Authenticate a form using Spring Security, Jersey and AngularJS
Question
I'm trying to use spring security 3.2.6 to authenticate a form in my web application that uses AngularJS 1.5.9 and Jersey(to perform Rest services).
This is my login-form:
<!DOCTYPE html>
<html>
<head>
<meta charset="ISO-8859-1">
<title>MongoGlass | Login</title>
<style>
body {
padding-top: 20px;
}
.error {
color: red;
}
</style>
</head>
<body>
<div class="container">
<div class="row">
<div class="col-md-4 col-md-offset-4">
<div class="panel panel-default">
<div class="panel-heading">
<h3 class="panel-title">Please sign in</h3>
</div>
<div class="panel-body">
<form accept-charset="UTF-8" role="form" name="loginForm"
novalidate>
<fieldset>
<div class="form-group">
<input class="form-control" placeholder="Username"
name="username" type="text" ng-model="login.username" required>
<span ng-class="{'error': loginForm.username.$error.required}"
ng-show="loginForm.username.$error.required && loginForm.$submitted">Insert your username</span>
</div>
<div class="form-group">
<input class="form-control" placeholder="Password"
name="password" type="password" ng-model="login.password"
required>
<span ng-class="{'error': loginForm.password.$error.required}"
ng-show="loginForm.password.$error.required && loginForm.$submitted">Campo
obbligatorio</span>
</div>
<input class="btn btn-lg btn-success btn-block" type="submit"
value="Login" ng-click="loginForm.$valid && submit(login)">
</fieldset>
</form>
</div>
</div>
</div>
</div>
</div>
</body>
</html>
When the form is sumbitted, it's called sumbit(credentials) function in the corresponding AngularJS controller:
var myApp = angular.module('LoginModule', []);
myApp.controller('LoginController', ['$scope','$http', function($scope, $http){
$scope.submit = function(credential) {
var name = credential.username;
var password = credential.password;
var login = {
"name":name,
"password":password
}
$http(
{
method : 'POST',
url : "/mongoglass-rest/rest/login/authenticate",
headers : {
'Content-Type' : 'application/x-www-form-urlencoded; charset=UTF-8'
},
data : login
})
.success(function(response,status) {
});
}
}])
In this way, the submit function calls /rest/login/authenticate that is where my login-form is processing with spring-security:
<?xml version="1.0" encoding="UTF-8"?>
<beans:beans xmlns:security="http://www.springframework.org/schema/security"
xmlns:beans="http://www.springframework.org/schema/beans" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:context="http://www.springframework.org/schema/context"
xsi:schemaLocation="http://www.springframework.org/schema/beans
http://www.springframework.org/schema/beans/spring-beans.xsd
http://www.springframework.org/schema/security
http://www.springframework.org/schema/security/spring-security.xsd
http://www.springframework.org/schema/context
http://www.springframework.org/schema/context/spring-context.xsd">
<context:annotation-config />
<context:component-scan base-package="it.project.mongoglass.rest" />
<beans:bean id="mySuccessHandler" class="it.project.mongoglass.rest.spring.security.RestSuccessHandler">
<beans:property name="defaultTargetUrl" value="/rest/login/authenticate"></beans:property>
</beans:bean>
<security:http
realm="Protected API"
use-expressions="true"
auto-config="false"
create-session="stateless"
entry-point-ref="preAuthenticatedProcessingFilterEntryPoint"
authentication-manager-ref="authenticationManager">
<security:form-login login-processing-url="/rest/login/authenticate"
username-parameter="username" password-parameter="password"
authentication-success-handler-ref="mySuccessHandler"></security:form-login>
<security:intercept-url pattern="/rest/login/**" access="permitAll" />
</security:http>
<beans:bean id="authenticationManager" class="org.springframework.security.authentication.ProviderManager">
<beans:property name="providers">
<beans:list>
<beans:ref bean="daoAuthenticationProvider"/>
</beans:list>
</beans:property>
</beans:bean>
<beans:bean id="daoAuthenticationProvider"
class="org.springframework.security.authentication.dao.DaoAuthenticationProvider">
<beans:property name="userDetailsService" ref="daoUserDetailsService"/>
<beans:property name="passwordEncoder" ref="shaPasswordEncoder"/>
</beans:bean>
<beans:bean id="daoUserDetailsService" class="it.project.mongoglass.rest.spring.service.impl.UserDetailsServiceImpl" />
<beans:bean id="shaPasswordEncoder" class="org.springframework.security.authentication.encoding.ShaPasswordEncoder">
<beans:constructor-arg value="256"/>
</beans:bean>
</beans:beans>
This does not work and when I submit my form I get a 404.
1 answers
solution1
0 2016-12-11 11:52:49
$http(
{ ...
url : "/mongoglass-rest/rest/login/authenticate",
...
}
and url in filter is diffrent.
login-processing-url="/rest/login/authenticate"
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.
Related Question
Programmatically login on Spring Security and authenticate on AngularJS (JHipster)
Authentication using AngularJS and Spring Security
How to authenticate end users in an app having AngularJS UI and Spring Boot Rest Server with Spring Security
Can not secure AngularJS page using Spring Security
Spring Security AngularJS Login
Spring Security and Angularjs Login
Implementation of Spring security in AngularJS
AngularJS and Spring MVC security
Post Form data using AngularJS and Java Spring
Issue when using angularJS with Spring security and sending JSON request
Related Tags