使用spring security为login.html页面授予公共权限

时间:2016-08-29 00:15:37

标签: angularjs spring-security

我将AngularJs模板(SB Admin Angular)集成到spring boot前端应用程序('grunt built'命令的输出)。 我正在尝试将login.html页面权限设置为public。这是我使用的代码(不工作)

@Configuration
@Order(SecurityProperties.ACCESS_OVERRIDE_ORDER)
public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
    @Override
    protected void configure(HttpSecurity http) throws Exception {
        http
                .httpBasic().and().authorizeRequests()
                .antMatchers("/","/index.html","/views/pages/login.html")
                .permitAll().anyRequest().authenticated();
    }
}

每当我转到http://localhost:8080/#/login时,浏览器的窗口会显示告诉我春季启动需要用户名和通行证。 我需要帮助才能知道我做了什么错误。

这是我的项目结构

project structure

同样,如果你想探索模板并看看如何在模板中使用ui-router:http://startangular.com/product/sb-admin-angular-theme/

npm install然后grunt build将创建一个包含模板的dist目录。

1 个答案:

答案 0 :(得分:0)

我认为您有登录问题,所以您的同意不会被传递到应用程序 使用formLogin

@Override
protected void configure(HttpSecurity http) throws Exception {
    http
            .httpBasic().and().authorizeRequests()
            .antMatchers("/","/index.html","/views/pages/login.html")
            .permitAll()
            .anyRequest().authenticated()
            .and()
            .formLogin()
            .successHandler(new AuthenticationSuccessHandler() {
                @Override
                public void onAuthenticationSuccess(
                        HttpServletRequest request,
                        HttpServletResponse response,
                        Authentication a) throws IOException, ServletException {
                            //To change body of generated methods,
                            response.setStatus(HttpServletResponse.SC_OK);
                        }
            })
            .failureHandler(new AuthenticationFailureHandler() {

                @Override
                public void onAuthenticationFailure(
                        HttpServletRequest request,
                        HttpServletResponse response,
                        AuthenticationException ae) throws IOException, ServletException {
                            response.setStatus(HttpServletResponse.SC_UNAUTHORIZED);
                        }
            })
            .loginProcessingUrl("/access/login")
            .and()
            .logout()
            .logoutUrl("/access/logout")                
            .logoutSuccessHandler(new LogoutSuccessHandler() {
                @Override
                public void onLogoutSuccess(
                        HttpServletRequest request, 
                        HttpServletResponse response, 
                        Authentication a) throws IOException, ServletException {
                    response.setStatus(HttpServletResponse.SC_NO_CONTENT);
                }
            })

}
相关问题
最新问题