授權訪問資源與彈簧安全和Angularjs

Question

的我發權限訪問在彈簧安全資源如本代碼：「用戶認證是然後從DB」

@Configuration 
@EnableWebSecurity 
public class WebSecurityConfig extends WebSecurityConfigurerAdapter{ 
    @Autowired 
    protected void globalConfig(AuthenticationManagerBuilder auth, DataSource dataSource) throws Exception { 
    //auth.inMemoryAuthentication().withUser("user").password("123").roles("USER"); 
     auth.jdbcAuthentication() 
      .dataSource(dataSource) 
      .usersByUsernameQuery("select username as principal, password as credentials, etat as actived from utilisateurs where username=?") 
      .authoritiesByUsernameQuery("select u.username as principal, ur.nom_role as role from utilisateurs u inner join roles ur on(u.roles_id=ur.id_role) where u.username=?") 
      .rolePrefix("ROLE_"); 
    } 

protected void configure(HttpSecurity http) throws Exception { 
      http 
     .csrf().disable() 
      .sessionManagement().maximumSessions(100).maxSessionsPreventsLogin(false).expiredUrl("/Login"); 
      http 
      .authorizeRequests() 
      .antMatchers("/AppJS/**","/images/**","/pdf/**","/Template/**","/Views/**","/MainApp.js").permitAll() 
      .antMatchers("/Users/**").access("hasRole('ADMIN')") 
      .antMatchers("/Dashbord/**").access("hasRole('ADMIN')") 
      .antMatchers("/Login*").anonymous() 
      .anyRequest().authenticated() 
      .and() 
     .formLogin().loginPage("/Login").permitAll() 
      .defaultSuccessUrl("/home") 
      .failureUrl("/Login?error=true") 
      .and().exceptionHandling().accessDeniedPage("/Access_Denied") 
      .and() 
     .logout() 
      .invalidateHttpSession(true) 
      .clearAuthentication(true) 
      .logoutUrl("/logout") 
      .permitAll() 
      .logoutSuccessUrl("/Login"); 


    } 

} 

隨後，我所指定的意見對每個URL：

@Configuration 
public class MvcConfig extends WebMvcConfigurerAdapter{ 
    @Override 
    public void addViewControllers(ViewControllerRegistry registry) { 
     registry.addViewController("/Login").setViewName("Login"); 
     registry.addViewController("/Dashbord").setViewName("home"); 
     registry.addViewController("/logout").setViewName("Login"); 
     registry.addViewController("/Users").setViewName("Views/ListUsers"); 
    } 
} 

我用angularJS routeProvider保持網址跟蹤：

var app = angular.module('Mainapp', ['ngRoute','file-model','ui.bootstrap','ngMessages']); 
app.config(function($routeProvider) { 
    $routeProvider 
     .when('/Users', { 
       controller:'UsersController', 
       templateUrl: 'Views/ListUsers' 
     })  
     .when('/Dashbord', { 
       controller: 'ResultController', 
      templateUrl: 'Views/home.html' 
     }); 
}); 

我的問題是如何讓我 春季安全與angularjs的網址（$ routeProvider）

謝謝 和有一個好的一天，

定義的訪問權限的鏈接

Answer 1

你可以嘗試讓html5mode，得到這個

AngularJS: http://localhost:8080/Users

app.config(function($routeProvider, $locationProvider) { 
    $routeProvider 
    .when('/Users', { 
      controller:'UsersController', 
      templateUrl: 'Views/ListUsers' 
    })  
    .when('/Dashbord', { 
      controller: 'ResultController', 
     templateUrl: 'Views/home.html' 
    }); 

    $locationProvider.html5Mode(true) 
}); 

Answer 2

我不確定這會符合您的要求，但是我已經使用過ngPermission。在此之前，您需要在您的路線中設置角色列表。

.state('view1', { 
     templateUrl: 'view1/view1.html', 
     controller: 'View1Ctrl', 
     resolve: { 
      authorization: ["ngPermissionService", function (ngPermissionService) { 

       //you need to call webserivce at this level for get all user's permissions and return it. 

       return ngPermissionService.role(["admin"]) 

      }] 
     } 
    }); 

詳情click here