我正在将Spring Security集成到我的第一个Angular项目中。我跟随了许多文章和例子,包括this,this,this,this和this。我希望我的应用程序具有Spring安全性并从LDAP进行身份验证。如果我在\ src \ main \ resources \ templates中保留了login.html,那么我可以看到登录页面。但我希望登录页面来自Angular组件。所以我从\ src \ main \ resources \ templates中删除/重命名了login.html。当我点击localhost:8080时,它会转到我的LoginController(yu =你可以在日志中看到sysout),然后我收到以下错误
018-04-28 07:30:34.610 DEBUG 11520 --- [nio-8080-exec-9] o.s.s.w.a.i.FilterSecurityInterceptor : RunAsManager did not change Authentication object
2018-04-28 07:30:34.610 DEBUG 11520 --- [nio-8080-exec-9] o.s.security.web.FilterChainProxy : /login reached end of additional filter chain; proceeding with original chain
>>>>>>>>>>>> LoginController.login()...
2018-04-28 07:30:34.611 ERROR 11520 --- [nio-8080-exec-9] org.thymeleaf.TemplateEngine : [THYMELEAF][http-nio-8080-exec-9] Exception processing template "login": Error resolving template "login", template might not exist or might not be accessible by any of the configured Template Resolvers
2018-04-28 07:30:34.611 DEBUG 11520 --- [nio-8080-exec-9] w.c.HttpSessionSecurityContextRepository : SecurityContext is empty or contents are anonymous - context will not be stored in HttpSession.
2018-04-28 07:30:34.611 DEBUG 11520 --- [nio-8080-exec-9] s.s.w.c.SecurityContextPersistenceFilter : SecurityContextHolder now cleared, as request processing completed
2018-04-28 07:30:34.612 ERROR 11520 --- [nio-8080-exec-9] o.a.c.c.C.[.[.[/].[dispatcherServlet] : Servlet.service() for servlet [dispatcherServlet] in context with path [] threw exception [Request processing failed; nested exception is org.thymeleaf.exceptions.TemplateInputException: Error resolving template "login", template might not exist or might not be accessible by any of the configured Template Resolvers] with root cause
org.thymeleaf.exceptions.TemplateInputException: Error resolving template "login", template might not exist or might not be accessible by any of the configured Template Resolvers
at org.thymeleaf.TemplateRepository.getTemplate(TemplateRepository.java:246)
at org.thymeleaf.TemplateEngine.process(TemplateEngine.java:1104)
at org.thymeleaf.TemplateEngine.process(TemplateEngine.java:1060)
谷歌搜索后我尝试了很多方法,但还没有运气。有任何建议请..
我的文件:
login controller.Java
@RequestMapping("/login")
String login(){
System.out.println(">>>>>>>>>>>> LoginController.login()...");
return "login";
}
Web security configuration.Java
@Override
protected void configure(HttpSecurity http) throws Exception {
http
//.httpBasic().and()
.authorizeRequests()
// .antMatchers("/**").permitAll()
.antMatchers("/index.html", "/", "/home", "/login").permitAll()
.anyRequest().authenticated()
.and().formLogin().loginPage("/login")
.and()
.csrf()
.csrfTokenRepository(CookieCsrfTokenRepository.withHttpOnlyFalse());
/*http
.authorizeRequests()
.antMatchers(HttpMethod.GET, "/resources/**", "/assets/**", "/css/**", "/js/**", "/fonts/**")
//.antMatchers("/**")
.permitAll()
.and()
.authorizeRequests()
.anyRequest()
.authenticated()
.and()
.formLogin()
.loginPage("/login")
.successHandler(authenticationSuccessHandler)
.permitAll()
.and()
.logout()
.logoutUrl("/logout")
.and()
.csrf()
.csrfTokenRepository(CookieCsrfTokenRepository.withHttpOnlyFalse())
.and()
.httpBasic();
//http.cors();
*/ }
APP-routing.module.ts
const routes: Routes = [
{ path: 'login', component: LoginComponent },
{ path: '', redirectTo: '/home', pathMatch: 'full' },
{ path: 'dashboard', redirectTo: '/home', pathMatch: 'full' },
{
path: 'home',
component: DashboardComponent,
data: { title: 'Dashboard' }
},
{
path: 'linesidemonitor',
component: LinesideMonitorComponent,
data: {title: 'Lineside Monitor'}
},
如果我使用.and()。formLogin(),那么我收到此错误:
2018-04-28 08:32:08.394 DEBUG 10404 --- [nio-8080-exec-6] o.s.s.w.a.ExceptionTranslationFilter : Access is denied (user is anonymous); redirecting to authentication entry point
org.springframework.security.access.AccessDeniedException: Access is denied
at org.springframework.security.access.vote.AffirmativeBased.decide(AffirmativeBased.java:84)
at org.springframework.security.access.intercept.AbstractSecurityInterceptor.beforeInvocation(AbstractSecurityInterceptor.java:233)
at org.springframework.security.web.access.intercept.FilterSecurityInterceptor.invoke(FilterSecurityInterceptor.java:124)
at org.springframework.security.web.access.intercept.FilterSecurityInterceptor.doFilter(FilterSecurityInterceptor.java:91)
如果我使用.httpBasic()。和(),那么我将获得浏览器登录弹出窗口,我不想要
@SK
您获得以下异常的原因是您使用的是Controller而不是RestController。
org.thymeleaf.exceptions.TemplateInputException:解析模板“login”时出错,模板可能不存在,或者org.thymeleaf的org.thymeleaf.TemplateRepository.getTemplate(TemplateRepository.java:246)中任何已配置的模板解析器都无法访问该模板.TemplateEngine.process(TemplateEngine.java:1104)
因此,不是直接将输出作为JSON写入浏览器,而是使用ViewResolver来解析MVC的视图部分。
用RestController替换Controller将使.formLogin().loginPage("/login")
通过登录发出浏览器请求,并且在允许的情况下,您将获得angular的登录页面。
httpBasic,它是弹出的浏览器的本质,因为它获得401响应代码。