Spring Security(4.0.1)与AngularJS的集成。每次用户输入无效凭据时都会弹出基本身份验证窗口
我正在尝试将SpringSecurity(4.0.1)与AngularJS集成。我能够使用基于XML的配置进行基本身份验证。问题是,每次用户输入无效凭据时,Web浏览器都会显示弹出窗口。我尝试使用普通的ServletFilters以及基于Spring安全性的自定义过滤器删除WWW Authenticate repsone头。还没有成功。有人能帮我吗?扩展默认值Spring Security(4.0.1)与AngularJS的集成。每次用户输入无效凭据时都会弹出基本身份验证窗口,angularjs,spring-security,popup,basic-authentication,www-authenticate,Angularjs,Spring Security,Popup,Basic Authentication,Www Authenticate,我正在尝试将SpringSecurity(4.0.1)与AngularJS集成。我能够使用基于XML的配置进行基本身份验证。问题是,每次用户输入无效凭据时,Web浏览器都会显示弹出窗口。我尝试使用普通的ServletFilters以及基于Spring安全性的自定义过滤器删除WWW Authenticate repsone头。还没有成功。有人能帮我吗?扩展默认值例外TranslationFilter,它为所有ajax请求返回HTTP 401,而不是基本身份验证质询: package mypacka
例外TranslationFilter
,它为所有ajax请求返回HTTP 401,而不是基本身份验证质询:
package mypackage;
import java.io.IOException;
import javax.servlet.FilterChain;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.core.AuthenticationException;
import org.springframework.security.web.AuthenticationEntryPoint;
import org.springframework.security.web.access.ExceptionTranslationFilter;
public class AjaxExceptionTranslationFilter extends ExceptionTranslationFilter {
@Autowired
public AjaxExceptionTranslationFilter(AuthenticationEntryPoint authenticationEntryPoint) {
super(authenticationEntryPoint);
}
@Override
protected void sendStartAuthentication(HttpServletRequest request, HttpServletResponse response, FilterChain chain, AuthenticationException reason)
throws ServletException, IOException {
boolean isAjax = "XMLHttpRequest".equals(request.getHeader("X-Requested-With"));
if (isAjax) {
response.sendError(HttpServletResponse.SC_UNAUTHORIZED, "Unauthorized");
} else {
super.sendStartAuthentication(request, response, chain, reason);
}
}
}
将AjaxExceptionTranslationFilter
添加到您的配置中,就在默认的FILTER\u SECURITY\u INTERCEPTOR
之前:
<security:http pattern="/**">
<security:custom-filter before="FILTER_SECURITY_INTERCEPTOR" ref="exceptionTranslationFilter"/>
<!-- ... -->
</security:http>
<bean id="exceptionTranslationFilter" class="mypackage.AjaxExceptionTranslationFilter">
<constructor-arg ref="loginUrlAuthenticationEntryPoint"/>
</bean>
}]))
$httpProvider.interceptors.push(['$q', function($q) {
return {
'responseError': function(rejection) {
if(rejection.status === 401) {
// .. do something meaningful
}
return $q.reject(rejection);
}
};
}]);
$httpProvider.interceptors.push(['$q', function ($q) {
return {
'request': function (config) {
config.headers["X-Requested-With"] = "XMLHttpRequest";
return config || $q.when(config);
}
};
}]);