[英]Spring security oauth2 and angular JS token in URL path?
I am creating a web app with angular-js in the front end and Spring in the back-end. 我正在创建一个Web应用程序,前端使用angular-js,后端使用Spring。 For security I am making use of spring's oauth 2 token authentication. 为了安全起见,我使用spring的oauth 2令牌认证。 I have gotten everything to run fine by producing tokens. 我已经通过产生令牌使一切正常运行。 I am also able to inject them to my post calls via angular $http interceptors. 我还可以通过角度$ http拦截器将它们注入到我的帖子中。 However, I have one slight problem, once logged in I am unable to navigate to main page except with the token appearing in my URL ??!!!?! 但是,我有一个小问题,登录后我无法导航到主页,除非令牌出现在我的URL ?? !!!?!中。 How do I get rid of that ? 我该如何摆脱呢? right now it looks like this: 现在看起来像这样:
http://localhost:7001/app/console?access_token=7f7733bd-edbd-4de3-b192-a8059a89c461 http:// localhost:7001 / app / console?access_token = 7f7733bd-edbd-4de3-b192-a8059a89c461
You can use browser's localstorage to save the token. 您可以使用浏览器的本地存储来保存令牌。 Once saved, get rid of it from the url and navigate to the home page using any angular routing module. 保存后,从网址中删除它,并使用任何角度路由模块导航到主页。 The http interceptors will read the token value from the localstorage when making requests to the server. 向服务器发出请求时,http拦截器将从本地存储中读取令牌值。 There many angular module available to deal with the browser's localstorage. 有许多可用的角度模块来处理浏览器的本地存储。
Please let me know if you have any questions. 请让我知道,如果你有任何问题。
Thank you, Soma. 谢谢你索玛
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.