Spring Security 401 - 使用 / Angularjs 调用 restful 服务
Posted
技术标签:
【中文标题】Spring Security 401 - 使用 / Angularjs 调用 restful 服务【英文标题】:Spiring Security 401 - Invoking restful services w/ Angularjs 【发布时间】:2014-03-22 22:24:23 【问题描述】:我对 Spring Security 有疑问。我已经完成了与我的用户的身份验证过程,但是当我通过 angularjs 调用 restful 服务时出现错误 401。
<?xml version="1.0" encoding="UTF-8" standalone="no"?>
<beans:beans xmlns="http://www.springframework.org/schema/security"
xmlns:beans="http://www.springframework.org/schema/beans"
xmlns:context="http://www.springframework.org/schema/context"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://www.springframework.org/schema/beans
http://www.springframework.org/schema/beans/spring-beans-3.1.xsd
http://www.springframework.org/schema/security
http://www.springframework.org/schema/security/spring-security-3.1.xsd
http://www.springframework.org/schema/context
http://www.springframework.org/schema/context/spring-context-3.1.xsd">
<context:component-scan base-package="it.xxx.yyy.service.security" scoped-proxy="interfaces" />
<http realm="Protected API"
use-expressions="true"
auto-config="false"
create-session="stateless"
entry-point-ref="unauthorizedEntryPoint"
authentication-manager-ref="authenticationManager">
<custom-filter ref="authenticationTokenProcessingFilter" position="FORM_LOGIN_FILTER" />
<intercept-url pattern="/" access="permitAll"/>
<intercept-url pattern="/static/**" access="permitAll"/>
<intercept-url pattern="/rest/" access="permitAll"/>
<intercept-url pattern="/rest/secure/**" access="isAuthenticated()" />
<intercept-url pattern="/secure/**" access="isAuthenticated()"/>
<remember-me key="YYY2RMKey" user-service-ref="CustomUserDetailsService"/>
</http>
<authentication-manager id="authenticationManager">
<authentication-provider user-service-ref="CustomUserDetailsService">
<password-encoder hash="sha"/>
</authentication-provider>
</authentication-manager>
</beans:beans>
有什么想法吗?
【问题讨论】:
【参考方案1】:也许解决办法就是这样解释方法
<intercept-url method="GET" pattern="/rest/secure/**" access="isAuthenticated()" />
<intercept-url method="PUT" pattern="/rest/secure/**" access="isAuthenticated()" />
<intercept-url method="POST" pattern="/rest/secure/**" access="isAuthenticated()" />
<intercept-url method="DELETE" pattern="/rest/secure/**" access="isAuthenticated()" />
【讨论】:
以上是关于Spring Security 401 - 使用 / Angularjs 调用 restful 服务的主要内容,如果未能解决你的问题,请参考以下文章
Spring Security 401 - 使用 / Angularjs 调用 restful 服务
Spring Security 测试返回 401(未经授权)
grails spring security rest /api/login 401 Unauthorized
Spring Security OAuth2 SSO 未经授权的 401 错误