Angularjs 前端身份验证失败(角度/弹簧)
我的前端代码基于此链接,除了Angularjs 前端身份验证失败(角度/弹簧),angularjs,spring,spring-security,Angularjs,Spring,Spring Security,我的前端代码基于此链接,除了authentication/service.js文件之外,我将代码更改为以下内容: 'use strict'; angular.module('Authentication') .factory('AuthenticationService', ['Base64', '$http', '$cookieStore', '$rootScope', '$timeout', function (Base64, $http, $cookieStore, $
authentication/service.js'use strict';
angular.module('Authentication')
.factory('AuthenticationService',
['Base64', '$http', '$cookieStore', '$rootScope', '$timeout',
function (Base64, $http, $cookieStore, $rootScope, $timeout) {
var service = {};
service.Login = function (username, password, callback) {
/* Dummy authentication for testing, uses $timeout to simulate api call
----------------------------------------------*/
//$timeout(function(){
// var response = { success: username === 'test' && password === 'test' };
// if(!response.success) {
// response.message = 'Username or password is incorrect';
// }
// callback(response);
//}, 1000);
/* Use this for real authentication
----------------------------------------------*/
$http.post('http://localhost:8080/AngularSpringBackend/authenticate', { username: username, password: password })
.success(function (response) {
callback(response);
});
};
service.SetCredentials = function (username, password) {
var authdata = Base64.encode(username + ':' + password);
$rootScope.globals = {
currentUser: {
username: username,
authdata: authdata
}
};
$http.defaults.headers.common['Authorization'] = 'Basic ' + authdata; // jshint ignore:line
$cookieStore.put('globals', $rootScope.globals);
};
service.ClearCredentials = function () {
$rootScope.globals = {};
$cookieStore.remove('globals');
$http.defaults.headers.common.Authorization = 'Basic ';
};
return service;
}])
.factory('Base64', function () {
/* jshint ignore:start */
var keyStr = 'ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/=';
return {
encode: function (input) {
var output = "";
var chr1, chr2, chr3 = "";
var enc1, enc2, enc3, enc4 = "";
var i = 0;
do {
chr1 = input.charCodeAt(i++);
chr2 = input.charCodeAt(i++);
chr3 = input.charCodeAt(i++);
enc1 = chr1 >> 2;
enc2 = ((chr1 & 3) << 4) | (chr2 >> 4);
enc3 = ((chr2 & 15) << 2) | (chr3 >> 6);
enc4 = chr3 & 63;
if (isNaN(chr2)) {
enc3 = enc4 = 64;
} else if (isNaN(chr3)) {
enc4 = 64;
}
output = output +
keyStr.charAt(enc1) +
keyStr.charAt(enc2) +
keyStr.charAt(enc3) +
keyStr.charAt(enc4);
chr1 = chr2 = chr3 = "";
enc1 = enc2 = enc3 = enc4 = "";
} while (i < input.length);
return output;
},
decode: function (input) {
var output = "";
var chr1, chr2, chr3 = "";
var enc1, enc2, enc3, enc4 = "";
var i = 0;
// remove all characters that are not A-Z, a-z, 0-9, +, /, or =
var base64test = /[^A-Za-z0-9\+\/\=]/g;
if (base64test.exec(input)) {
window.alert("There were invalid base64 characters in the input text.\n" +
"Valid base64 characters are A-Z, a-z, 0-9, '+', '/',and '='\n" +
"Expect errors in decoding.");
}
input = input.replace(/[^A-Za-z0-9\+\/\=]/g, "");
do {
enc1 = keyStr.indexOf(input.charAt(i++));
enc2 = keyStr.indexOf(input.charAt(i++));
enc3 = keyStr.indexOf(input.charAt(i++));
enc4 = keyStr.indexOf(input.charAt(i++));
chr1 = (enc1 << 2) | (enc2 >> 4);
chr2 = ((enc2 & 15) << 4) | (enc3 >> 2);
chr3 = ((enc3 & 3) << 6) | enc4;
output = output + String.fromCharCode(chr1);
if (enc3 != 64) {
output = output + String.fromCharCode(chr2);
}
if (enc4 != 64) {
output = output + String.fromCharCode(chr3);
}
chr1 = chr2 = chr3 = "";
enc1 = enc2 = enc3 = enc4 = "";
} while (i < input.length);
return output;
}
};
/* jshint ignore:end */
});
除了我提到的方法之外,还有什么好方法可以达到我想要的要求吗?您的corsFilter@Component注释中缺少。所以请像这样添加@组件
@Component
public class CORSFilter implements Filter{
static final Logger logger = LoggerFactory.getLogger(CORSFilter.class);
public void doFilter(ServletRequest req, ServletResponse res, FilterChain chain)
throws IOException, ServletException {
...
}
@组件表示一个自动扫描组件,这将允许您的spring容器自动扫描CORSFilter。已经添加了它,但在服务器控制台中,它给了我org.springframework.security.access.AccessDeniedException:org.springframework.security.access.vote.AffirmativeBased.decision(AffirmativeBased.java:84)拒绝访问位于org.springframework.security.access.intercept.AbstractSecurityInterceptor.beforeInvocation(AbstractSecurityInterceptor.java:233)处的org.springframework.security.web.access.intercept.FilterSecurityInterceptor.invoke(FilterSecurityInterceptor.java:124)。。。也许我还遗漏了什么?我搜索了“/api/authenticate”,我在securityConfiguration.java中找到了它。你已经注释掉了“/.loginProcessingUrl”(“/api/authenticate”),你也在点击url-带有角度。你能解释一下你为什么这样做吗?所以我不应该评论这句话?因为我不知道如何接近我想要的。。。你能给我一些建议吗?请确认我你是否能用postman访问你的登录API。如果是,请告诉我url和正文数据。如果你能和邮递员打交道,那么用angularjs打URL就没有问题了。
@Component
public class CORSFilter implements Filter{
static final Logger logger = LoggerFactory.getLogger(CORSFilter.class);
public void doFilter(ServletRequest req, ServletResponse res, FilterChain chain)
throws IOException, ServletException {
...
}