0
我在使用一些配置,我的靜態資源(js,css等)在Spring應用程序中不再可用。有人可以指出我錯過了什麼。這是代碼。請注意我的JS和CSS位於以下文件夾中。另外請注意,使彈簧的安全性之前,這些資源在我的JSP頁面被訪問彈簧安全啓用後,靜態資源不再可用
Web Pages ->
WEB-INF ->
resources ->
and here 2 folders js and css
我要訪問的jQuery的JS文件夾下面的鏈接
<script src="resources/js/jquery.js"></script>
,並在瀏覽器中的錯誤
加載資源失敗:http://localhost:8010/resources/js/js.js服務器響應狀態爲404(未找到)
@Configuration
@EnableScheduling // if you want certain function running on the backend on recurrning basis like very 5 second a function call itself then you have to ensbale this. this will enable all classes defined as Service and Scheduled to be running on backend automatically. see example in com.outbottle.controllers.ScheduledTasks.java
@ComponentScan("com.outbottle, com.JavaAnatatedClass") //this will import all beans marked as @Controller, or @Repository, or @Service, or @Component in the application context
@ImportResource({"classpath:beans1.xml"}) //this will import all beans in the application context from this xml file
@EnableWebMvc
public class Config extends WebMvcConfigurerAdapter {
@Bean
public UrlBasedViewResolver setupViewResolver() {
.....
.....
}
@Override
public void addResourceHandlers(ResourceHandlerRegistry registry) {
registry.addResourceHandler("/resources/**").addResourceLocations("/WEB-INF/resources/**");
}
這是安全配置文件。
@Configuration
@EnableWebSecurity
//@PropertySource("classpath:jdbc.properties")
public class SecurityConfiguration extends WebSecurityConfigurerAdapter {
@Autowired
public void configureGlobalSecurity(AuthenticationManagerBuilder auth) throws Exception {
AuthenticationService as = new AuthenticationService();
auth.userDetailsService(as);
}
@Override
protected void configure(HttpSecurity http) throws Exception {
http.authorizeRequests()
.antMatchers("/", "/home", "/REST").permitAll()
.antMatchers("/resources/**").permitAll()
.antMatchers("/admin/**").access("hasAuthority('ADMIN')") //you have to use hasAuthority because in AuthenticationService you are using GrantedAuthority object. i replaced hasRole with hasAuthority. check the detailes below in comments
.antMatchers("/db/**").access("hasAuthority('ADMIN') and hasAuthority('DBA')")
//Custom Login Form with fields and values
//.and().formLogin() //this will show default spring login page
.and().formLogin().loginPage("/login")
.usernameParameter("ssoId").passwordParameter("password") //these aret the fields on the login page for user and password
.and().csrf()
.and().exceptionHandling().accessDeniedPage("/Access_Denied");
}
通常情況下,瀏覽器應該無法從/ WEB-INF獲取內容。但它可以由處理程序明確地交付。我會立即將它們放在webapp目錄中/像/ resources/js。 –