我想创建一个简单的REST API,我正在使用Angular 6和Spring Boot。我想对我的应用程序实施日志记录,但是每当我尝试注册时,都会得到404 Not Found / login。我查看了发现的现有类似问题,但似乎无济于事。
这是我的spring安全配置(我确定我的注册表单和控制器可以正常工作,所以我认为问题出在那儿
@Configuration
@EnableWebSecurity
public class SecurityConfig extends WebSecurityConfigurerAdapter {
@Value("${allowedOriginAddress}")
private String allowedOriginAddress;
@Bean
public PasswordEncoder passwordEncoder() {
return new BCryptPasswordEncoder();
}
@Bean
public UserDataDetailsService userDataDetailsService() {
return new UserDataDetailsService();
}
@Bean
public CorsConfigurationSource corsConfigurationSource() {
final CorsConfiguration configuration = new CorsConfiguration();
configuration.setAllowedOrigins(
Arrays.asList(
allowedOriginAddress,
allowedOriginAddress + "/*")
);
configuration.setAllowedMethods(Arrays.asList("GET","POST","DELETE","OPTIONS","PUT"));
configuration.setAllowCredentials(true);
configuration.setAllowedHeaders(Arrays.asList("*"));
final UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource();
source.registerCorsConfiguration("/**", configuration);
return source;
}
@Bean
@Override
public AuthenticationManager authenticationManagerBean() throws Exception {
return super.authenticationManagerBean();
}
@Override
protected void configure(HttpSecurity http) throws Exception {
http.cors().and()
.authorizeRequests()
.anyRequest().permitAll()
.and().csrf().disable()
.formLogin()
.loginPage("/")
.usernameParameter("email")
.loginProcessingUrl("/login")
.failureForwardUrl("/prev")
.successForwardUrl("/next")
.and().authorizeRequests().anyRequest().permitAll();
}
@Override
protected void configure(AuthenticationManagerBuilder auth) throws Exception {
auth.userDetailsService(userDataDetailsService()).passwordEncoder(passwordEncoder());
}
}
@SpringBootApplication
@Configuration
public class WhispererApplication implements WebMvcConfigurer {
public static void main(String[] args) {
SpringApplication.run(WhispererApplication.class, args);
}
}
答案 0 :(得分:0)
我在您的项目中找不到身份验证配置。请尝试添加以下代码:
expense_sheet=pd.read_excel(excel_file,sheet_name=sheet, header=1,skipfooter=1
我认为您的代码将是:
.anyRequest().authenticated()
如果使用JWTAuthenticationFilter和JWTAuthorizationFilter来验证用户身份,则将管理JWT。
答案 1 :(得分:0)
我们可以使用uname -r
4.4.0-1079-aws
而不是anyRequest.permitAll()
来允许访问端点(例如SignUp,SignIn,Logout活动) ,任何人都可以在不进行自动化的情况下进行访问。之后,我们可以使用anyRequest.authenticated()来验证用户
.antMatchers("/endPoint").permitAll()