我需要在 https://service.domain.it 中部署前端,在 https://service.domain.it/api 中部署后端。 我已经完成了部署配置,但我在 Spring Security + JWT 身份验证方面遇到了麻烦。这是WebSecurityConfigurerAdapter的配置方法
@Override
public void configure(HttpSecurity http) throws Exception {
http.csrf().disable()
.authorizeRequests()
.antMatchers("/public/**").permitAll() //login/logout/recoverypassw
.antMatchers("/user/**").hasAnyRole("USER","ADMIN")
.antMatchers("/admin/**").hasRole("ADMIN")
.anyRequest().authenticated()
.and().exceptionHandling().authenticationEntryPoint(jwtAuthenticationEntryPoint).
and().sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS).
and().addFilterBefore(jwtAuthenticationFilter, UsernamePasswordAuthenticationFilter.class);
}
这是nginx的配置
#service.domain.it
server{
listen 443 ssl;
server_name smartgrid.russi.ovh;
ssl_certificate /etc/letsencrypt/live/service.domain.it/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/service.domain.it/privkey.pem;
location /api/ {
#backend
proxy_pass http://localhost:8085;
}
location / {
#frontend
index index.html;
alias /var/www/html/Service/;
}
}
server{
listen 80;
server_name service.domain.it;
return 301 https://service.domain.it$request_uri;
}
我该怎么办?
答案 0 :(得分:0)
您的后端服务无法识别您的 proxy_configuration 中使用的 /api
。您必须先重写 URI,然后才能将其发送到后端。
location /api {
rewrite ^/api/(.*) /$1 break;
proxy_pass http://backend/;
}
这将从 URI 中删除 /api
,然后再将其发送到后端。