I have searching the web for hours for this solution. I want to have access on localhost/index.html but not in localhost/layout/style.css.
My static resources are from external folder and the filee tree goes as the obvious:
->site
->layout
->style.css
->index.html
So far, all things i have tried, either disable access to index.html, either both index and style.css have access.
The thing i found online that makes the most sense is:
#Override
protected void configure(HttpSecurity http) throws Exception {
http.authorizeRequests().antMatchers("/*.html").permitAll();
// http.authorizeRequests().antMatchers("/**").permitAll();
super.configure(http);
}
#Override
public void configure(WebSecurity web) throws Exception {
web.ignoring().antMatchers("/layout/**");
super.configure(web);
}
but when i use localhot/layout/style.css it shows the css file.
my WebMvcConfigurerAdapter:
#Configuration
public class StaticResourceConfig extends WebMvcConfigurerAdapter {
#Override
public void addResourceHandlers(ResourceHandlerRegistry registry) {
registry.addResourceHandler("/**").addResourceLocations("file:mylocation/site/");
}
#Override
public void addViewControllers(ViewControllerRegistry registry) {
registry.addViewController("/").setViewName("redirect:/index.html");
}
}
Annotations on start up:
#SpringBootApplication
#EnableWebMvc
public class Main extends SpringBootServletInitializer
What would be the way to be able to see index.html but not all the css files inside layout folder?
P.S: Maybe this is not even possible?
Related
i am using spring security in my spring boot project i want i cant overide configure method
#Configuration
#EnableWebSecurity
class SecConfig extends WebSecurityConfigurer {
#Override
protected void configure(AuthenticationManagerBuilder auth) throws Exception {
auth.authenticationProvider(authenticationProvider());
#Override
protected void configure(HttpSecurity http) throws Exception {
}
}
i tried many it time but i cant overide the configure method
you are extending the class with "webSecurityConfigurer" .Try to extend it with
"WebSecurityConfigurerAdapter"
I'm developing a jar library and trying to inject an interceptor from external jar library to Application.
For example:
External Lib
MyExternalInterceptor.java
public class MyExternalInterceptor implements HandlerInterceptor {
#Override
public void afterCompletion(HttpServletRequest request, HttpServletResponse response, Object handler, Exception ex) throws Exception {
// Do something
}
}
I tried to using AOP in external libs but it's not working.
InterceptorAspect.java
#Around("execution(* org.springframework.web.servlet.config.annotation.WebMvcConfigurationSupport.addInterceptors(..))")
public Object aspect(ProceedingJoinPoint proceedingJoinPoint) throws Throwable {
// Tried to inject MyExternalInterceptor here
Object result = proceedingJoinPoint.proceed();
return result;
}
In Application using that lib:
Application
MyConfiguration.java
#Configuration
public MyConfiguration extends WebMvcConfigurationSupport {
#Override
public void addInterceptors(InterceptorRegistry registry) {
registry.addInterceptor(new SpringTestInterceptor()); // client's own interceptor
/* Add MyExternalInterceptor not explicitly but implicitly using AOP or other things */
}
}
Is there any way to inject an interceptor from external lib to App?
I know the question is very obscure (sorry for that), but could you give me any advice or hint to make it work?
Thank you for anyone who read my question :)
(I updated few more details for clarification)
Summary
Use WebMvcConfigurer in both Client and library side instead of WebMvcConfigurationSupport
AoP is not needed
I use WebMvcConfigurer instead of WebMvcConfigurationSupport and change some codes like below:
External Lib
MyExternalInterceptor.java
Same as before
InterfaceAspect.java
Don't needed it anymore
MyExternalLibConfiguration.java
#Configuration
public class MyExternalLibConfiguration implements WebMvcConfigurer {
#Override
public void addInterceptors(InterceptorRegistry registry) {
registry.addInterceptor(new MyExternalInterceptor());
}
}
Application (client)
MyConfiguration.java
#Configuration
public MyConfiguration implements WebMvcConfigurer {
#Override
public void addInterceptors(InterceptorRegistry registry) {
registry.addInterceptor(new SpringTestInterceptor()); // client's own interceptor
/* No need to add MyExternalInterceptor in here */
}
}
That's all! Everything is working well as M. Deinum said in comment.
