Fatal编程技术网
  • reactjs/
  • Reactjs 添加安全性后,无法在springboot中查看react路由

Reactjs 添加安全性后,无法在springboot中查看react路由

reactjs spring-boot

Reactjs 添加安全性后,无法在springboot中查看react路由,reactjs,spring-boot,Reactjs,Spring Boot,我有一个reactJs/Spring引导应用程序,它的结构使reactJs/front-end嵌入到java主项目文件夹中,但在开发过程中独立于后端运行 我正在使用eirslett插件构建我的react项目,并在构建spring boot应用程序时将文件复制到${project.build.directory}/classes/public目录中 在我构建内置安全性(OIDC)之前,我认为我能够构建项目并在没有任何问题的情况下进行导航。由于在安全中构建,我无法再在构建的项目中导航。所以我猜我在

我有一个reactJs/Spring引导应用程序,它的结构使reactJs/front-end嵌入到java主项目文件夹中,但在开发过程中独立于后端运行

我正在使用eirslett插件构建我的react项目,并在构建spring boot应用程序时将文件复制到
${project.build.directory}/classes/public
目录中

在我构建内置安全性(OIDC)之前,我认为我能够构建项目并在没有任何问题的情况下进行导航。由于在安全中构建,我无法再在构建的项目中导航。所以我猜我在我的安全文件中错误配置了一些东西,阻止了我的应用程序中以前工作的路由

项目生成,我得到登录屏幕,但当OIDC返回带有用户令牌的回调时,应用程序暂停,我得到一个404错误,该错误/callback不存在。但所有的路线都在安全检查前退出了…发生了什么事

以下是我的spring启动配置文件:

@Configuration
@EnableWebSecurity
@EnableGlobalMethodSecurity(securedEnabled = true, prePostEnabled = true)
public class WebSecurityConfig extends WebSecurityConfigurerAdapter {

    private JdbcOidcBearerTokenFilter filter;

    @Autowired
    public WebSecurityConfig(@Value("${security.oauth2.client.wellKnownUrl}") String wellKnown
            , @Value("${security.oauth2.client.clientId}") String clientId
            , @Value("${security.oauth2.client.clientSecret}") String clientSecret
            , EaUserService usersService, LoginService loginService) {

        OidcService oidcService = new OidcService(wellKnown, clientId, clientSecret);
        this.filter = new JdbcOidcBearerTokenFilter(oidcService, usersService, loginService, "Authorization");
    }

    @Override
    public void configure(WebSecurity webSecurity) {
        webSecurity
                .ignoring()
                .antMatchers("/error", "/403.html", "/js/**", "/css/**", "/media/**", "/static/**");
    }

    @Override
    protected void configure(HttpSecurity http) throws Exception {
        http
                .cors().and()
                .csrf().disable()
                .addFilterAfter(new OAuth2ClientContextFilter(), AbstractPreAuthenticatedProcessingFilter.class)
                .addFilterAfter(this.filter, OAuth2ClientContextFilter.class)
                .authorizeRequests()
                /**ORDER MATTERS! - Least restrictive first**/
                .antMatchers("/api/login/**", "/static/**", "/classes/public/**").permitAll()
                .antMatchers("/api/watersystem/public/**").authenticated()
                .antMatchers("/api/admin/**").hasAnyRole("DDW_ADMIN", "DEVELOPER")
                .antMatchers("/api/enforcementactions/**").hasAnyRole("DDW_ADMIN", "DEVELOPER", "DDW_STAFF")
                .antMatchers("/api/incidents/**").hasAnyRole("DDW_ADMIN", "DEVELOPER", "DDW_STAFF")
                .antMatchers("/api/reports/**").hasAnyRole("DDW_ADMIN", "DEVELOPER", "DDW_STAFF")
                .antMatchers("/api/utilities/**").hasAnyRole("DDW_ADMIN", "DEVELOPER", "DDW_STAFF");

    }

//Tried this but it resulted in a blank screen. W/O it I at least get the login page
/*
    @Bean
    public WebMvcConfigurer configurer() {
        return new WebMvcConfigurer() {
            @Override
            public void addResourceHandlers(ResourceHandlerRegistry registry) {
                registry.addResourceHandler("/static/**")
                        .addResourceLocations("/css/", "/js/", "/media/");

            }

        };
    }*/
}
以下是应用程序构建后的项目结构截图:

POM-用于react生成和复制的文件

<build>
        <plugins>
            <plugin>
                <groupId>org.apache.maven.plugins</groupId>
                <artifactId>maven-surefire-plugin</artifactId>
                <version>2.22.1</version>
                <configuration>
                    <skipTests>true</skipTests>
                </configuration>
            </plugin>
            <plugin>
                <groupId>org.springframework.boot</groupId>
                <artifactId>spring-boot-maven-plugin</artifactId>
            </plugin>
            <plugin>
                <groupId>com.github.eirslett</groupId>
                <artifactId>frontend-maven-plugin</artifactId>
                <version>1.6</version>
                <configuration>
                    <workingDirectory>ea_react</workingDirectory>
                    <installDirectory>target</installDirectory>
                </configuration>
                <executions>
                    <execution>
                        <id>install node and npm</id>
                        <goals>
                            <goal>install-node-and-npm</goal>
                        </goals>
                        <configuration>
                            <nodeVersion>v12.16.1</nodeVersion>
                            <npmVersion>6.13.4</npmVersion>
                        </configuration>
                    </execution>
                    <execution>
                        <id>npm install</id>
                        <goals>
                            <goal>npm</goal>
                        </goals>
                        <configuration>
                            <arguments>install</arguments>
                        </configuration>
                    </execution>
                    <execution>
                        <id>npm run build</id>
                        <goals>
                            <goal>npm</goal>
                        </goals>
                        <configuration>
                            <arguments>run build</arguments>
                        </configuration>
                    </execution>
                </executions>
            </plugin>
            <plugin>
                <artifactId>maven-antrun-plugin</artifactId>
                <executions>
                    <execution>
                        <phase>generate-resources</phase>
                        <configuration>
                            <target>
                                <copy todir="${project.build.directory}/classes/public">
                                    <fileset dir="${project.basedir}/ea_react/build"/>
                                </copy>
                            </target>
                        </configuration>
                        <goals>
                            <goal>run</goal>
                        </goals>
                    </execution>
                </executions>
            </plugin>
        </plugins>
    </build>


org.apache.maven.plugins
maven surefire插件
2.22.1
真的
org.springframework.boot
springbootmaven插件
com.github.eirslett
前端maven插件
1.6
eau反应
目标
安装节点和npm
安装节点和npm
v12.16.1
6.13.4
npm安装
npm
安装
npm运行构建
npm
运行构建
maven antrun插件
产生资源
跑
I“不喜欢”您的安全配置中的
“/static/**”、“/classes/public/**”
,请“尝试”:
/public/**
。我尝试了,结果仍然是404