-1

I have a question about using spring security.I have a node.js http-server(localhost:8000) and a spring boot project(localhost:8090).And i use spring security in spring boot project.Here is my config

@Configuration
@EnableWebSecurity
public class SecurityConfig extends WebSecurityConfigurerAdapter {

@Autowired
HunterUserRepository repository;

@Override
protected void configure(AuthenticationManagerBuilder auth) throws Exception{
    auth.userDetailsService(new HunterUserSecurityServices(repository));

}

@Override
protected void configure(HttpSecurity http) throws Exception{
    http
            .authorizeRequests().anyRequest().permitAll()
            .and()
            .authorizeRequests()
            .antMatchers("/api/private/**").authenticated()
            .and().formLogin().loginPage("/login").permitAll();
    http.csrf().disable();
 }
}

And this is my login.html in http-server:

<form class="form-signin" action="http://localhost:8090/login" method="POST">  
    <h2>请登录<div class="pull-right"><small><a href="#">注册</a></small></div></h2>
    <label for="username" class="sr-only">用户名</label>  
    <input name="username" type="text" id="username" class="form-control" placeholder="用户名" required autofocus style="margin-bottom: 10px">

    <label for="inputPassword" class="sr-only">密码</label>  
    <input name="password" type="password" id="inputPassword" class="form-control" placeholder="密码" required style="margin-bottom: 10px">  
    <button class="btn btn-lg btn-primary btn-block" type="submit" name="submit" value="Login">登录</button>  
  </form>

when i visited http://localhost:8000/login.html and type my username and password that i alreadly had in mongo, i got

Whitelabel Error Page

This application has no explicit mapping for /error, so you are seeing this as a fallback.

Tue Mar 07 20:30:15 CST 2017
There was an unexpected error (type=Not Found, status=404). 
No message available

I guess it could be the problem of spring security,because when i add a controller in spring boot like this:

@RestController
//@CrossOrigin 
public class LoginController {
    @RequestMapping("/login")
    String login(){
        return "login";
    }
}

and when i visied login.html , submit ,i got the string "login".

i dont know why,and all the message i can find about spring security are using jsp or thylef. so maybe i short of something about spring security.

Do anyone know how i can make it? thx a lot.

Dade
  • 1
  • no,i put all the page to node.js http-server,i dont know how to desc ,it's a so called front-end and a back-end. – Dade Mar 08 '17 at 00:21

1 Answers1

-1

Hay I just got answer from http://stackoverflow.com/questions/21696592/disable-spring-security-for-options-http-method by Luc S,so i just ignore the http option and i make it. Hope this would help you.

Dade
  • 1