I have been working with spring MVC app. Going to add security. All works correct.
according to the doc http://docs.spring.io/autorepo/docs/spring-security/4.0.4.RELEASE/reference/htmlsingle/#abstractsecuritywebapplicationinitializer-with-spring-mvc
added next implementation.
login form works.
After success authorization, have got - HTTP Status 404 -
Also I can debug method into appController after authorization, I mean next method public String listPatients(ModelMap model)
.
Why I have got 404 ? what should I fix ?
public class MessageSecurityWebApplicationInitializer
extends AbstractSecurityWebApplicationInitializer {
}
public class MessageWebApplicationInitializer extends AbstractAnnotationConfigDispatcherServletInitializer {
@Override
protected Class<?>[] getRootConfigClasses() {
return new Class[]{AppConfig.class};
}
@Override
protected Class<?>[] getServletConfigClasses() {
return new Class[]{AppConfig.class};
}
@Override
protected String[] getServletMappings() {
return new String[] {"/*"};
}
}
@Configuration
@EnableWebSecurity
public class SecurityConfig extends WebSecurityConfigurerAdapter {
@Autowired
public void configureGlobal(AuthenticationManagerBuilder auth) throws Exception {
auth.inMemoryAuthentication().withUser("user").password("user").roles("USER");
}
protected void configure(HttpSecurity http) throws Exception {
http
.authorizeRequests()
.anyRequest().authenticated()
.and()
.formLogin()
.and()
.httpBasic();
}
}
@Controller
@RequestMapping("/")
public class AppController {
public static final String jsonPage = "json";
@RequestMapping(value = {"/"}, method = RequestMethod.GET)
public String listPatients(ModelMap model) {
model.addAttribute("json", "test"}");
return jsonPage;
}
BR!
This is what I have (working):
AppInitializer
public class AppInitializer extends
AbstractAnnotationConfigDispatcherServletInitializer {
@Override
protected Class<?>[] getRootConfigClasses() {
return new Class[] {
SpringRootConfig.class,
DatabaseConfig.class,
SecurityConfig.class,
SecurityInitializer.class,
WsdlMarshallerConfig.class
};
}
@Override
protected Class<?>[] getServletConfigClasses() {
return new Class[] { SpringWebConfig.class };
}
@Override
protected String[] getServletMappings() {
return new String[] { "/" };
}
}
SecurityInitializer
public class SecurityInitializer extends AbstractSecurityWebApplicationInitializer {
}
SecurityConfig
@EnableWebSecurity
public class SecurityConfig extends WebSecurityConfigurerAdapter {
@Autowired
private DataSource dataSource;
@Override
protected void configure(AuthenticationManagerBuilder auth)
throws Exception {
// @formatter:off
auth
.jdbcAuthentication()
.dataSource(dataSource)
.usersByUsernameQuery("SELECT username, password, enabled FROM users WHERE username = ?")
.authoritiesByUsernameQuery("SELECT username, role FROM user_roles WHERE username = ?");
// @formatter:on
}
@Override
protected void configure(HttpSecurity http) throws Exception {
// @formatter:off
http
.authorizeRequests()
.antMatchers("/resources/**").permitAll()
.antMatchers("/login").permitAll()
.anyRequest().authenticated()
.and()
.formLogin()
.loginPage("/login")
.and()
.csrf()
.disable();
// @formatter:on
}
}
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.