我正在尝试使用spring security 3.2.6来验证我的Web应用程序中使用AngularJS 1.5.9和Jersey(执行Rest服务)的表单。
这是我的登录表单:
<!DOCTYPE html>
<html>
<head>
<meta charset="ISO-8859-1">
<title>MongoGlass | Login</title>
<style>
body {
padding-top: 20px;
}
.error {
color: red;
}
</style>
</head>
<body>
<div class="container">
<div class="row">
<div class="col-md-4 col-md-offset-4">
<div class="panel panel-default">
<div class="panel-heading">
<h3 class="panel-title">Please sign in</h3>
</div>
<div class="panel-body">
<form accept-charset="UTF-8" role="form" name="loginForm"
novalidate>
<fieldset>
<div class="form-group">
<input class="form-control" placeholder="Username"
name="username" type="text" ng-model="login.username" required>
<span ng-class="{'error': loginForm.username.$error.required}"
ng-show="loginForm.username.$error.required && loginForm.$submitted">Insert your username</span>
</div>
<div class="form-group">
<input class="form-control" placeholder="Password"
name="password" type="password" ng-model="login.password"
required>
<span ng-class="{'error': loginForm.password.$error.required}"
ng-show="loginForm.password.$error.required && loginForm.$submitted">Campo
obbligatorio</span>
</div>
<input class="btn btn-lg btn-success btn-block" type="submit"
value="Login" ng-click="loginForm.$valid && submit(login)">
</fieldset>
</form>
</div>
</div>
</div>
</div>
</div>
</body>
</html>
当表单被汇总时,它在相应的AngularJS控制器中被称为sumbit(credentials)
函数:
var myApp = angular.module('LoginModule', []);
myApp.controller('LoginController', ['$scope','$http', function($scope, $http){
$scope.submit = function(credential) {
var name = credential.username;
var password = credential.password;
var login = {
"name":name,
"password":password
}
$http(
{
method : 'POST',
url : "/mongoglass-rest/rest/login/authenticate",
headers : {
'Content-Type' : 'application/x-www-form-urlencoded; charset=UTF-8'
},
data : login
})
.success(function(response,status) {
});
}
}])
通过这种方式,submit
函数调用/rest/login/authenticate
,这是我的登录表单使用spring-security处理的地方:
<?xml version="1.0" encoding="UTF-8"?>
<beans:beans xmlns:security="http://www.springframework.org/schema/security"
xmlns:beans="http://www.springframework.org/schema/beans" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:context="http://www.springframework.org/schema/context"
xsi:schemaLocation="http://www.springframework.org/schema/beans
http://www.springframework.org/schema/beans/spring-beans.xsd
http://www.springframework.org/schema/security
http://www.springframework.org/schema/security/spring-security.xsd
http://www.springframework.org/schema/context
http://www.springframework.org/schema/context/spring-context.xsd">
<context:annotation-config />
<context:component-scan base-package="it.project.mongoglass.rest" />
<beans:bean id="mySuccessHandler" class="it.project.mongoglass.rest.spring.security.RestSuccessHandler">
<beans:property name="defaultTargetUrl" value="/rest/login/authenticate"></beans:property>
</beans:bean>
<security:http
realm="Protected API"
use-expressions="true"
auto-config="false"
create-session="stateless"
entry-point-ref="preAuthenticatedProcessingFilterEntryPoint"
authentication-manager-ref="authenticationManager">
<security:form-login login-processing-url="/rest/login/authenticate"
username-parameter="username" password-parameter="password"
authentication-success-handler-ref="mySuccessHandler"></security:form-login>
<security:intercept-url pattern="/rest/login/**" access="permitAll" />
</security:http>
<beans:bean id="authenticationManager" class="org.springframework.security.authentication.ProviderManager">
<beans:property name="providers">
<beans:list>
<beans:ref bean="daoAuthenticationProvider"/>
</beans:list>
</beans:property>
</beans:bean>
<beans:bean id="daoAuthenticationProvider"
class="org.springframework.security.authentication.dao.DaoAuthenticationProvider">
<beans:property name="userDetailsService" ref="daoUserDetailsService"/>
<beans:property name="passwordEncoder" ref="shaPasswordEncoder"/>
</beans:bean>
<beans:bean id="daoUserDetailsService" class="it.project.mongoglass.rest.spring.service.impl.UserDetailsServiceImpl" />
<beans:bean id="shaPasswordEncoder" class="org.springframework.security.authentication.encoding.ShaPasswordEncoder">
<beans:constructor-arg value="256"/>
</beans:bean>
</beans:beans>
这不起作用,当我提交表格时,我得到404.
答案 0 :(得分:0)
$http(
{ ...
url : "/mongoglass-rest/rest/login/authenticate",
...
}
过滤器中的和url不同。
login-processing-url="/rest/login/authenticate"