParser;
import com.fasterxml.jackson.core.JsonProcessingException;
import com.fasterxml.jackson.core.type.TypeReference;
import com.fasterxml.jackson.databind.DeserializationContext;
import com.fasterxml.jackson.databind.JsonDeserializer;
import com.fasterxml.jackson.databind.JsonNode;
import com.fasterxml.jackson.databind.ObjectMapper;
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.core.userdetails.User;
import java.io.IOException;
import java.util.List;
/**
* @author jitendra on 9/3/16.
*/
public class UsernamePasswordAuthenticationTokenDeserializer extends JsonDeserializer<UsernamePasswordAuthenticationToken> {
@Override
public UsernamePasswordAuthenticationToken deserialize(JsonParser p, DeserializationContext ctxt) throws IOException, JsonProcessingException {
UsernamePasswordAuthenticationToken token = null;
ObjectMapper mapper = (ObjectMapper) p.getCodec();
JsonNode jsonNode = mapper.readTree(p);
Boolean authenticated = jsonNode.get("authenticated").asBoolean();
JsonNode principalNode = jsonNode.get("principal");
Object principal = null;
if(principalNode.isObject()) {
principal = mapper.readValue(principalNode.toString(), new TypeReference<User>() {});
} else {
principal = principalNode.asText();
}
Object credentials = jsonNode.get("credentials").asText();
List<GrantedAuthority> authorities = mapper.readValue(jsonNode.get("authorities").toString(), new TypeReference<List<GrantedAuthority>>() {
});
if (authenticated) {
token = new UsernamePasswordAuthenticationToken(principal, credentials, authorities);
} else {
token = new UsernamePasswordAuthenticationToken(principal, credentials);
}
token.setDetails(jsonNode.get("details"));
return token;
}
}

127
samples/httpsession-redis-json/src/main/java/sample/mixins/WebAuthenticationDetailsDeserializer.java Normal file
View File

@@ -0,0 +1,127 @@
package sample.mixins;
import com.fasterxml.jackson.core.JsonParser;
import com.fasterxml.jackson.core.JsonProcessingException;
import com.fasterxml.jackson.databind.DeserializationContext;
import com.fasterxml.jackson.databind.JsonDeserializer;
import com.fasterxml.jackson.databind.JsonNode;
import com.fasterxml.jackson.databind.ObjectMapper;
import org.springframework.security.web.authentication.WebAuthenticationDetails;
import javax.servlet.ServletContext;
import javax.servlet.http.HttpSession;
import javax.servlet.http.HttpSessionContext;
import java.io.IOException;
import java.util.Enumeration;
/**
* @author jitendra on 14/3/16.
*/
public class WebAuthenticationDetailsDeserializer extends JsonDeserializer<WebAuthenticationDetails> {
@Override
public WebAuthenticationDetails deserialize(JsonParser p, DeserializationContext ctxt) throws IOException, JsonProcessingException {
ObjectMapper mapper = (ObjectMapper) p.getCodec();
JsonNode jsonNode = mapper.readTree(p);
DummyHttpSession session = new DummyHttpSession();
session.setId(jsonNode.get("sessionId").asText());
DefaultSavedRequestDeserializer.DummyServletRequest request = new DefaultSavedRequestDeserializer.DummyServletRequest();
request.setRemoteAddr(jsonNode.get("remoteAddress").asText());
request.setSession(session);
return new WebAuthenticationDetails(request);
}
protected static class DummyHttpSession implements HttpSession {
private String id;
@Override
public long getCreationTime() {
return 0;
}
@Override
public String getId() {
return this.id;
}
public void setId(String id) {
this.id = id;
}
@Override
public long getLastAccessedTime() {
return 0;
}
@Override
public ServletContext getServletContext() {
return null;
}
@Override
public void setMaxInactiveInterval(int interval) {
}
@Override
public int getMaxInactiveInterval() {
return 0;
}
@Override
public HttpSessionContext getSessionContext() {
return null;
}
@Override
public Object getAttribute(String name) {
return null;
}
@Override
public Object getValue(String name) {
return null;
}
@Override
public Enumeration<String> getAttributeNames() {
return null;
}
@Override
public String[] getValueNames() {
return new String[0];
}
@Override
public void setAttribute(String name, Object value) {
}
@Override
public void putValue(String name, Object value) {
}
@Override
public void removeAttribute(String name) {
}
@Override
public void removeValue(String name) {
}
@Override
public void invalidate() {
}
@Override
public boolean isNew() {
return false;
}
}
}

45
samples/httpsession-redis-json/src/main/java/sample/utils/JsonNodeExtractor.java Normal file
View File

@@ -0,0 +1,45 @@
package sample.utils;
import com.fasterxml.jackson.databind.JsonNode;
import com.sun.org.apache.xpath.internal.operations.Bool;
/**
* Created by jitendra on 28/3/16.
*/
public class JsonNodeExtractor {
public static String getStringValue(JsonNode jsonNode, String field) {
return getStringValue(jsonNode, field, null);
}
public static String getStringValue(JsonNode jsonNode, String field, String defaultValue) {
JsonNode node = getValue(jsonNode, field);
return (node != null) ? node.asText(defaultValue) : defaultValue;
}
private static JsonNode getValue(JsonNode jsonNode, String field) {
if (jsonNode.has(field)) {
return jsonNode.get(field);
} else {
return null;
}
}
public static Integer getIntValue(JsonNode jsonNode, String field) {
return getIntValue(jsonNode, field, 0);
}
public static Integer getIntValue(JsonNode jsonNode, String field, Integer defaultValue) {
JsonNode node = getValue(jsonNode, field);
return (node != null) ? node.asInt(defaultValue) : defaultValue;
}
public static Boolean getBooleanValue(JsonNode jsonNode, String field) {
return getBooleanValue(jsonNode, field, false);
}
public static Boolean getBooleanValue(JsonNode jsonNode, String field, Boolean defaultValue) {
JsonNode node = getValue(jsonNode, field);
return (node != null) ? node.asBoolean(defaultValue) : defaultValue;
}
}

31
samples/httpsession-redis-json/src/main/java/sample/web/HomeController.java Normal file
View File

@@ -0,0 +1,31 @@
package sample.web;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestParam;
import javax.servlet.http.HttpServletRequest;
import static org.springframework.util.ObjectUtils.isEmpty;
/**
* @author jitendra on 5/3/16.
*/
@Controller
public class HomeController {
@RequestMapping("/")
public String home() {
return "home";
}
@RequestMapping("/setValue")
public String setValue(@RequestParam(name = "key", required = false) String key,
@RequestParam(name = "value", required = false) String value,
HttpServletRequest request) {
if (!isEmpty(key) && !isEmpty(value)) {
request.getSession().setAttribute(key, value);
}
return "home";
}
}

16
samples/httpsession-redis-json/src/main/java/sample/web/LoginController.java Normal file
View File

@@ -0,0 +1,16 @@
package sample.web;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.RequestMapping;
/**
* @author jitendra on 3/3/16.
*/
@Controller
public class LoginController {
@RequestMapping("/login")
public String login() {
return "login";
}
}