Warning: file_get_contents(/data/phpspider/zhask/data//catemap/7/arduino/2.json): failed to open stream: No such file or directory in /data/phpspider/zhask/libs/function.php on line 167

Warning: Invalid argument supplied for foreach() in /data/phpspider/zhask/libs/tag.function.php on line 1116

Notice: Undefined index: in /data/phpspider/zhask/libs/function.php on line 180

Warning: array_chunk() expects parameter 1 to be array, null given in /data/phpspider/zhask/libs/function.php on line 181
Spring Security(4.0.1)与AngularJS的集成。每次用户输入无效凭据时都会弹出基本身份验证窗口_Angularjs_Spring Security_Popup_Basic Authentication_Www Authenticate - Fatal编程技术网
Fatal编程技术网
  • angularjs/
  • Spring Security(4.0.1)与AngularJS的集成。每次用户输入无效凭据时都会弹出基本身份验证窗口

Spring Security(4.0.1)与AngularJS的集成。每次用户输入无效凭据时都会弹出基本身份验证窗口

angularjs spring-security

Spring Security(4.0.1)与AngularJS的集成。每次用户输入无效凭据时都会弹出基本身份验证窗口,angularjs,spring-security,popup,basic-authentication,www-authenticate,Angularjs,Spring Security,Popup,Basic Authentication,Www Authenticate,我正在尝试将SpringSecurity(4.0.1)与AngularJS集成。我能够使用基于XML的配置进行基本身份验证。问题是,每次用户输入无效凭据时,Web浏览器都会显示弹出窗口。我尝试使用普通的ServletFilters以及基于Spring安全性的自定义过滤器删除WWW Authenticate repsone头。还没有成功。有人能帮我吗?扩展默认值例外TranslationFilter,它为所有ajax请求返回HTTP 401,而不是基本身份验证质询: package mypacka

我正在尝试将SpringSecurity(4.0.1)与AngularJS集成。我能够使用基于XML的配置进行基本身份验证。问题是,每次用户输入无效凭据时,Web浏览器都会显示弹出窗口。我尝试使用普通的ServletFilters以及基于Spring安全性的自定义过滤器删除WWW Authenticate repsone头。还没有成功。有人能帮我吗?

扩展默认值
例外TranslationFilter
,它为所有ajax请求返回HTTP 401,而不是基本身份验证质询:

package mypackage;

import java.io.IOException;

import javax.servlet.FilterChain;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.core.AuthenticationException;
import org.springframework.security.web.AuthenticationEntryPoint;
import org.springframework.security.web.access.ExceptionTranslationFilter;

public class AjaxExceptionTranslationFilter extends ExceptionTranslationFilter {

    @Autowired
    public AjaxExceptionTranslationFilter(AuthenticationEntryPoint authenticationEntryPoint) {
        super(authenticationEntryPoint);
    }

    @Override
    protected void sendStartAuthentication(HttpServletRequest request, HttpServletResponse response, FilterChain chain, AuthenticationException reason)
            throws ServletException, IOException {
        boolean isAjax = "XMLHttpRequest".equals(request.getHeader("X-Requested-With"));

        if (isAjax) {
            response.sendError(HttpServletResponse.SC_UNAUTHORIZED, "Unauthorized");
        } else {
            super.sendStartAuthentication(request, response, chain, reason);
        }
    }
}

AjaxExceptionTranslationFilter
添加到您的配置中,就在默认的
FILTER\u SECURITY\u INTERCEPTOR
之前:

<security:http pattern="/**">
    <security:custom-filter before="FILTER_SECURITY_INTERCEPTOR" ref="exceptionTranslationFilter"/>
    <!-- ... -->
</security:http>

<bean id="exceptionTranslationFilter" class="mypackage.AjaxExceptionTranslationFilter">
    <constructor-arg ref="loginUrlAuthenticationEntryPoint"/>
</bean>
}]))

$httpProvider.interceptors.push(['$q', function($q) {
    return {
        'responseError': function(rejection) {
            if(rejection.status === 401) {
                // .. do something meaningful
            }


            return $q.reject(rejection);
        }
    };
}]);

$httpProvider.interceptors.push(['$q', function ($q) {
    return {
        'request': function (config) {
            config.headers["X-Requested-With"] = "XMLHttpRequest";
            return config || $q.when(config);
        }
    };
}]);