无法在html页面中加载CSS文件

时间:2019-07-01 07:23:35

标签: java css spring-security

我正在尝试使用Spring Security创建登录页面,并已在AntMatcher列表中添加了.css文件以获取许可。但仍然,尝试加载CSS文件时出现以下错误。

例外: 

home:6 GET http://localhost:8080/defaultStyle.css net::ERR_ABORTED 404

使用更改的类进行更新。

WebSecurityConfig类代码: 

@Configuration
@EnableWebSecurity
@EnableGlobalMethodSecurity( jsr250Enabled = true,
                         prePostEnabled = true )
public class WebSecurityConfig extends WebSecurityConfigurerAdapter
{

@Autowired
CustomUserDetailsService customUserDetailsService;

@Autowired
private JwtAuthenticationEntryPoint unauthorizedHandler;

@Autowired
private JwtAuthenticationFilter jwtAuthenticationFilter;

@Autowired
private CustomAccessDeniedHandler customAccessDeniedHandler;

@Bean
public AuthenticationManager authenticationManagerBean() throws Exception
{
    return super.authenticationManagerBean();
}

@Override
public void configure( WebSecurity web ) throws Exception
{
    web.ignoring()
       .antMatchers( "/*.css" ) // or better ending with ".{js,html}" or something
       .antMatchers( "/resources/static/**/*" );
}

@Override
public void configure( HttpSecurity http ) throws Exception
{

    http.cors().and().csrf().disable().authorizeRequests()

        .antMatchers( "/*", "/admin", "/api/auth/**",
            "/static/**",
            "/css/*.css",
            "/img/**",
            "/favicon.ico",
            "/**/*.png",
            "/**/*.gif",
            "/**/*.svg",
            "/**/*.jpg",
            "/**/*.html",
            "/**/*.css",
            "/**/*.js",
            "/webjars/**" ).permitAll()
        .anyRequest().authenticated()
        .and()
        .formLogin().loginPage( "/home" )
        .loginProcessingUrl( "/login-user" )
        .defaultSuccessUrl( "/dashboard" ).permitAll()
        .and()
        .logout().invalidateHttpSession( true )
        .clearAuthentication( true )
        .logoutRequestMatcher( new AntPathRequestMatcher( "/logout" ) )
        .logoutSuccessUrl( "/login?logout" )
        .permitAll().and()

        .exceptionHandling().accessDeniedHandler( customAccessDeniedHandler ).authenticationEntryPoint( unauthorizedHandler ).and()
        .sessionManagement().sessionCreationPolicy( SessionCreationPolicy.STATELESS );
    http

        .addFilterBefore( jwtAuthenticationFilter, UsernamePasswordAuthenticationFilter.class );
}

@Autowired
public void globalUserDetails( AuthenticationManagerBuilder auth ) throws Exception
{
    auth.userDetailsService( customUserDetailsService )
        .passwordEncoder( passwordEncoder() );
}

@Bean
public PasswordEncoder passwordEncoder()
{
    return new BCryptPasswordEncoder();
}
}

网络配置类 

Configuration
@EnableWebMvc
public class WebConfig implements WebMvcConfigurer
{

@Override
public void addResourceHandlers( ResourceHandlerRegistry registry )
{
    registry
        .addResourceHandler( "swagger-ui.html" )
        .addResourceLocations( "classpath:/META-INF/resources/" );

    registry
        .addResourceHandler( "/webjars/**" )
        .addResourceLocations( "classpath:/META-INF/resources/webjars/" );
    registry
        .addResourceHandler( "/static/**" )
        .addResourceLocations( "classpath:/static/" );
    registry.addResourceHandler( "/css/**" )
            .addResourceLocations( "/css/" );
    registry.addResourceHandler( "/img/**" )
            .addResourceLocations( "/img/" );
    registry.addResourceHandler( "/js/**" )
            .addResourceLocations( "/js/" );
}

@Override
public void addCorsMappings( CorsRegistry registry )
{
    registry.addMapping( "/**" )
            .allowedMethods( "POST", "GET", "PUT", "OPTIONS", "DELETE" )
            .allowedHeaders( "X-Auth-Token", "Content-Type" )
            .exposedHeaders( "custom-header1", "custom-header2" )
            .allowCredentials( false )
            .maxAge( 4800 );
}

@Override
public void addViewControllers( ViewControllerRegistry registry )
{
    System.out.println( "Inside MvcConfig addViewControllers() adding View forgot" );
    registry.addViewController( "/admin/home" ).setViewName( "jsp/home" );
    registry.addViewController( "/login" ).setViewName( "/login" );
}
}

enter image description here

新错误

enter image description here

修改

我已使用修改后的Web安全文件更新了问题,并将异常更改为我现在得到的新异常。

1 个答案:

答案 0 :(得分:0)

请尝试以下代码

 http.cors().and().csrf().disable().
            authorizeRequests()
            .antMatchers( "/",
                "/static/**",
                "/img/**",
                "/favicon.ico",
                "/**/*.png",
                "/**/*.gif",
                "/**/*.svg",
                "/**/*.jpg",
                "/**/*.html",
                "/**/*.css",
                "/**/*.js",
                "/webjars/**" ).permitAll()
            .antMatchers( "/api/auth/**" ).permitAll()
            .anyRequest().authenticated()
            .and()
            .formLogin().loginPage( "/home" )
            .loginProcessingUrl("/login")
            .defaultSuccessUrl( "/dashboard").permitAll()
            .and()

Ref 1 Ref 2

相关问题
最新问题