彈簧安全啓用後，靜態資源不再可用

Question

我在使用一些配置，我的靜態資源（js，css等）在Spring應用程序中不再可用。有人可以指出我錯過了什麼。這是代碼。請注意我的JS和CSS位於以下文件夾中。另外請注意，使彈簧的安全性之前，這些資源在我的JSP頁面被訪問

Web Pages -> 
    WEB-INF -> 
      resources -> 
       and here 2 folders js and css 

我要訪問的jQuery的JS文件夾下面的鏈接

<script src="resources/js/jquery.js"></script> 

，並在瀏覽器中的錯誤

加載資源失敗：http://localhost:8010/resources/js/js.js服務器響應狀態爲404（未找到）

@Configuration 
@EnableScheduling  // if you want certain function running on the backend on recurrning basis like very 5 second a function call itself then you have to ensbale this. this will enable all classes defined as Service and Scheduled to be running on backend automatically. see example in com.outbottle.controllers.ScheduledTasks.java 
@ComponentScan("com.outbottle, com.JavaAnatatedClass") //this will import all beans marked as @Controller, or @Repository, or @Service, or @Component in the application context 
@ImportResource({"classpath:beans1.xml"}) //this will import all beans in the application context from this xml file 
@EnableWebMvc 
public class Config extends WebMvcConfigurerAdapter { 

    @Bean 
    public UrlBasedViewResolver setupViewResolver() { 
      ..... 
      ..... 
    } 

    @Override 
    public void addResourceHandlers(ResourceHandlerRegistry registry) { 

     registry.addResourceHandler("/resources/**").addResourceLocations("/WEB-INF/resources/**"); 

    }  

這是安全配置文件。

@Configuration 
@EnableWebSecurity 
//@PropertySource("classpath:jdbc.properties") 
public class SecurityConfiguration extends WebSecurityConfigurerAdapter { 


    @Autowired 
    public void configureGlobalSecurity(AuthenticationManagerBuilder auth) throws Exception { 

     AuthenticationService as = new AuthenticationService();  
     auth.userDetailsService(as); 
    } 


    @Override 
    protected void configure(HttpSecurity http) throws Exception { 

     http.authorizeRequests() 
     .antMatchers("/", "/home", "/REST").permitAll() 
     .antMatchers("/resources/**").permitAll() 
     .antMatchers("/admin/**").access("hasAuthority('ADMIN')") //you have to use hasAuthority because in AuthenticationService you are using GrantedAuthority object. i replaced hasRole with hasAuthority.  check the detailes below in comments 
     .antMatchers("/db/**").access("hasAuthority('ADMIN') and hasAuthority('DBA')") 

     //Custom Login Form with fields and values 
     //.and().formLogin()  //this will show default spring login page 
     .and().formLogin().loginPage("/login") 
     .usernameParameter("ssoId").passwordParameter("password") //these aret the fields on the login page for user and password 
     .and().csrf()    
     .and().exceptionHandling().accessDeniedPage("/Access_Denied"); 

    } 

Answer 1

我做了一些打擊和嘗試，發現這個工作

registry.addResourceHandler("/resources/js/*").addResourceLocations("/WEB-INF/resources/js/"); 
registry.addResourceHandler("/resources/css/*").addResourceLocations("/WEB-INF/resources/css/"); 

因爲某些原因/ WEB-INF /資源/ JS/* **或不工作

而且我很獨立將每個目錄添加到資源。

Shahzad