@Configuration
@EnableWebSecurity
public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
@Override
protected void configure(HttpSecurity http) throws Exception {
http
.authorizeRequests()
.antMatchers("/", "/home").permitAll()
.anyRequest().authenticated()
.and()
.formLogin()
.loginPage("/login")
.permitAll()
.and()
.logout()
.permitAll();
}
@Autowired
public void configureGlobal(AuthenticationManagerBuilder auth) throws Exception {
auth
.inMemoryAuthentication()
.withUser("user").password("password").roles("USER");
}
}
我的js文件:春删除不工作
$scope.del = function (record) {
if (confirm('Do you really want to delete?')){
$http['delete']('/camera/list/' + record.filename).then(function() {
$scope.records.splice($scope.records.indexOf(record), 1);
});
}
};
我删除控制器:
@RequestMapping(value = "/list/{fn}", method = RequestMethod.DELETE, produces = MediaType.APPLICATION_JSON_VALUE)
public ResponseEntity<Record> deleteUser(@PathVariable("fn") String filename) {
System.out.println("Fetching & Deleting data " + filename);
Record user1 = rep.findByfilename(filename);
if (user1 == null) {
System.out.println("Unable to delete." + filename + " not found");
return new ResponseEntity<Record>(HttpStatus.NOT_FOUND);
}
rep.deleteByfilename(filename);
return new ResponseEntity<Record>(HttpStatus.NO_CONTENT);
}
}
我的仓库:
public interface RecordRepository extends MongoRepository<Record, String> {
@Query("{ 'filename' : ?0 }")
Record findByfilename(String filename);
long deleteByfilename(String filename);
}
当我点击删除按钮,它显示我这个错误:
DELETE
XHR
http://localhost:8086/camera/list/2fb1a2e020285cd91dc68a4fa7822151 [HTTP/1.1 403 Forbidden 14ms]
任何人都知道什么是错误?起初我的删除工作,但当我使用弹簧安全我的删除不起作用。
告诉我们你的春季安全访问设置。 – MaVVamaldo
访问设置在哪里?对不起,我使用弹簧安全后,我的删除可以工作,删除不能工作。 –
如果你根本不知道弹簧安全,我建议你在使用它之前先查看基本教程。最后,它有一个配置xml文件(可能它也可以注释配置),你可以把你的安全声明。看[这里](http://www.mkyong.com/tutorials/spring-security-tutorials/)和[这里](https://dzone.com/refcardz/expression-based-authorization)。我的猜测是,您应该为与该URL关联的DELETE谓词输入授权规则。看到我指出了解如何的链接。 – MaVVamaldo