Fatal编程技术网
  • angularjs/
  • 激发安全性401-使用Angularjs调用restful服务

激发安全性401-使用Angularjs调用restful服务

angularjs rest spring-security

激发安全性401-使用Angularjs调用restful服务,angularjs,rest,spring-security,restful-authentication,http-status-code-401,Angularjs,Rest,Spring Security,Restful Authentication,Http Status Code 401,我对spring安全性有问题。我已经完成了与我的用户的身份验证过程,但是当我通过angularjs调用restful服务时,出现了一个错误401 <?xml version="1.0" encoding="UTF-8" standalone="no"?> <beans:beans xmlns="http://www.springframework.org/schema/security" xmlns:beans="http://www.springframew

我对spring安全性有问题。我已经完成了与我的用户的身份验证过程,但是当我通过angularjs调用restful服务时,出现了一个错误401

    <?xml version="1.0" encoding="UTF-8" standalone="no"?>
<beans:beans xmlns="http://www.springframework.org/schema/security" 
    xmlns:beans="http://www.springframework.org/schema/beans" 
    xmlns:context="http://www.springframework.org/schema/context" 
    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" 
    xsi:schemaLocation="http://www.springframework.org/schema/beans   
                        http://www.springframework.org/schema/beans/spring-beans-3.1.xsd      
                        http://www.springframework.org/schema/security    
                        http://www.springframework.org/schema/security/spring-security-3.1.xsd        
                        http://www.springframework.org/schema/context         
                        http://www.springframework.org/schema/context/spring-context-3.1.xsd">

    <context:component-scan base-package="it.xxx.yyy.service.security" scoped-proxy="interfaces" />

    <http realm="Protected API"
            use-expressions="true"
            auto-config="false"
            create-session="stateless"
            entry-point-ref="unauthorizedEntryPoint"
            authentication-manager-ref="authenticationManager">
        <custom-filter ref="authenticationTokenProcessingFilter" position="FORM_LOGIN_FILTER" />    
        <intercept-url pattern="/" access="permitAll"/>
        <intercept-url pattern="/static/**" access="permitAll"/>
        <intercept-url pattern="/rest/" access="permitAll"/>
        <intercept-url pattern="/rest/secure/**" access="isAuthenticated()" />
        <intercept-url pattern="/secure/**" access="isAuthenticated()"/>
        <remember-me key="YYY2RMKey" user-service-ref="CustomUserDetailsService"/> 
    </http>
    <authentication-manager id="authenticationManager">
        <authentication-provider user-service-ref="CustomUserDetailsService">
            <password-encoder hash="sha"/>
        </authentication-provider>
    </authentication-manager>
</beans:beans>
有什么想法吗?

也许一个解决办法就是用这种方式来解释这个方法

<intercept-url method="GET" pattern="/rest/secure/**" access="isAuthenticated()" />
<intercept-url method="PUT" pattern="/rest/secure/**" access="isAuthenticated()" />
<intercept-url method="POST" pattern="/rest/secure/**" access="isAuthenticated()" />
<intercept-url method="DELETE" pattern="/rest/secure/**" access="isAuthenticated()" />