问题描述
我将angular2用于前端和弹簧引导架控制器。在添加spring security之前,我的应用程序运行良好。增加安全性后,带有参数的函数不会在spring boot rest控制器中调用。下面是代码
I am using angular2 for front end and spring boot rest controller. Before adding spring security my application worked fine. After adding security the function with parameters are not invoked in the spring boot rest controller.Below is the code
Rest Controller:
----------------
@RestController
public class JobCleanupServiceController {
private static final Logger logger = LoggerFactory.getLogger(JobCleanupServiceController.class);
@Autowired
JobCleanupDAO dao;
@CrossOrigin(origins = "http://localhost:4200")
@RequestMapping("/jobcleanup")
public Collection<JobCleanup> index(@RequestBody String owner) {
logger.info("Display All Jobs"+ owner);
return dao.findAll(owner);
}
@CrossOrigin(origins = "http://localhost:4200")
@RequestMapping("/jobcleanupclosedtickets")
public JobCleanupMetrics getJobCleanupClosedTickets()
{
logger.info("JobCleanupMetrics getJobCleanupClosedTickets ");
return dao.getJobCleanupClosedTickets();
}
@CrossOrigin(origins = "http://localhost:4200")
@RequestMapping("/jobcleanuplinechartdata")
public JobCleanupChart getJobCleanupLineChartData(@RequestBody String owner){
return dao.getJobCleanupLineChartData(owner);
}
WebConfig.java
-------------
@Configuration
public class WebConfig extends WebMvcConfigurerAdapter {
@Override
public void addCorsMappings(CorsRegistry registry) {
registry.addMapping("/**");
}
}
SecurityConfig.java
SecurityConfig.java
@Configuration
public class SecurityConfig extends WebSecurityConfigurerAdapter {
@Override
protected void configure(HttpSecurity http) throws Exception {
http.cors();
http.authorizeRequests()
.antMatchers(
"/jobcleanup",
"/jobcleanupclosedtickets",
"/jobcleanuplinechartdata"
).permitAll();
}
@Bean
public CorsConfigurationSource corsConfigurationSource() {
final CorsConfiguration configuration = new CorsConfiguration();
configuration.setAllowedOrigins(Arrays.asList("*"));
configuration.setAllowedMethods(Arrays.asList("*"));
configuration.setAllowCredentials(true);
configuration.setAllowedHeaders(Arrays.asList("*"));
final UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource();
source.registerCorsConfiguration("/**", configuration);
return source;
}
}
在我输入,所有这些都被称为 / jobcleanup,
/ jobcleanupclosedtickets,
/ jobcleanuplinechartdata。添加Spring安全性之后,仅调用 / jobcleanupclosedtickets,而不会调用其他方法。
除 / jobcleanupclosedtickets其他方法具有请求正文外。
Before i added spring security when i enter http://localhost:4200 , all these were called "/jobcleanup", "/jobcleanupclosedtickets", "/jobcleanuplinechartdata". After adding spring security only "/jobcleanupclosedtickets" is called other methods are not getting called.except "/jobcleanupclosedtickets" other methods have request body.
有人可以帮我解决此问题吗?
Can someone please help me to fix this issue ?
推荐答案
更新了SecurityConfig.java,如下所示。
Updated the SecurityConfig.java as below works. By default csrf is enabled in spring security.
@Configuration
public class SecurityConfig extends WebSecurityConfigurerAdapter {
@Override
protected void configure(HttpSecurity http) throws Exception {
http.csrf().disable();
http.cors();
}
@Bean
public CorsConfigurationSource corsConfigurationSource() {
final CorsConfiguration configuration = new CorsConfiguration();
configuration.setAllowedOrigins(Arrays.asList("*"));
configuration.setAllowedMethods(Arrays.asList("*"));
configuration.setAllowCredentials(true);
configuration.setAllowedHeaders(Arrays.asList("*"));
final UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource();
source.registerCorsConfiguration("/**", configuration);
return source;
}
}
这篇关于Angular 2 + CORS +具有Spring Security的Spring Boot Rest Controller的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持!