Question

我正在重构一个Spring-Boot应用程序而且我已经遇到了

o.s.web.servlet.PageNotFound - No mapping found for HTTP request with URI [/rootProject/css/app.css]

适用于所有CSS和JavaScript文件。

项目的结构如下：

rootProject
- 的src
  - 主
    - 的java
    - 资源
      - CSS
      - JS

我的主要安全实施是：

@Configuration
@EnableWebSecurity
public class SecurityConfiguration extends WebSecurityConfigurerAdapter { 

    // other methods

    @Override
    protected void configure(HttpSecurity http) throws Exception {
        // TODO: api must be protected but default alpaca connector does not support protected sources. We'll need to register a custom connector
        http
                .authorizeRequests()
                .antMatchers(
                        "/images/**",
                        "/css/**",
                        "/health/**",
                        "/js/**",
                        "/api/**",
                        "/reports/**",
                        "/h2-console/**",
                        "/oauth/authorize",
                        "/oauth/confirm_access",
                        "/oauth/token_key").permitAll()
                .antMatchers("/admin/**").hasAuthority(BaseRoleEnum.BASE_ADMIN.toString())
                .anyRequest().authenticated()
                .and()
                .formLogin()
                .loginPage("/login")
                .permitAll()
                .and()
                .logout()
                .logoutRequestMatcher(new AntPathRequestMatcher("/logout"))
                .logoutSuccessUrl("/login")
                .and()
                .headers()
                .frameOptions()
                .sameOrigin()
                .and()
                .csrf()
                .disable();
    }
}

我的主要配置类是：

@Configuration
@EnableWebMvc
@ComponentScan(basePackages = "basePackages")
// Enable caching for the application
//@EnableCaching
public class TouchConfiguration extends WebMvcConfigurerAdapter{

    // other beans and methods

    @Override
    public void addResourceHandlers(ResourceHandlerRegistry registry) {
        registry.addResourceHandler("/static/**").addResourceLocations("/static/");
    }
}

我在这里缺少什么，所以这可以按预期工作？

Answer 1

我已将所有静态资源路径安全性添加为无。这是一个全局配置。下面的示例是XML格式的。您也应该能够在配置中执行相同的操作。

<!-- Global Security Ignore for resources -->
    <security:http pattern="/resources/**" security="none" ></security:http>
    <security:http pattern="/*.css*" security="none" ></security:http>
    <security:http pattern="/*.js*" security="none" ></security:http>
    <security:http pattern="/*.gif*" security="none" ></security:http>
    <security:http pattern="/*.png*" security="none" ></security:http>
    <security:http pattern="/*.jpg*" security="none" ></security:http>
    <security:http pattern="/*.svg*" security="none" ></security:http>
    <security:http pattern="/*.ico*" security="none" ></security:http>

Answer 2

我认为你应该在/ resourses / static / **路径下有.css和.js文件 project static resources structure in elipse

另外，请确保以正确的方式正确链接＆lt; href =“resources / css / app.css”rel =“stylesheet”media =“screen”＆gt;

Spring安全性 - 为什么我无法访问WebSecurityConfigurerAdapter中定义的静态资源？

2 个答案: