0
我在使用一些配置,我的静态资源(js,css等)在Spring应用程序中不再可用。有人可以指出我错过了什么。这是代码。请注意我的JS和CSS位于以下文件夹中。另外请注意,使弹簧的安全性之前,这些资源在我的JSP页面被访问弹簧安全启用后,静态资源不再可用
Web Pages ->
WEB-INF ->
resources ->
and here 2 folders js and css
我要访问的jQuery的JS文件夹下面的链接
<script src="resources/js/jquery.js"></script>
,并在浏览器中的错误
加载资源失败:http://localhost:8010/resources/js/js.js服务器响应状态为404(未找到)
@Configuration
@EnableScheduling // if you want certain function running on the backend on recurrning basis like very 5 second a function call itself then you have to ensbale this. this will enable all classes defined as Service and Scheduled to be running on backend automatically. see example in com.outbottle.controllers.ScheduledTasks.java
@ComponentScan("com.outbottle, com.JavaAnatatedClass") //this will import all beans marked as @Controller, or @Repository, or @Service, or @Component in the application context
@ImportResource({"classpath:beans1.xml"}) //this will import all beans in the application context from this xml file
@EnableWebMvc
public class Config extends WebMvcConfigurerAdapter {
@Bean
public UrlBasedViewResolver setupViewResolver() {
.....
.....
}
@Override
public void addResourceHandlers(ResourceHandlerRegistry registry) {
registry.addResourceHandler("/resources/**").addResourceLocations("/WEB-INF/resources/**");
}
这是安全配置文件。
@Configuration
@EnableWebSecurity
//@PropertySource("classpath:jdbc.properties")
public class SecurityConfiguration extends WebSecurityConfigurerAdapter {
@Autowired
public void configureGlobalSecurity(AuthenticationManagerBuilder auth) throws Exception {
AuthenticationService as = new AuthenticationService();
auth.userDetailsService(as);
}
@Override
protected void configure(HttpSecurity http) throws Exception {
http.authorizeRequests()
.antMatchers("/", "/home", "/REST").permitAll()
.antMatchers("/resources/**").permitAll()
.antMatchers("/admin/**").access("hasAuthority('ADMIN')") //you have to use hasAuthority because in AuthenticationService you are using GrantedAuthority object. i replaced hasRole with hasAuthority. check the detailes below in comments
.antMatchers("/db/**").access("hasAuthority('ADMIN') and hasAuthority('DBA')")
//Custom Login Form with fields and values
//.and().formLogin() //this will show default spring login page
.and().formLogin().loginPage("/login")
.usernameParameter("ssoId").passwordParameter("password") //these aret the fields on the login page for user and password
.and().csrf()
.and().exceptionHandling().accessDeniedPage("/Access_Denied");
}
通常情况下,浏览器应该无法从/ WEB-INF获取内容。但它可以由处理程序明确地交付。我会立即将它们放在webapp目录中/像/ resources/js。 –