Angular Spring boot war deployment in tomcat is giving 401

Question

I know that this combination of technologies and issues have been asked a lot before but I am unable to proceed even after reading most of the related questions.

My set up involves an angular app served by a spring boot end point. All is well on the dev front with all requests being served up correctly. So I installed a local tomcat (tried 10 first and got nowhere with it, so went down to 9). The steps I did are

For angular dist creation

ng build --base-href=/audittool/

Copied dist contents into the my src/main/resources folder of spring boot project
Changed pom to package as war and added provided scope for tomcat, extended SpringBootServletInitializer and performed a

mvn clean install

Fired up manager-gui on my tomcat, deployed the created war (this has the same name as the base href used in the ng build step, audittoo)
War was deployed successfully

Now when I access http://localhost:8082/audittool I am getting

This application has no explicit mapping for /error, so you are seeing this as a fallback.

There was an unexpected error (type=Unauthorized, status=401).

I have done most of the steps manually (copying dist folder) as I just wanted to test my app out on a dedicated tomcat instance.

I have read enough and more on this topic and I still do not know what I am missing. I know that the 401 could be CORS, but the base href is supposed to solve that as long as the war deploy name matches, which it does. So why am I not even being served index.html, no static resource is being downloaded.

I have nothing special in my POM other than the usual stuff (and one WSDL that I use for auth)

pom.xml

<?xml version="1.0" encoding="UTF-8"?>
<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
    xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 https://maven.apache.org/xsd/maven-4.0.0.xsd">
    <modelVersion>4.0.0</modelVersion>
    <parent>
        <groupId>org.springframework.boot</groupId>
        <artifactId>spring-boot-starter-parent</artifactId>
        <version>2.4.5</version>
        <relativePath/> <!-- lookup parent from repository -->
    </parent>
    <groupId>com.abc</groupId>
    <artifactId>audittool</artifactId>
    <version>1.0</version>
    <packaging>war</packaging>
    <name>audittool</name>
    <description>spring boot project for audit tool</description>
    <properties>
        <java.version>8</java.version>
    </properties>
    <dependencies>
        <dependency>
            <groupId>org.springframework.boot</groupId>
            <artifactId>spring-boot-starter-data-jpa</artifactId>
        </dependency>
        <dependency>
            <groupId>org.springframework.boot</groupId>
            <artifactId>spring-boot-starter-web-services</artifactId>
        </dependency>
        <dependency>
            <groupId>org.springframework.boot</groupId>
            <artifactId>spring-boot-starter-jdbc</artifactId>
        </dependency>
        <dependency>
            <groupId>org.springframework.boot</groupId>
            <artifactId>spring-boot-starter-web</artifactId>
        </dependency>
        <dependency>
            <groupId>org.springframework.boot</groupId>
            <artifactId>spring-boot-starter-security</artifactId>
        </dependency>

        <dependency>
            <groupId>com.microsoft.sqlserver</groupId>
            <artifactId>mssql-jdbc</artifactId>
            <scope>runtime</scope>
        </dependency>
        <dependency>
            <groupId>io.jsonwebtoken</groupId>
            <artifactId>jjwt</artifactId>
            <version>0.9.1</version>
        </dependency>
        <dependency>
            <groupId>org.springframework.boot</groupId>
            <artifactId>spring-boot-starter-test</artifactId>
            <scope>test</scope>
        </dependency>
        <dependency>
            <groupId>org.springframework.security</groupId>
            <artifactId>spring-security-test</artifactId>
            <scope>test</scope>
        </dependency>
        <dependency>
            <groupId>org.springframework.boot</groupId>
            <artifactId>spring-boot-starter-tomcat</artifactId>
            <scope>provided</scope>
        </dependency>

    </dependencies>

    <build>
        <finalName>audittool</finalName>
        <plugins>
            <plugin>
                <groupId>org.springframework.boot</groupId>
                <artifactId>spring-boot-maven-plugin</artifactId>
            </plugin>
            <plugin>
                <groupId>org.jvnet.jaxb2.maven2</groupId>
                <artifactId>maven-jaxb2-plugin</artifactId>
                <version>0.13.2</version>
                <executions>
                    <execution>
                        <goals>
                            <goal>generate</goal>
                        </goals>
                    </execution>
                </executions>
                <configuration>
                    <generatePackage>com......soaplloginservice.gen</generatePackage>
                    <generateDirectory>${project.basedir}/src/main/java</generateDirectory>
                    <schemaDirectory>${project.basedir}/src/main/resources</schemaDirectory>
                    <schemaIncludes>
                        <include>*.wsdl</include>
                    </schemaIncludes>
                </configuration>
            </plugin>
            

        </plugins>
    </build>

</project>

When I run a postman request it goes through fine using the http://localhost:8082/audittool/ So it is only when I try to get to the angular front end that I am getting into trouble.

