我在Spring MVC和AngularJs中看到的每个教程都使用Spring Boot配置 . 我没有使用Spring Boot,所以我想知道是否有任何关于如何处理AngularJS登录提交服务器端而没有使用Spring Boot的指针 .
所以我的表单与Spring Security演示中的基本相同here
<div class="alert alert-danger" ng-show="error">
There was a problem logging in. Please try again.
</div>
<form role="form" ng-submit="login()">
<div class="form-group">
<label for="username">Username:</label> <input type="text"
class="form-control" id="username" name="username" ng-model="credentials.username"/>
</div>
<div class="form-group">
<label for="password">Password:</label> <input type="password"
class="form-control" id="password" name="password" ng-model="credentials.password"/>
</div>
<button type="submit" class="btn btn-primary">Submit</button>
</form>
login()上的身份验证功能如下:
//the authentication function
var authenticate = function(credentials, callback){
var headers =
credentials ?
{
authorization : "Basic " + btoa(credentials.username + ":" + credentials.password)
}
: {};
$http.get('user', {headers : headers}).success(function(data){
if(data.userName){
$rootScope.authenticated = true;
} else {
$rootScope.authenticated = false;
}
callback && callback();
}).error(function(){
$rootScope.authenticated = false;
callback && callback();
});
};
所以现在接下来的部分是配置Spring来处理凭证对象的用户名和密码属性 . 在服务器端,我有一个基本的WebSecurityConfigurerAdapter:
@Configuration
@EnableWebSecurity
public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
@Autowired
DataSource dataSource;
@Override
protected void configure(HttpSecurity http) throws Exception {
http
.authorizeRequests()
.antMatchers("/profile").authenticated()
.anyRequest().permitAll()
.and()
.formLogin()
.loginPage("/signin")
.and()
.logout()
.permitAll();
//.and()
//.requiresChannel()
// .antMatchers("/register").requiresSecure();
}
@Autowired
public void configureGlobal(AuthenticationManagerBuilder auth) throws Exception {
auth
.inMemoryAuthentication()
.withUser("user").password("password").roles("USER").and()
}
}
我知道我必须以某种方式在那里配置java.security.Principal,但就像我说的,我发现的任何东西都是用于 spring 启动 .