1
我的应用程序的哲学来自于这个article。根据它,我所进行的配置类别:GWT + Spring Security获取403错误
@Configuration
public class SpringForGwtConfig {
@Bean
public HandlerMapping simpleUrlHandlerMapping() {
SimpleUrlHandlerMapping simpleUrlHandlerMapping = new SimpleUrlHandlerMapping();
Map<String, Controller> map = new HashMap<>();
map.put("/notes/notes.rpc", notesGwtController());
simpleUrlHandlerMapping.setUrlMap(map);
return simpleUrlHandlerMapping;
}
@Bean
public ServletRegistrationBean gwtServlet() {
return new ServletRegistrationBean(notesGwtController(), "/notes/notes.rpc");
}
@Bean
public NotesGwtController notesGwtController() {
NotesGwtController notesGwtController = new NotesGwtController();
notesGwtController.setRemoteService(notesService());
return notesGwtController;
}
@Bean
public NotesGwtService notesService() {
return new NotesGwtServiceImpl();
}
}
以及使用控制器(我希望如此),用于编码和解码的请求(从)弹簧调度的servlet“策略”图案。
public class NotesGwtController extends RemoteServiceServlet implements Controller, ServletContextAware {
private ServletContext servletContext;
private RemoteService remoteService;
private Class remoteServiceClass;
@Override
public ModelAndView handleRequest(HttpServletRequest request, HttpServletResponse response) throws Exception {
super.doPost(request, response);
return null;
}
@Override
public String processCall(String payload) throws SerializationException {
try {
RPCRequest rpcRequest = RPC.decodeRequest(payload, this.remoteServiceClass);
// delegate work to the spring injected service
return RPC.invokeAndEncodeResponse(this.remoteService, rpcRequest.getMethod(), rpcRequest.getParameters());
} catch (IncompatibleRemoteServiceException exception) {
getServletContext()
.log(
"An IncompatibleRemoteServiceException was thrown while processing this call.",
exception
);
return RPC.encodeResponseForFailure(null, exception);
}
}
@Override
public ServletContext getServletContext() {
return servletContext;
}
@Override
public void setServletContext(ServletContext servletContext) {
this.servletContext = servletContext;
}
public void setRemoteService(RemoteService remoteService) {
this.remoteService = remoteService;
this.remoteServiceClass = this.remoteService.getClass();
}
}
所以我有安全控制器,它映射( “/笔记”),并使其(感谢thymeleaf)为localhost:8080/notes.html。并返回页面。这个很酷。但是当我在浏览器中打开控制台时,它包含此错误: POST http://localhost:8080/notes/notes/notes.rpc 403() 此错误does not让我做gwt RPC服务的异步请求。
在我的安全配置,我添加映射:
http
.authorizeRequests()
.antMatchers("/").access("hasRole('ROLE_USER') or hasRole('ROLE_ADMIN')")
.antMatchers("/api/**").access("hasRole('ROLE_ADMIN')")
.antMatchers("/notes").authenticated()
.antMatchers("/notes/notes.rpc").anonymous()
但错误没有消失。所以问题是“为什么?”和“可能”我的“哲学不太好?”