1
我的應用程序的哲學來自於這個article。根據它,我所進行的配置類別:GWT + Spring Security獲取403錯誤
@Configuration
public class SpringForGwtConfig {
@Bean
public HandlerMapping simpleUrlHandlerMapping() {
SimpleUrlHandlerMapping simpleUrlHandlerMapping = new SimpleUrlHandlerMapping();
Map<String, Controller> map = new HashMap<>();
map.put("/notes/notes.rpc", notesGwtController());
simpleUrlHandlerMapping.setUrlMap(map);
return simpleUrlHandlerMapping;
}
@Bean
public ServletRegistrationBean gwtServlet() {
return new ServletRegistrationBean(notesGwtController(), "/notes/notes.rpc");
}
@Bean
public NotesGwtController notesGwtController() {
NotesGwtController notesGwtController = new NotesGwtController();
notesGwtController.setRemoteService(notesService());
return notesGwtController;
}
@Bean
public NotesGwtService notesService() {
return new NotesGwtServiceImpl();
}
}
以及使用控制器(我希望如此),用於編碼和解碼的請求(從)彈簧調度的servlet「策略」圖案。
public class NotesGwtController extends RemoteServiceServlet implements Controller, ServletContextAware {
private ServletContext servletContext;
private RemoteService remoteService;
private Class remoteServiceClass;
@Override
public ModelAndView handleRequest(HttpServletRequest request, HttpServletResponse response) throws Exception {
super.doPost(request, response);
return null;
}
@Override
public String processCall(String payload) throws SerializationException {
try {
RPCRequest rpcRequest = RPC.decodeRequest(payload, this.remoteServiceClass);
// delegate work to the spring injected service
return RPC.invokeAndEncodeResponse(this.remoteService, rpcRequest.getMethod(), rpcRequest.getParameters());
} catch (IncompatibleRemoteServiceException exception) {
getServletContext()
.log(
"An IncompatibleRemoteServiceException was thrown while processing this call.",
exception
);
return RPC.encodeResponseForFailure(null, exception);
}
}
@Override
public ServletContext getServletContext() {
return servletContext;
}
@Override
public void setServletContext(ServletContext servletContext) {
this.servletContext = servletContext;
}
public void setRemoteService(RemoteService remoteService) {
this.remoteService = remoteService;
this.remoteServiceClass = this.remoteService.getClass();
}
}
所以我有安全控制器,它映射( 「/筆記」),並使其(感謝thymeleaf)爲localhost:8080/notes.html。並返回頁面。這個很酷。但是當我在瀏覽器中打開控制檯時,它包含此錯誤: POST http://localhost:8080/notes/notes/notes.rpc 403() 此錯誤does not讓我做gwt RPC服務的異步請求。
在我的安全配置,我添加映射:
http
.authorizeRequests()
.antMatchers("/").access("hasRole('ROLE_USER') or hasRole('ROLE_ADMIN')")
.antMatchers("/api/**").access("hasRole('ROLE_ADMIN')")
.antMatchers("/notes").authenticated()
.antMatchers("/notes/notes.rpc").anonymous()
但錯誤沒有消失。所以問題是「爲什麼?」和「可能」我的「哲學不太好?」