首页 文章

API Spring启动自动重定向到登录页面

提问于
浏览
0

我正在尝试将spring security与spring boot restful API集成在一起 . 我的项目代码如下:

Web安全配置

@Configuration
@EnableWebSecurity
public class SecurityConfig extends WebSecurityConfigurerAdapter {

    @Autowired
    private BCryptPasswordEncoder bCryptPasswordEncoder;

    @Override
    protected void configure(HttpSecurity http) throws Exception {

        http.csrf().ignoringAntMatchers("/API/**");
        http.authorizeRequests()
        .antMatchers("/API/user/**").permitAll()
        .and().exceptionHandling().accessDeniedPage("/access-denied");

    }
}

UserController的:

@RestController
@RequestMapping("/API/user")
public class UserRestApiController {

    @Autowired
    UserService userService;

    @RequestMapping(value="/all", method=RequestMethod.GET)
    public ResponseEntity<Collection<Users>> getAll(){
        return new ResponseEntity<Collection<Users>>(userService.getAlluser(), HttpStatus.OK);
    }

    @RequestMapping(value="/{id}", method=RequestMethod.GET)
    public ResponseEntity<Users> getUser(@PathVariable(value="id") int id){
        return new ResponseEntity<Users>(userService.getUser(id), HttpStatus.OK);
    }

    @RequestMapping(value="/delete/{id}", method=RequestMethod.PUT)
    public String deleteUser(@PathVariable(value="id")int id){
        userService.deleteUser(id);
        return "DELETED";
    }

    @RequestMapping(value="/create", method=RequestMethod.POST)
    public ResponseEntity<String> addUser(@Valid @RequestBody Users user){
        return new ResponseEntity<String>(userService.addUser(user), HttpStatus.OK);
    }

    @RequestMapping(value="/update", method=RequestMethod.PUT)
    public ResponseEntity<Object> updateUser(@Valid @RequestBody Users user){
        return new ResponseEntity<Object>(userService.updateUser(user), HttpStatus.OK);
    }
}

UserService:

public class UserService {

    @Autowired
    private UserRepository userRepository;

    @Autowired
    private PasswordEncoder passwordEncoder;

    public Collection<Users> getAlluser() {
        return userRepository.findAll();
    }

    public Users getUser(int id) {
        return userRepository.getOne(id);
    }

    public void deleteUser(int id) {
        userRepository.deleteById(id);
    }

    public Users updateUser(Users user) {
        //Users u = userRepository.getOne(user.getId());
        Users userUpdate = null;
        if(userRepository.findById(user.getId()) != null) {
             userUpdate = userRepository.save(user);
        }
        return userUpdate;
    }

    public String addUser(Users user) {
        Users tmpUser = userRepository.findByUsername(user.getUsername());
        if(tmpUser == null) {
            userRepository.save(user);
            return "CREATED";
        } else {
            return "EXISTED";
        }
    }
}

我正在尝试构建restful API . 当我尝试访问链接时:http://localhost:8080/API/user/all

而是返回json值,它重定向到登录页面(我不配置那样做) .

图片登录页面:login page

你能帮我澄清这个案子吗?

2 回答

  • 0

    另一种方法,如果您想绕过该表单而不删除spring-security依赖项 . 您可以提供如下的用户名/密码:

    a)用户名是用户

    b)password是一个哈希字符串,您可以在控制台上绘制 . 例如,它将位于“使用默认安全密码:3322e14e-b18c-42f2-a399-e391bd9909c4”行中

  • 0

    与Spring MVC不同,REST服务不应该将用户重定向到登录页面,因为它是资源,而不是视图解析器 . 相反,调用者(Web浏览器作为示例)在接收HTTP代码401时将用户重定向到登录页面 .

相关问题