Thank you again Deinum!
I need to serve static index.html page from "/" GET request in spring-web.
My module is included into bigger one, packaged as WAR and deployed to tomcat.
I've tried
#Configuration
#EnableWebMvc
public class WebMvcConfig implements WebMvcConfigurer {
#Override
public void addResourceHandlers(ResourceHandlerRegistry registry) {
System.out.println("WebMvcConfigurer - addResourceHandlers() function get loaded...");
registry.addResourceHandler("/WEB-INF/classes/index.html")
.addResourceLocations("/WEB-INF/classes/index.html");
}
}
and placed index.html in resources folder. Still 404. Can anybody help me out with understanding what have I done wrong?
The pattern of the ResourceHandler should reflect the query path, in your case /index.html
Resources inside a jar/war /WEB-INF/classes/ can be accessed via classpath:, in your case classpath:/index.html
So your config should have been like this
#Configuration
#EnableWebMvc
public class WebMvcConfig implements WebMvcConfigurer {
#Override
public void addResourceHandlers(ResourceHandlerRegistry registry) {
registry.addResourceHandler("/index.html")
.addResourceLocations("classpath:/index.html");
}
}
You can simplify if you have more resources with
registry.addResourceHandler("/*.html")
.addResourceLocations("classpath:/");
I'm using basic authentication with spring-security (security.basic.enabled=true), and want to exclude a certain path and all sub-paths.
The following does not work:
#Configuration
public class WildcardConfig extends WebSecurityConfigurerAdapter {
#Override
protected void configure(HttpSecurity http) throws Exception {
super.configure(http);
//allow anonymous access to all sub paths
http.authorizeRequests().antMatchers("/my/**").permitAll();
}
}
#RestController
public class SubController {
#GetMapping("/my/sub/{id}")
public String test(#PathVariable id) {
return "got: " + id;
}
}
When I call localhost:8080/my/sub/123.
Result: 401 not authorized.
Why?
Use a different method:
#Override
public void configure(WebSecurity web) throws Exception {
web.ignoring().antMatchers(/my/**");
}
Hi I am trying to include a front-end in the /resources folder of my application.
My directory structure is as follows:
src
main
java // backend located here
webapp
resource //my html/css/js
I am using oauth for security of the backend:
MethodSecurityConfig.java
#Configuration
#EnableGlobalMethodSecurity(prePostEnabled = true)
public class MethodSecurityConfig extends GlobalMethodSecurityConfiguration {
#Override
protected MethodSecurityExpressionHandler createExpressionHandler() {
return new OAuth2MethodSecurityExpressionHandler();
}
}
ResourceServerConfigurerAdapter.java
#Configuration
#EnableResourceServer
public class ResourceServerConfiguration extends ResourceServerConfigurerAdapter {
#Override
public void configure(final HttpSecurity http) throws Exception {
http.authorizeRequests()
.antMatchers("/resources/**").permitAll().and()
.sessionManagement().sessionCreationPolicy(SessionCreationPolicy.IF_REQUIRED)
.and().authorizeRequests().anyRequest().authenticated();
}
}
ResourceWebConfig.java
#Configuration
#EnableWebMvc
#ComponentScan({"eu.emif.resource.web"})
public class ResourceWebConfig extends WebMvcConfigurerAdapter {
#Override
public void addResourceHandlers(ResourceHandlerRegistry registry) {
registry
.addResourceHandler("/resources/**")
.addResourceLocations("(/resources/");
}
}
Whenever I try to go to http://localhost:8082/style.css
Or http://localhost:8082/resources/style.css
I am getting
<oauth>
<error_description>
Full authentication is required to access this resource
</error_description>
<error>unauthorized</error>
</oauth>
Help would be much appreciated.
Change you directory structure to as follows:
src
main
java // backend located here
resources(By default these files are not added in deployment assembly and mostly used for loading java resources like xml file,properies file etc.)
webapp
resource(create new folder here and put your frontend(html/js/css) files here)