Reactjs 添加安全性后,无法在springboot中查看react路由
我有一个reactJs/Spring引导应用程序,它的结构使reactJs/front-end嵌入到java主项目文件夹中,但在开发过程中独立于后端运行 我正在使用eirslett插件构建我的react项目,并在构建spring boot应用程序时将文件复制到Reactjs 添加安全性后,无法在springboot中查看react路由,reactjs,spring-boot,Reactjs,Spring Boot,我有一个reactJs/Spring引导应用程序,它的结构使reactJs/front-end嵌入到java主项目文件夹中,但在开发过程中独立于后端运行 我正在使用eirslett插件构建我的react项目,并在构建spring boot应用程序时将文件复制到${project.build.directory}/classes/public目录中 在我构建内置安全性(OIDC)之前,我认为我能够构建项目并在没有任何问题的情况下进行导航。由于在安全中构建,我无法再在构建的项目中导航。所以我猜我在
${project.build.directory}/classes/public
目录中
在我构建内置安全性(OIDC)之前,我认为我能够构建项目并在没有任何问题的情况下进行导航。由于在安全中构建,我无法再在构建的项目中导航。所以我猜我在我的安全文件中错误配置了一些东西,阻止了我的应用程序中以前工作的路由
项目生成,我得到登录屏幕,但当OIDC返回带有用户令牌的回调时,应用程序暂停,我得到一个404错误,该错误/callback不存在。但所有的路线都在安全检查前退出了…发生了什么事
以下是我的spring启动配置文件:
@Configuration
@EnableWebSecurity
@EnableGlobalMethodSecurity(securedEnabled = true, prePostEnabled = true)
public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
private JdbcOidcBearerTokenFilter filter;
@Autowired
public WebSecurityConfig(@Value("${security.oauth2.client.wellKnownUrl}") String wellKnown
, @Value("${security.oauth2.client.clientId}") String clientId
, @Value("${security.oauth2.client.clientSecret}") String clientSecret
, EaUserService usersService, LoginService loginService) {
OidcService oidcService = new OidcService(wellKnown, clientId, clientSecret);
this.filter = new JdbcOidcBearerTokenFilter(oidcService, usersService, loginService, "Authorization");
}
@Override
public void configure(WebSecurity webSecurity) {
webSecurity
.ignoring()
.antMatchers("/error", "/403.html", "/js/**", "/css/**", "/media/**", "/static/**");
}
@Override
protected void configure(HttpSecurity http) throws Exception {
http
.cors().and()
.csrf().disable()
.addFilterAfter(new OAuth2ClientContextFilter(), AbstractPreAuthenticatedProcessingFilter.class)
.addFilterAfter(this.filter, OAuth2ClientContextFilter.class)
.authorizeRequests()
/**ORDER MATTERS! - Least restrictive first**/
.antMatchers("/api/login/**", "/static/**", "/classes/public/**").permitAll()
.antMatchers("/api/watersystem/public/**").authenticated()
.antMatchers("/api/admin/**").hasAnyRole("DDW_ADMIN", "DEVELOPER")
.antMatchers("/api/enforcementactions/**").hasAnyRole("DDW_ADMIN", "DEVELOPER", "DDW_STAFF")
.antMatchers("/api/incidents/**").hasAnyRole("DDW_ADMIN", "DEVELOPER", "DDW_STAFF")
.antMatchers("/api/reports/**").hasAnyRole("DDW_ADMIN", "DEVELOPER", "DDW_STAFF")
.antMatchers("/api/utilities/**").hasAnyRole("DDW_ADMIN", "DEVELOPER", "DDW_STAFF");
}
//Tried this but it resulted in a blank screen. W/O it I at least get the login page
/*
@Bean
public WebMvcConfigurer configurer() {
return new WebMvcConfigurer() {
@Override
public void addResourceHandlers(ResourceHandlerRegistry registry) {
registry.addResourceHandler("/static/**")
.addResourceLocations("/css/", "/js/", "/media/");
}
};
}*/
}
以下是应用程序构建后的项目结构截图:
POM-用于react生成和复制的文件
<build>
<plugins>
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-surefire-plugin</artifactId>
<version>2.22.1</version>
<configuration>
<skipTests>true</skipTests>
</configuration>
</plugin>
<plugin>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-maven-plugin</artifactId>
</plugin>
<plugin>
<groupId>com.github.eirslett</groupId>
<artifactId>frontend-maven-plugin</artifactId>
<version>1.6</version>
<configuration>
<workingDirectory>ea_react</workingDirectory>
<installDirectory>target</installDirectory>
</configuration>
<executions>
<execution>
<id>install node and npm</id>
<goals>
<goal>install-node-and-npm</goal>
</goals>
<configuration>
<nodeVersion>v12.16.1</nodeVersion>
<npmVersion>6.13.4</npmVersion>
</configuration>
</execution>
<execution>
<id>npm install</id>
<goals>
<goal>npm</goal>
</goals>
<configuration>
<arguments>install</arguments>
</configuration>
</execution>
<execution>
<id>npm run build</id>
<goals>
<goal>npm</goal>
</goals>
<configuration>
<arguments>run build</arguments>
</configuration>
</execution>
</executions>
</plugin>
<plugin>
<artifactId>maven-antrun-plugin</artifactId>
<executions>
<execution>
<phase>generate-resources</phase>
<configuration>
<target>
<copy todir="${project.build.directory}/classes/public">
<fileset dir="${project.basedir}/ea_react/build"/>
</copy>
</target>
</configuration>
<goals>
<goal>run</goal>
</goals>
</execution>
</executions>
</plugin>
</plugins>
</build>
org.apache.maven.plugins
maven surefire插件
2.22.1
真的
org.springframework.boot
springbootmaven插件
com.github.eirslett
前端maven插件
1.6
eau反应
目标
安装节点和npm
安装节点和npm
v12.16.1
6.13.4
npm安装
npm
安装
npm运行构建
npm
运行构建
maven antrun插件
产生资源
跑
I“不喜欢”您的安全配置中的“/static/**”、“/classes/public/**”
,请“尝试”:/public/**
。我尝试了,结果仍然是404