SecurityFilterChain - http.authorizeHttpRequests()不工作.本地主机重定

由于WebSecurityConfigurerAdapter已被弃用，我试图用SecurityFilterChain filterChain(HttpSecurity http)取代configure(HttpSecurity http)。我试着把下面的代码拼凑在一起，但它不起作用，并且在chrome上给出localhost redirected you too many times错误，但在控制台没有显示任何错误。我甚至按照建议清除了cookie，但它仍然不起作用。

AppSecurityConfig.java

@Configuration
public class AppSecurityConfig {
@Autowired
private UserDetailsService userDetailsService;

@Bean
public AuthenticationProvider authProvider() {
DaoAuthenticationProvider provider = new DaoAuthenticationProvider();
provider.setUserDetailsService(userDetailsService);
provider.setPasswordEncoder(new BCryptPasswordEncoder()); 

return provider;
}

//Trying to replace configure(HttpSecurity http) method
@Bean
public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {

http
.csrf().disable()
.authorizeHttpRequests()
.requestMatchers("/login").permitAll()
.anyRequest().authenticated()
.and()
.formLogin()
.loginPage("/login").permitAll()
.and()
.logout().invalidateHttpSession(true)
.clearAuthentication(true)
.logoutRequestMatcher(new AntPathRequestMatcher("/logout"))
.logoutSuccessUrl("/logout-success").permitAll();

return http.build();
}
}

.authorizeRequests()已弃用，所以我使用.authorizeHttpRequests()。下面SS是chrome的输出:chrome

输出错误HomeComtroller.java

@Controller
public class HomeController {
@RequestMapping("/")
public String home() {
return "home.jsp";
}

@RequestMapping("/login")
public String loginPage() {
return "login.jsp";
}
@RequestMapping("/logout-success")
public String logoutPage() {
return "logout.jsp";
}
}

login . jsp

<body>
<h1>Login</h1>
${SPRING_SECURITY_LAST_EXCEPTION.message}
<form action="login" method="post">
<table>
<tr>
<td>User:</td>
<td><input type='text' name='username' value='' /></td>
</tr>
<tr>
<td>Password:</td>
<td><input type="password" name='password' /></td>
</tr>
<tr>
<td><input type="submit" name='submit' value='submit' /></td>
</tr>
</table>
</form>

</body>
</html>