Any advice is most appreciated.

My SecurityConfig class is as below:

@Configuration
@EnableWebSecurity
@EnableGlobalMethodSecurity(prePostEnabled = true)
public class SecurityConfig extends WebSecurityConfigurerAdapter {


    @Autowired
    private WebServiceAuthenticationProvider authProvider;

    @Autowired
    private JWTRequestFilter jwtFilter;

    @Autowired
    private JwtAuthenticationEntryPoint jwtAuthenticationEntryPoint;

    @Override
    protected void configure(AuthenticationManagerBuilder auth) throws Exception {
        auth.authenticationProvider(authProvider);
    }
    @Bean
    public PasswordEncoder passwordEncoder(){
        return NoOpPasswordEncoder.getInstance();
    }

    @Bean(name = BeanIds.AUTHENTICATION_MANAGER)
    @Override
    public AuthenticationManager authenticationManagerBean() throws Exception {
        return super.authenticationManagerBean();
    }

protected void configure(HttpSecurity http) throws Exception {
        http.csrf().disable().cors().and().
                authorizeRequests().antMatchers("/authenticate")
                .permitAll().antMatchers(HttpMethod.OPTIONS, "/**")
                .permitAll().anyRequest().authenticated()
                .and().exceptionHandling().authenticationEntryPoint(jwtAuthenticationEntryPoint)
                .and().sessionManagement()
                .sessionCreationPolicy(SessionCreationPolicy.STATELESS);
        http.addFilterBefore(jwtFilter, UsernamePasswordAuthenticationFilter.class);
    }
}

My LoginController which is the first end point hit for authentication has the @CrossOrigin annotation. At least up until this I should be able to get through via angular right? I straightaway get the unauthorized page :(

Can someone please help me out here as to what I am missing? This is driving me nuts.

EDIT: N/W dev tools screenie

WEB-INF folder screenie

Thanks!

You have to create the folder with the name `static` and paste the file within the dist folder inside it. For `type=Unauthorized, status=401` can you check the console and network tab within Developer tools — Romil Patel, Oct 09 '21 at 17:52
Yup, I did create a folder named static and then only pasted my dist contents into that. Also console and network tab show nothing, just the 401. If my LoginController is @CrossOrigin, I should at least see the login page, even that is not getting displayed — ananth, Oct 09 '21 at 17:55
And further more, I checked the WEB-INF folder in tomcat, under classes it has the static folder with all my dist contents. I did do everything manually, so I verified when I moved stuff — ananth, Oct 09 '21 at 17:57
what endpoints you can see in-network tab when you hit `http://localhost:8082/audittool` can you share the image and any logs from spring boot application? — Romil Patel, Oct 09 '21 at 17:57
Edited the question with screen shot for both n/w and folder containing static. And as for logs, I am very sorry but since this is a WIP project, I have not implemented any logging. If you think that would help I can do some and deploy again. Sorry about that :( — ananth, Oct 09 '21 at 18:01
Can you post your full web configuration from Spring Boot? There might be issue with your angular route vs spring path. — Rana_S, Oct 09 '21 at 21:59
Edited the question with full SecurityConfig.java and yes, I am going with a single war solution containing both angular and spring boot — ananth, Oct 10 '21 at 04:44
Do you have ```resourceHandlers/viewControllers``` added anywhere? When you deploy Angular app with Spring boot, you need to configure those since you need to handle angular routes. — Rana_S, Oct 11 '21 at 02:22
Nope, can you please point me to some resources/guides on the same. Could that be causing this issue? — ananth, Oct 11 '21 at 04:51
Can you take a look into this https://stackoverflow.com/a/46854105/4355748 — Rana_S, Oct 12 '21 at 13:17

Angular Spring boot war deployment in tomcat is giving 401

0 Answers0

Linked