Spring Boot + Angular JS JBoss deployment

Question

I have created Angular JS project which runs in node server under port 4200 & Spring boot based REST data service as separate project which runs in eclipse under 8080 port. REST services (RS) part uses OAuth based security & validates each request for access_token. This works perfectly fine as separate entity.

Now, I tried to build single WAR with angular compiled output in root folder of WAR & if i access application (by accessing any URL) - before Angular NG-router Spring boot security comes into picture & rejects the request for no OAuth validation.

@Override
public void configure(HttpSecurity http) throws Exception {
    http.antMatcher("/**").authorizeRequests().antMatchers("/error").permitAll().anyRequest().authenticated();
    http.csrf().disable();
    http.headers().frameOptions().disable();
    http.cors().configurationSource(new CorsConfigurationSource() {

        @Override
        public CorsConfiguration getCorsConfiguration(HttpServletRequest request) {
            CorsConfiguration config = new CorsConfiguration();
            config.setAllowedHeaders(Collections.singletonList("*"));
            config.setAllowedMethods(Collections.singletonList("*"));
            config.addAllowedOrigin("*");
            config.setAllowCredentials(true);
            return config;
        }
    });
}

This is my security config file. Please advise whether two separate WAR into single module EAR will solve this problem.

Answer 1

Check out my repository

There is a project structure to generate a single war.

Edit: Maybe you need to create a proxy.conf.json file

{
     "/api/*": {
       "target": "http://localhost:8080",
       "secure": false
     }
}

And add it to your angular.json file in architect-serve-options-proxyConfig

Answer 2

Your Security configuration is authorizing every url pattern. if you want your static content loaded before calling API for authentication/authorization, exclude .js, .css, .html files from security config.