Spring security can't access files under /resources

Question

Hi I am trying to include a front-end in the /resources folder of my application. My directory structure is as follows:

src
  main
    java // backend located here
  webapp
     resource //my html/css/js

I am using oauth for security of the backend:

MethodSecurityConfig.java

@Configuration
@EnableGlobalMethodSecurity(prePostEnabled = true)
public class MethodSecurityConfig extends GlobalMethodSecurityConfiguration {

    @Override
    protected MethodSecurityExpressionHandler createExpressionHandler() {
        return new OAuth2MethodSecurityExpressionHandler();
    }

}

ResourceServerConfigurerAdapter.java

@Configuration

    @EnableResourceServer
    public class ResourceServerConfiguration extends ResourceServerConfigurerAdapter {

        @Override
        public void configure(final HttpSecurity http) throws Exception {

            http.authorizeRequests()
                    .antMatchers("/resources/**").permitAll().and()
                    .sessionManagement().sessionCreationPolicy(SessionCreationPolicy.IF_REQUIRED)
                    .and().authorizeRequests().anyRequest().authenticated();

        }
    }

ResourceWebConfig.java

@Configuration
@EnableWebMvc
@ComponentScan({"eu.emif.resource.web"})
public class ResourceWebConfig extends WebMvcConfigurerAdapter {
    @Override
    public void addResourceHandlers(ResourceHandlerRegistry registry) {
        registry
                .addResourceHandler("/resources/**")
                .addResourceLocations("(/resources/");
    }
}

Whenever I try to go to http://localhost:8082/style.css Or http://localhost:8082/resources/style.css I am getting

 <oauth>
<error_description>
Full authentication is required to access this resource
</error_description>
<error>unauthorized</error>
</oauth>

Help would be much appreciated.

yes my backend uses maven – Arno_Geismar Jul 04 '16 at 10:49 — Arno_Geismar, Jul 04 '16 at 10:49

score 0 · Accepted Answer · answered Jul 04 '16 at 10:56

0

Change you directory structure to as follows:

src
  main
    java // backend located here
    resources(By default these files are not added in deployment assembly and mostly used for loading java resources like xml file,properies file etc.)  
  webapp
    resource(create new folder here and put your frontend(html/js/css) files here)

answered Jul 04 '16 at 10:56

Keshav

821
2
12
33

Looks like he finds it now but I am still getting an unauthorized. I updated my question – Arno_Geismar Jul 04 '16 at 11:08
Have a look on this http://stackoverflow.com/questions/26881296/spring-security-oauth2-full-authentication-is-required-to-access-this-resource. – Keshav Jul 04 '16 at 11:22

Spring security can't access files under /resources

1 Answers1