如何将angularJS客户端的用户和密码捕获到spring security中
我在angular中实现了一个演示客户端,它将用户名和密码作为POST发送到一个RESTAPI,RESTAPI读取用户名和密码并执行一些身份验证逻辑。问题是,在控制器中,catch始终为null(无用户无通行证)。我曾尝试在Chrome的高级Rest客户端发送相同的数据,一切正常 以下是我的代码片段: 角度客户端:如何将angularJS客户端的用户和密码捕获到spring security中,spring,security,http,angularjs,client,Spring,Security,Http,Angularjs,Client,我在angular中实现了一个演示客户端,它将用户名和密码作为POST发送到一个RESTAPI,RESTAPI读取用户名和密码并执行一些身份验证逻辑。问题是,在控制器中,catch始终为null(无用户无通行证)。我曾尝试在Chrome的高级Rest客户端发送相同的数据,一切正常 以下是我的代码片段: 角度客户端: function LoginCtrl($scope, $rootScope, $location, $http, LoginService) { $scope.submit = f
function LoginCtrl($scope, $rootScope, $location, $http, LoginService) {
$scope.submit = function() {
LoginService.authenticate($.param({username: $scope.inputUsername, password: $scope.inputPassword}), function(user) {
$rootScope.user = user;
$http.defaults.headers.common['Authentication'] = user.token;
$location.path("/");
});
};
<servlet>
<servlet-name>RestService</servlet-name>
<servlet-class>com.sun.jersey.spi.spring.container.servlet.SpringServlet</servlet-class>
<init-param>
<param-name>com.sun.jersey.config.property.packages</param-name>
<param-value>com.pearson.taxonomy.cm.web.controller</param-value>
</init-param>
<init-param>
<param-name>com.sun.jersey.api.json.POJOMappingFeature</param-name>
<param-value>true</param-value>
</init-param>
<load-on-startup>1</load-on-startup>
</servlet>
<servlet-mapping>
<servlet-name>RestService</servlet-name>
<url-pattern>/rest/*</url-pattern>
</servlet-mapping>
再服务
com.sun.jersey.spi.spring.container.servlet.SpringServlet
com.sun.jersey.config.property.packages
com.pearson.taxonomy.cm.web.controller
com.sun.jersey.api.json.POJOMappingFeature
真的
1.
再服务
/休息/*
import javax.ws.rs.FormParam;
import javax.ws.rs.POST;
import javax.ws.rs.Path;
import javax.ws.rs.Produces;
import javax.ws.rs.core.MediaType;
import java.util.HashMap;
import java.util.Map;
@Component
@Path("/user")
public class UserResource {
@Autowired
private UserDetailsService userService;
@Autowired
@Qualifier("authenticationManager")
private AuthenticationManager authManager;
@Path("authenticate")
@POST
@Produces(MediaType.APPLICATION_JSON)
public UserView authenticate(@FormParam("username") String username, @FormParam("password") String password) {
UsernamePasswordAuthenticationToken authenticationToken = new UsernamePasswordAuthenticationToken(username, password);
Authentication authentication = this.authManager.authenticate(authenticationToken);
SecurityContextHolder.getContext().setAuthentication(authentication);
Map<String, Boolean> roles = new HashMap<String, Boolean>();
UserDetails userDetails = this.userService.loadUserByUsername(username);
for (GrantedAuthority authority : userDetails.getAuthorities()) {
roles.put(authority.toString(), Boolean.TRUE);
}
return new UserView(userDetails.getUsername(), roles, TokenUtils.createToken(userDetails));
}
}
导入javax.ws.rs.FormParam;
导入javax.ws.rs.POST;
导入javax.ws.rs.Path;
导入javax.ws.rs.products;
导入javax.ws.rs.core.MediaType;
导入java.util.HashMap;
导入java.util.Map;
@组成部分
@路径(“/user”)
公共类用户资源{
@自动连线
私有用户详细信息服务用户服务;
@自动连线
@限定符(“authenticationManager”)
私人身份验证管理器;
@路径(“验证”)
@职位
@产生(MediaType.APPLICATION_JSON)
public UserView身份验证(@FormParam(“用户名”)字符串用户名,@FormParam(“密码”)字符串密码){
UsernamePasswordAuthenticationToken authenticationToken=新的UsernamePasswordAuthenticationToken(用户名、密码);
身份验证=this.authManager.authenticate(authenticationToken);
SecurityContextHolder.getContext().setAuthentication(身份验证);
Map roles=newhashmap();
UserDetails UserDetails=this.userService.loadUserByUsername(用户名);
for(GrantedAuthority:userDetails.getAuthories()){
roles.put(authority.toString(),Boolean.TRUE);
}
返回新的UserView(userDetails.getUsername(),roles,TokenUtils.createToken(userDetails));
}
}
<servlet>
<servlet-name>RestService</servlet-name>
<servlet-class>com.sun.jersey.spi.spring.container.servlet.SpringServlet</servlet-class>
<init-param>
<param-name>com.sun.jersey.config.property.packages</param-name>
<param-value>com.pearson.taxonomy.cm.web.controller</param-value>
</init-param>
<init-param>
<param-name>com.sun.jersey.api.json.POJOMappingFeature</param-name>
<param-value>true</param-value>
</init-param>
<load-on-startup>1</load-on-startup>
</servlet>
<servlet-mapping>
<servlet-name>RestService</servlet-name>
<url-pattern>/rest/*</url-pattern>
</servlet-mapping>
import javax.ws.rs.FormParam;
import javax.ws.rs.POST;
import javax.ws.rs.Path;
import javax.ws.rs.Produces;
import javax.ws.rs.core.MediaType;
import java.util.HashMap;
import java.util.Map;
@Component
@Path("/user")
public class UserResource {
@Autowired
private UserDetailsService userService;
@Autowired
@Qualifier("authenticationManager")
private AuthenticationManager authManager;
@Path("authenticate")
@POST
@Produces(MediaType.APPLICATION_JSON)
public UserView authenticate(@FormParam("username") String username, @FormParam("password") String password) {
UsernamePasswordAuthenticationToken authenticationToken = new UsernamePasswordAuthenticationToken(username, password);
Authentication authentication = this.authManager.authenticate(authenticationToken);
SecurityContextHolder.getContext().setAuthentication(authentication);
Map<String, Boolean> roles = new HashMap<String, Boolean>();
UserDetails userDetails = this.userService.loadUserByUsername(username);
for (GrantedAuthority authority : userDetails.getAuthorities()) {
roles.put(authority.toString(), Boolean.TRUE);
}
return new UserView(userDetails.getUsername(), roles, TokenUtils.createToken(userDetails));
}
}