我正在尝试使用 Spring Boot 和 Spring Security 创建一个简单的登录,但我不明白为什么它不起作用。 基本上我有两个 View ,位于 resources/login/login.html 和 resources/login/registerUser.html 每当我尝试登录或注册时,它都会拒绝访问:( 我猜它无法访问这两个资源,但我不明白出了什么问题:(
Controller :
@RequestMapping("/showReg")
public String showRegistrationPage() {
return "login/registerUser";
}
@RequestMapping(value = "/registerUser", method = RequestMethod.POST)
public String register(@ModelAttribute("user") User user) {
user.setPassword(encoder.encode(user.getPassword()));
userRepository.save(user);
return "login/login";
}
@RequestMapping(value = "/loginForm", method = RequestMethod.POST)
public String login(@RequestParam("email") String email, @RequestParam("password") String password, Model model) {
boolean loginResponse = securityService.login(email, password);
System.out.println(loginResponse);
if (loginResponse) {
return "findFlights";
} else {
model.addAttribute("msg", "Invalid username or password.Please try again!");
}
return "login/login";
}
@RequestMapping(value = "/login", method = RequestMethod.GET)
public String getLogin() {
return "login/login";
}
WebSecurityConfig 类
@Configuration
@EnableWebSecurity
public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
@Bean
public BCryptPasswordEncoder bCryptPasswordEncoder() {
return new BCryptPasswordEncoder();
}
@Override
public void configure(HttpSecurity http) throws Exception {
http.authorizeRequests()
.antMatchers("/assets/**" ,"/showReg", "/", "/index.html", "/registerUser", "/login", "/showLogin",
"/login/*", "/reservations/*")
.permitAll().antMatchers("/admin/showFlight").hasAnyAuthority("ADMIN").anyRequest().authenticated()
.and().csrf().disable();
}
@Bean(name = BeanIds.AUTHENTICATION_MANAGER)
@Override
public AuthenticationManager authenticationManagerBean() throws Exception {
return super.authenticationManagerBean();
}
}
最佳答案
使用重载的configure(WebSecurity web)方法。
@Override
public void configure(WebSecurity web) throws Exception {
web.ignoring()
.antMatchers("/assets/**" ,"/showReg", "/", "/index.html", "/registerUser", "/login", "/showLogin", "/login/*", "/reservations/*");
}
关于java - Spring Security 拒绝访问 html 资源,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/52844697/