spring boot 安全静态资源 [英] spring boot security static resources
本文介绍了spring boot 安全静态资源的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!
问题描述
我在 Spring Boot、Spring Security 和 Thymeleaf 中编写应用程序,并尝试访问我的静态资源文件...
I write app in Spring Boot, Spring Security with Thymeleaf and I try to get access my static resource file...
这是我的项目结构...
This is my project structure...
.
├── mvnw
├── mvnw.cmd
├── nb-configuration.xml
├── pom.xml
├── src
│ ├── main
│ │ ├── java
│ │ │ └── com
│ │ ├── resources
│ │ │ ├── application.properties
│ │ │ ├── static
| | | | |---------------------------------this is image.jpg
│ │ │ ├── templates
│ │ │ └── ValidationMessages.properties
│ │ └── wro
│ │ ├── css
│ │ ├── fonts
│ │ ├── js
│ │ ├── scss
│ │ ├── wro.properties
│ │ └── wro.xml
│ └── test
│ └── java
│ └── com
我在 templates/index.html 中有 HTML 文件,我尝试使用标签
I have HTML file in templates/index.html where i try use tag
<img src="/praca.jpg" alt="sd"/>
为什么我总是收到 404 错误?我哪里做错了??
Why I always get 404 error ? Where I do something wrong ??
我的通用初始化类:
@SpringBootApplication
public class Application extends WebMvcConfigurerAdapter {
public static void main(String[] args) {
SpringApplication.run(InzynierkaApplication.class, args);
}
}
我的安全类:
@Configuration
public class SecurityConfiguration extends WebSecurityConfigurerAdapter {
@Autowired
private UserAuthenticationDetails userAuthenticationDetails;
@Override
protected void configure(AuthenticationManagerBuilder auth) throws Exception {
auth.userDetailsService(userAuthenticationDetails);
auth.authenticationProvider(authenticationProvider());
}
@Bean
public PasswordEncoder passwordEncoder() {
return new BCryptPasswordEncoder();
}
@Bean
public DaoAuthenticationProvider authenticationProvider() {
DaoAuthenticationProvider authenticationProvider = new DaoAuthenticationProvider();
authenticationProvider.setUserDetailsService(userAuthenticationDetails);
authenticationProvider.setPasswordEncoder(passwordEncoder());
return authenticationProvider;
}
@Override
protected void configure(HttpSecurity http) throws Exception {
http.csrf().disable()
.authorizeRequests()
.antMatchers("/","/login").permitAll()
.anyRequest().authenticated()
.and()
.formLogin()
.loginPage("/login")
.usernameParameter("username")
.passwordParameter("password")
.defaultSuccessUrl("/",true)
.and()
.logout()
.logoutRequestMatcher(new AntPathRequestMatcher("/logout"))
.logoutUrl("/logout")
.logoutSuccessUrl("/login?logout")
.invalidateHttpSession(true);
}
}
推荐答案
在你的模板中你需要使用 thymeleaf 格式来自动添加上下文.使用这个:
In your template you need to use the thymeleaf format to add automatically the context by yourself. Use this:
<img th:src="@{/praca.jpg}" alt="sd"/>
/praca.jpg
应该是静态或公共文件夹中图像的完整路径
should be the full path to the image from the static or public folder
这篇关于spring boot 安全静态资源的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
查看全文
