从 Apache 访问 static Spring 引导文件

Question

我有一个具有以下配置的 Apache Web 服务器：

<VirtualHost *:80>
  # Admin email, Server Name (domain name), and any aliases
  ServerAdmin webmaster@elcor.com
  ServerName  elcor.com
  ServerAlias www.elcor.com
  ProxyPass / http://localhost:8080/home.html
  ProxyPassReverse / http://localhost:8080/html

  # Index file and Document Root (where the public files are located)
  DirectoryIndex index.html index.php
  DocumentRoot /var/www/html/elcor.com/public_html
  # Log file locations
  LogLevel warn
  ErrorLog  /var/www/html/elcor.com/log/error.log
  CustomLog /var/www/html/elcor.com/log/access.log combined
</VirtualHost>

When I access the Spring Boot app directly with http://localhost:8080/home.html , everythng is fine, but when I do it through the Apache Web Server ( http://elcor.com ) all the public matchers ( *.css , *.js.. ) 我在 Spring 中定义的引导安全文件不再公开，它重定向这些文件的登录。

@Override
protected void configure(HttpSecurity http) throws Exception {
        
    http
        .authorizeRequests()
            .antMatchers(publicMatchers()).permitAll()
            .anyRequest().authenticated()
            .and()
        .formLogin()
            .loginPage("/login.html")
            .defaultSuccessUrl("/joan.html")
            .failureUrl("/login.html?error").permitAll()
            .and()
        .logout().permitAll();
}

Answer 1

As your Spring application is also serving your static resources, js and CSS, you need to configure Apache in a way that allows you to route traffic to your application in order to find those resources.

请在您的 Apache 配置中尝试此更改：

ProxyPass / http://localhost:8080
ProxyPassReverse / http://localhost:8080

如您所见，这个想法是将在您的网络服务器的根路径中接收到的所有流量路由到您的 Spring 应用程序。

我认为此更改可能有助于解决您的问题。

此外，您可以指示 Spring Security 忽略此类资源。 您可以通过覆盖此方法在 Spring 安全配置 class 中实现此功能：

@Override
public void configure(WebSecurity web) throws Exception {
  web
    .ignoring()
       // You can also ignore other resources like images, fonts, etcetera
      .antMatchers("/**/*.js")
      .antMatchers("/**/*.css");
}