0
@Configuration
@EnableWebSecurity
public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
@Override
protected void configure(HttpSecurity http) throws Exception {
http
.authorizeRequests()
.antMatchers("/", "/home").permitAll()
.anyRequest().authenticated()
.and()
.formLogin()
.loginPage("/login")
.permitAll()
.and()
.logout()
.permitAll();
}
@Autowired
public void configureGlobal(AuthenticationManagerBuilder auth) throws Exception {
auth
.inMemoryAuthentication()
.withUser("user").password("password").roles("USER");
}
}
我的js文件:春刪除不工作
$scope.del = function (record) {
if (confirm('Do you really want to delete?')){
$http['delete']('/camera/list/' + record.filename).then(function() {
$scope.records.splice($scope.records.indexOf(record), 1);
});
}
};
我刪除控制器:
@RequestMapping(value = "/list/{fn}", method = RequestMethod.DELETE, produces = MediaType.APPLICATION_JSON_VALUE)
public ResponseEntity<Record> deleteUser(@PathVariable("fn") String filename) {
System.out.println("Fetching & Deleting data " + filename);
Record user1 = rep.findByfilename(filename);
if (user1 == null) {
System.out.println("Unable to delete." + filename + " not found");
return new ResponseEntity<Record>(HttpStatus.NOT_FOUND);
}
rep.deleteByfilename(filename);
return new ResponseEntity<Record>(HttpStatus.NO_CONTENT);
}
}
我的倉庫:
public interface RecordRepository extends MongoRepository<Record, String> {
@Query("{ 'filename' : ?0 }")
Record findByfilename(String filename);
long deleteByfilename(String filename);
}
當我點擊刪除按鈕,它顯示我這個錯誤:
DELETE
XHR
http://localhost:8086/camera/list/2fb1a2e020285cd91dc68a4fa7822151 [HTTP/1.1 403 Forbidden 14ms]
任何人都知道什麼是錯誤?起初我的刪除工作,但當我使用彈簧安全我的刪除不起作用。
告訴我們你的春季安全訪問設置。 – MaVVamaldo
訪問設置在哪裏?對不起,我使用彈簧安全後,我的刪除可以工作,刪除不能工作。 –
如果你根本不知道彈簧安全,我建議你在使用它之前先查看基本教程。最後,它有一個配置xml文件(可能它也可以註釋配置),你可以把你的安全聲明。看[這裏](http://www.mkyong.com/tutorials/spring-security-tutorials/)和[這裏](https://dzone.com/refcardz/expression-based-authorization)。我的猜測是,您應該爲與該URL關聯的DELETE謂詞輸入授權規則。看到我指出瞭解如何的鏈接。 – MaVVamaldo