java springboot+angular2部署

1 周，2 日 Questions & Answers 886

我正在尝试将带有angular 2代码的spring boot部署到war包中

我的springboot代码包含JWT Spring安全性

问题是当我集成并在tomcat服务器中运行时。我得到：

Whitelabel Error Page This application has no explicit mapping for /error, so you are seeing this as a fallback.

Thu Mar 01 18:26:53 IST 2018 There was an unexpected error (type=Not Found, status=404). No message available

但是，如果我删除我的spring安全性并将两者集成在一起，那么它就可以正常工作

我不知道SpringJWT安全性有什么问题，所以如果有人知道这个问题，请帮助我解决

网络安全：

package com.boot.hms.security;

import org.springframework.boot.web.servlet.FilterRegistrationBean;
import org.springframework.context.annotation.Bean;
import org.springframework.http.HttpMethod;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.config.http.SessionCreationPolicy;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
import org.springframework.web.bind.annotation.CrossOrigin;
import org.springframework.web.cors.CorsConfiguration;
import org.springframework.web.cors.CorsConfigurationSource;
import org.springframework.web.cors.UrlBasedCorsConfigurationSource;
import org.springframework.web.filter.CorsFilter;
import org.springframework.web.servlet.config.annotation.CorsRegistry;
import org.springframework.web.servlet.config.annotation.WebMvcConfigurer;
import org.springframework.web.servlet.config.annotation.WebMvcConfigurerAdapter;
@CrossOrigin
@EnableWebSecurity
public class WebSecurity extends WebSecurityConfigurerAdapter {
    private UserDetailsService userDetailsService;
    private BCryptPasswordEncoder bCryptPasswordEncoder;

    public WebSecurity(UserDetailsService userDetailsService, BCryptPasswordEncoder bCryptPasswordEncoder) {
        this.userDetailsService = userDetailsService;
        this.bCryptPasswordEncoder = bCryptPasswordEncoder;
    }

    @Override
    protected void configure(HttpSecurity http) throws Exception {

        AuthenticationFilter authenticationFilter = new AuthenticationFilter(authenticationManager());
        authenticationFilter.setFilterProcessesUrl("/hms/auth");

        http .cors().and().csrf().disable().authorizeRequests().antMatchers("/hms/fetchmeta/*", "/hms/registration/*").permitAll()
        .anyRequest().authenticated().and().addFilter(authenticationFilter)
                .addFilter(new AuthorizationFilter(authenticationManager()))
                // this disables session creation on Spring Security
                .sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS);


        System.out.println("<....Web Security......>");
    }

    @Override
    public void configure(AuthenticationManagerBuilder auth) throws Exception {
        auth.userDetailsService(userDetailsService).passwordEncoder(bCryptPasswordEncoder);
    }   

    @Bean
        CorsConfigurationSource corsConfigurationSource() {
            final UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource();
            source.registerCorsConfiguration("/**", new CorsConfiguration().applyPermitDefaultValues());
            return source;
        } 

}

POM XML:

<?xml version="1.0" encoding="UTF-8"?>
<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
    xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
    <modelVersion>4.0.0</modelVersion>
    <groupId>com.boot</groupId>
    <artifactId>hms</artifactId>
    <version>1</version>
    <packaging>war</packaging>

    <name>version</name>

    <description>Hospital Management System</description>

    <parent>
        <groupId>org.springframework.boot</groupId>
        <artifactId>spring-boot-starter-parent</artifactId>
        <version>1.5.10.RELEASE</version>
        <relativePath/> 
    </parent>


    <properties>
        <project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
        <project.reporting.outputEncoding>UTF-8</project.reporting.outputEncoding>
        <java.version>1.8</java.version>
        <start-class>com.programmer.gate.HmsApplication</start-class>
    </properties>



