Fatal编程技术网
  • html/
  • 不会为注销的用户加载Html图像-Spring/SpringSecurity

不会为注销的用户加载Html图像-Spring/SpringSecurity

html spring image spring-mvc spring-security

不会为注销的用户加载Html图像-Spring/SpringSecurity,html,spring,image,spring-mvc,spring-security,Html,Spring,Image,Spring Mvc,Spring Security,如标题中所述,当用户收到my spring webapp的欢迎页面时,嵌入的html图像不会加载,只显示损坏的图像图标。 当用户登录时,所有图像都可以查看 没有出现错误,我感觉这与Spring的安全特性有关,是否有解决方案/解决方法 我的HTML代码: <a> <img src="src/main/resources/static/images/logo.jpg"> </img></a> <a> <img src="/image

如标题中所述,当用户收到my spring webapp的欢迎页面时,嵌入的html图像不会加载,只显示损坏的图像图标。 当用户登录时,所有图像都可以查看

没有出现错误,我感觉这与Spring的安全特性有关,是否有解决方案/解决方法

我的HTML代码:

<a> <img src="src/main/resources/static/images/logo.jpg"> </img></a>

<a> <img src="/images/logo.jpg"> </img></a>
我的网站安全:

package com.FYP.Club.Security;


import javax.sql.DataSource;

import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;

import com.FYP.Club.repository.UserLoginRepository;


@Configuration
@EnableWebSecurity
public class WebSecurityConfig extends WebSecurityConfigurerAdapter {

    @Autowired
       UserLoginRepository userLoginRepository;

    //http.authorizeRequests().antMatchers("/", "/home", "/registeruser").permitAll().antMatchers("/admin").hasRole("ADMIN")

     @Autowired
     DataSource dataSource;

        @Override
        protected void configure(HttpSecurity http) throws Exception {
            http.authorizeRequests().antMatchers("/", "/home", "/registeruser").permitAll().antMatchers("/admin").hasRole("ADMIN")
                    .anyRequest().authenticated().and().formLogin().loginPage("/login").permitAll().and().logout()
                    .permitAll();
            http.exceptionHandling().accessDeniedPage("/403");
            http.csrf().disable();
            //disable csrf to allow communication (we also dont need for this fyp as its not live)
        }

    @Autowired
    public void configureGlobal(AuthenticationManagerBuilder auth) throws Exception {


           auth.jdbcAuthentication().dataSource(dataSource)
          .usersByUsernameQuery("select user_name,password,user_status from user_login where user_name=?")
          .authoritiesByUsernameQuery("select user_name, password from user_login where user_name=?");         


}

    }
如果您需要更多代码,请告诉我

您应该将它们配置为被Spring Security忽略。 例如,将此方法添加到您的WebSecurity配置中:

@Override
    public void configure(WebSecurity web) {
        web.ignoring().antMatchers("/fonts/**", "/images/**", "/css/**");
    }
如果您使用此链接请求图像:

<a> <img src="/images/logo.jpg"> </img></a>