[英]Spring Security /login not found
我想创建一个简单的REST API,我正在使用Angular 6和Spring Boot。 我想对我的应用程序实施日志记录,但是每当我尝试注册时,都会得到404 Not Found / login。 我查找了发现的现有类似问题,但似乎无济于事。
这是我的春季安全配置(我确定我的注册表单和控制器可以正常工作,所以我认为问题出在那儿)
@Configuration
@EnableWebSecurity
public class SecurityConfig extends WebSecurityConfigurerAdapter {
@Value("${allowedOriginAddress}")
private String allowedOriginAddress;
@Bean
public PasswordEncoder passwordEncoder() {
return new BCryptPasswordEncoder();
}
@Bean
public UserDataDetailsService userDataDetailsService() {
return new UserDataDetailsService();
}
@Bean
public CorsConfigurationSource corsConfigurationSource() {
final CorsConfiguration configuration = new CorsConfiguration();
configuration.setAllowedOrigins(
Arrays.asList(
allowedOriginAddress,
allowedOriginAddress + "/*")
);
configuration.setAllowedMethods(Arrays.asList("GET","POST","DELETE","OPTIONS","PUT"));
configuration.setAllowCredentials(true);
configuration.setAllowedHeaders(Arrays.asList("*"));
final UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource();
source.registerCorsConfiguration("/**", configuration);
return source;
}
@Bean
@Override
public AuthenticationManager authenticationManagerBean() throws Exception {
return super.authenticationManagerBean();
}
@Override
protected void configure(HttpSecurity http) throws Exception {
http.cors().and()
.authorizeRequests()
.anyRequest().permitAll()
.and().csrf().disable()
.formLogin()
.loginPage("/")
.usernameParameter("email")
.loginProcessingUrl("/login")
.failureForwardUrl("/prev")
.successForwardUrl("/next")
.and().authorizeRequests().anyRequest().permitAll();
}
@Override
protected void configure(AuthenticationManagerBuilder auth) throws Exception {
auth.userDetailsService(userDataDetailsService()).passwordEncoder(passwordEncoder());
}
}
@SpringBootApplication
@Configuration
public class WhispererApplication implements WebMvcConfigurer {
public static void main(String[] args) {
SpringApplication.run(WhispererApplication.class, args);
}
}
我在您的项目中找不到身份验证配置。 请尝试添加以下代码:
.anyRequest().authenticated()
我认为您的代码将是:
@Override
protected void configure(HttpSecurity http) throws Exception {
http
.sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS)
.cors().and()
.authorizeRequests()
.antMatchers(HttpMethod.GET, "/public/**").permitAll()
.antMatchers(HttpMethod.POST, "/login").permitAll()
.anyRequest().authenticated().
.and()
.addFilter(new JWTAuthenticationFilter(authenticationManager()))
.addFilter(new JWTAuthorizationFilter(authenticationManager()));
}
如果要使用JWTAuthenticationFilter和JWTAuthorizationFilter来验证用户身份,则JWTAuthenticationFilter和JWTAuthorizationFilter将管理JWT。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.