-1

I'm trying to access content from "src\main\resources\static" folder but i got 401 errors in inspect window in chrome.

Inside of "static" folder i have sub folder called "assets" and the structure bit like this.

assets/css/** assets/js/** assets/fonts/** assets/image/** assets/css/boostrap/**

this is my WebMvcConfigurerAdapter class

@Configuration
public class OAuthWebFormConfiguration extends WebMvcConfigurerAdapter {

@Override
public void addViewControllers(ViewControllerRegistry registry) {
    registry.addViewController("/login").setViewName("login");

registry.addViewController("/oauth/confirm_access").setViewName("authorize");
}

@Configuration
@Order(-20)
protected static class LoginConfig extends WebSecurityConfigurerAdapter {

    @Autowired
    private CustomAuthenticationManager customAuthenticationManager;

    @Override
    protected void configure(HttpSecurity http) throws Exception {
        http.formLogin().loginPage("/login").permitAll()
                .and()
                .requestMatchers()
                .antMatchers("/login", "/oauth/authorize", "/oauth/confirm_access")//,"/resources/**", "/assets/**"
                .and()
                .authorizeRequests()
                .anyRequest()
                .authenticated();
    }

    @Override
    protected void configure(AuthenticationManagerBuilder auth) throws Exception {
        auth.parentAuthenticationManager(customAuthenticationManager);
    }

    }
    }
Dzshean
  • 314
  • 6
  • 23
  • 1
    Possible duplicate of [Serving static web resources in Spring Boot & Spring Security application](https://stackoverflow.com/questions/24916894/serving-static-web-resources-in-spring-boot-spring-security-application) – xerx593 Jun 29 '18 at 08:22
  • check this answer: https://stackoverflow.com/a/24920752/592355 – xerx593 Jun 29 '18 at 08:23
  • And what url do you hit to access them?? – Karthik R Jun 29 '18 at 08:28
  • @KarthikR , Im trying to access customized login page of my Auth-Server. it can be access at "server:port/app/login" – Dzshean Jun 29 '18 at 08:33
  • you have to hit URL like this : `http://:/app/assets/image/sunrise.jpg` since `static/**` is added by default in spring boot – Karthik R Jun 29 '18 at 08:38
  • @KarthikR i tried the direct url and didn't work. its showing `Full authentication is required to access this resource` – Dzshean Jun 29 '18 at 08:41
  • Did you add any custom `WebMvcConfigurerAdapter` ? If so can you remove and try ? – Karthik R Jun 29 '18 at 08:46
  • I cant remove custom `WebMvcConfigurerAdapter` because i need to `map` login and `authorize` views with controllers – Dzshean Jun 29 '18 at 08:54

1 Answers1

2

Add the following:

.antMatchers("/assets/**").permitAll()

So in this way you are allowing all request for any request thst match /assets/** ( so all the possibilities that you need)

Hope this helps

daN
  • 101
  • 5
  • I tried this before and didn't work for me. still chrome inspect showing `Refused to apply style from 'http://server:port/app/assets/bootstrap/css/bootstrap.min.css' because its MIME type ('application/json') is not a supported stylesheet MIME type, and strict MIME checking is enabled.` – Dzshean Jun 29 '18 at 08:35
  • This is another problem, set the type to CSS on the declaration of the bootstrap file ... read the error: because its MIME type ('application/json') is not a supported stylesheet MIME type, and strict MIME checking is enabled. set like this:type="text/css" – daN Jun 29 '18 at 08:41
  • Also i tried to access resource from direct url and didn't work. its showing `Full authentication is required to access this resource` – Dzshean Jun 29 '18 at 08:43
  • .. and if you dont change your current LoginConfig.class you won't never access to /assetts – daN Jun 29 '18 at 08:49