    <dependencies>
        <dependency>
            <groupId>org.springframework.boot</groupId>
            <artifactId>spring-boot-starter-data-jpa</artifactId>
        </dependency>
        <dependency>
            <groupId>org.springframework.boot</groupId>
            <artifactId>spring-boot-starter-mail</artifactId>
        </dependency>
        <dependency>
            <groupId>org.springframework.boot</groupId>
            <artifactId>spring-boot-starter-security</artifactId>
        </dependency>
        <dependency>
            <groupId>org.springframework.boot</groupId>
            <artifactId>spring-boot-starter-web</artifactId>
        </dependency>

        <dependency>
            <groupId>org.springframework.boot</groupId>
            <artifactId>spring-boot-starter-test</artifactId>
            <scope>test</scope>
        </dependency>
        <dependency>
            <groupId>org.springframework.security</groupId>
            <artifactId>spring-security-test</artifactId>
            <scope>test</scope>
        </dependency>
        <dependency>
            <groupId>org.projectlombok</groupId>
            <artifactId>lombok</artifactId>         
            <scope>provided</scope>
        </dependency>
        <dependency>
            <groupId>io.jsonwebtoken</groupId>
            <artifactId>jjwt</artifactId>
            <version>0.2</version>
        </dependency>
        <dependency>
            <groupId>org.springframework.boot</groupId>
            <artifactId>spring-boot-starter-jersey</artifactId>
        </dependency>
        <dependency>
            <groupId>mysql</groupId>
            <artifactId>mysql-connector-java</artifactId>
        </dependency>
        <dependency>
            <groupId>org.springframework.boot</groupId>
            <artifactId>spring-boot-starter-tomcat</artifactId>
            <scope>provided</scope>
        </dependency>
    </dependencies>

    <build>
        <plugins>
            <plugin>
                <groupId>org.springframework.boot</groupId>
                <artifactId>spring-boot-maven-plugin</artifactId>
            </plugin>
            <plugin>
                <artifactId>maven-war-plugin</artifactId>
                <configuration>
                  <webResources>
                    <resource>
                      <directory>D:\hmsDeployment\dist</directory>
                    </resource>
                  </webResources>
                </configuration>
              </plugin>

        </plugins>
    </build>


</project>

主类：

package com.boot.hms;

import org.springframework.boot.SpringApplication;
import org.springframework.boot.autoconfigure.SpringBootApplication;
import org.springframework.boot.autoconfigure.jdbc.DataSourceTransactionManagerAutoConfiguration;
import org.springframework.boot.builder.SpringApplicationBuilder;
import org.springframework.boot.web.support.SpringBootServletInitializer;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.ComponentScan;
import org.springframework.context.annotation.Import;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
import org.springframework.web.bind.annotation.CrossOrigin;
import org.springframework.web.servlet.config.annotation.CorsRegistry;
import org.springframework.web.servlet.config.annotation.WebMvcConfigurer;
import org.springframework.web.servlet.config.annotation.WebMvcConfigurerAdapter;

import com.boot.hms.security.WebSecurity;

@CrossOrigin
@Import(WebSecurity.class)
@SpringBootApplication
@ComponentScan(basePackages="com.boot.hms")
public class HmsApplication extends SpringBootServletInitializer {

     @Override
        protected SpringApplicationBuilder configure(SpringApplicationBuilder application) {
            return application.sources(HmsApplication.class);
        }

    public static void main(String[] args) {
        SpringApplication.run(HmsApplication.class, args);
    }

    @Bean
    public BCryptPasswordEncoder bCryptPasswordEncoder() {
        return new BCryptPasswordEncoder();
    }   

}

属性文件：

#Database
spring.datasource.url= jdbc:mysql://192.168.12.112:3306/hms
spring.datasource.username=root
spring.datasource.password=root

