Spring Security 401 - 使用/ Angularjs调用restful服务

时间:2014-02-21 11:56:42

标签: angularjs rest spring-security restful-authentication http-status-code-401

我遇到弹簧安全问题。我已经用我的用户完成了身份验证过程,但当我通过angularjs调用restful服务时,我发现了错误401。

    <?xml version="1.0" encoding="UTF-8" standalone="no"?>
<beans:beans xmlns="http://www.springframework.org/schema/security" 
    xmlns:beans="http://www.springframework.org/schema/beans" 
    xmlns:context="http://www.springframework.org/schema/context" 
    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" 
    xsi:schemaLocation="http://www.springframework.org/schema/beans   
                        http://www.springframework.org/schema/beans/spring-beans-3.1.xsd      
                        http://www.springframework.org/schema/security    
                        http://www.springframework.org/schema/security/spring-security-3.1.xsd        
                        http://www.springframework.org/schema/context         
                        http://www.springframework.org/schema/context/spring-context-3.1.xsd">

    <context:component-scan base-package="it.xxx.yyy.service.security" scoped-proxy="interfaces" />

    <http realm="Protected API"
            use-expressions="true"
            auto-config="false"
            create-session="stateless"
            entry-point-ref="unauthorizedEntryPoint"
            authentication-manager-ref="authenticationManager">
        <custom-filter ref="authenticationTokenProcessingFilter" position="FORM_LOGIN_FILTER" />    
        <intercept-url pattern="/" access="permitAll"/>
        <intercept-url pattern="/static/**" access="permitAll"/>
        <intercept-url pattern="/rest/" access="permitAll"/>
        <intercept-url pattern="/rest/secure/**" access="isAuthenticated()" />
        <intercept-url pattern="/secure/**" access="isAuthenticated()"/>
        <remember-me key="YYY2RMKey" user-service-ref="CustomUserDetailsService"/> 
    </http>
    <authentication-manager id="authenticationManager">
        <authentication-provider user-service-ref="CustomUserDetailsService">
            <password-encoder hash="sha"/>
        </authentication-provider>
    </authentication-manager>
</beans:beans>

有什么想法吗?

1 个答案:

答案 0 :(得分:1)

也许解决方案是以这种方式阐明方法

<intercept-url method="GET" pattern="/rest/secure/**" access="isAuthenticated()" />
<intercept-url method="PUT" pattern="/rest/secure/**" access="isAuthenticated()" />
<intercept-url method="POST" pattern="/rest/secure/**" access="isAuthenticated()" />
<intercept-url method="DELETE" pattern="/rest/secure/**" access="isAuthenticated()" />
相关问题
最新问题