#Server
#server.contextPath=/hms
#server.port = 8080
#JPA
spring.jpa.show-sql = true
spring.jpa.hibernate.ddl-auto = update
spring.jpa.properties.hibernate.dialect = org.hibernate.dialect.MySQL5Dialect
spring.autoconfigure.exclude=SecurityAutoConfiguration
#security.user.name=admin
#security.user.password=admin
security.basic.enabled=false
spring.jackson.serialization.FAIL_ON_EMPTY_BEANS=false
spring.jackson.deserialization.accept-empty-string-as-null-object=true

# 1 楼答案

解决方案

您看到此错误可能是因为您的自定义安全配置类（WebSecurity）

您没有明确声明基本url的“所有人免费”规则，/（如果Angular应用程序仍然有效！）。在这里，我假设基本url是/，如果不调整这个答案以用于您的基本真实url

因此，在您的WebSecurity中，通过更改以下内容添加提到的规则：

 //...omitted code for brevity
 http.cors().and().csrf().disable().authorizeRequests()
    .antMatchers("/hms/fetchmeta/*", "/hms/registration/*").permitAll()
//...omitted code for brevity

到

 //...omitted code for brevity
 http.cors().and().csrf().disable().authorizeRequests()
    .antMatchers("/hms/fetchmeta/*", "/hms/registration/*", "/") // < Notice here the base url added to the "free for all" rule!
    .permitAll()
//...omitted code for brevity

但是为什么会发生这种错误

正如你所说，显式错误是

Whitelabel Error Page This application has no explicit mapping for /error, so you are seeing this as a fallback. Fri Mar 02 13:38:44 IST 2018 There was an unexpected error (type=Forbidden, status=403). Access Denied

这意味着，当你试图访问Angular应用程序时（例如，从服务器的角度来看，位于基本url/），服务器会检测到你没有登录，因此会抛出一个403 Forbidden。这通常会显示在Spring启动应用程序的错误页面中。。。由于你没有这个路由的映射，/error，（你也没有src/main/resources/static/error/403.html下的文件，通常会显示这个错误），然后你会看到你给我看的这个“回退”消息

共 (1) 个答案

# 1 楼答案
解决方案

您看到此错误可能是因为您的自定义安全配置类（WebSecurity）

您没有明确声明基本url的“所有人免费”规则，/（如果Angular应用程序仍然有效！）。在这里，我假设基本url是/，如果不调整这个答案以用于您的基本真实url

因此，在您的WebSecurity中，通过更改以下内容添加提到的规则：
```
 //...omitted code for brevity
 http.cors().and().csrf().disable().authorizeRequests()
    .antMatchers("/hms/fetchmeta/*", "/hms/registration/*").permitAll()
//...omitted code for brevity
```
到
```
 //...omitted code for brevity
 http.cors().and().csrf().disable().authorizeRequests()
    .antMatchers("/hms/fetchmeta/*", "/hms/registration/*", "/") // < Notice here the base url added to the "free for all" rule!
    .permitAll()
//...omitted code for brevity
```
但是为什么会发生这种错误

正如你所说，显式错误是

Whitelabel Error Page This application has no explicit mapping for /error, so you are seeing this as a fallback. Fri Mar 02 13:38:44 IST 2018 There was an unexpected error (type=Forbidden, status=403). Access Denied

这意味着，当你试图访问Angular应用程序时（例如，从服务器的角度来看，位于基本url/），服务器会检测到你没有登录，因此会抛出一个403 Forbidden。这通常会显示在Spring启动应用程序的错误页面中。。。由于你没有这个路由的映射，/error，（你也没有src/main/resources/static/error/403.html下的文件，通常会显示这个错误），然后你会看到你给我看的这个“回退”消息

推荐

因为现在基本url /对所有人都是免费的，所以您的服务（由Spring Boot提供）应该加上类似/api或任何类似的前缀，以防止免费访问它们

参考

如果你想要一个参考，请选中这个Security Config，它正是你想要做的（它属于一个部署Spring Boot+Angular Packing as war项目的项目）

Python中文网

有 Java 编程相关的问题?

java springboot+angular2部署

共 (1) 个答案

# 1 楼答案