AngularJS and Spring Security. How to handle AngularJS Urls with Spring Security -


let me explain problem. have implemented site in angularjs accessed this:

http://localhost:8080/example/resources/#/

here can call different pages, example login page:

http://localhost:8080/example/resources/#/login

admin page:

http://localhost:8080/example/resources/#/admin

user page:

http://localhost:8080/example/resources/#/user

now, have implemented spring security in example in order catch every call , check if has role_user privileges. far good, have done configuration in spring security context file:

<security:http create-session="stateless" entry-point-ref="restauthenticationentrypoint"  authentication-manager-ref="authenticationmanager">      <security:custom-filter ref="customrestfilter" position="basic_auth_filter" />      <security:intercept-url pattern="/**" access="role_user" />        </security:http>

this configuration checks every url called, if user has proper roles, , works fine, throws 401 unauthorized page.

the problem i`m having when put login page accessed i'll way:

<security:http create-session="stateless" entry-point-ref="restauthenticationentrypoint"  authentication-manager-ref="authenticationmanager">      <security:custom-filter ref="customrestfilter" position="basic_auth_filter" />       <security:intercept-url pattern="/login**" access="role_anonymous" />       <security:intercept-url pattern="/**" access="role_user" />        </security:http>

but dont know why spring security not catching url. maybe angular manages url differently.

finally have tried deleting <security:intercept-url pattern="/**" access="role_user" /> , giving /login** access role_user only, page not found. know happening here?

thanks in advance!!!

i wrote little sample application illustrates how integrate angularjs spring security exposing session id http header (x-auth-token). sample provides (simple) authorization (returning roles server) client angularjs application can react that. of course user-experience (ux) purposes. make sure rest endpoints have property security.

my blog post on here.


Comments

Post a Comment

Popular posts from this blog

php - Calling a template part from a post -

i include iframe within post in wordpress. located inside content of post, meaning cannot in post template file, otherwise either before or after. i'd add facebook plugin within posts: <div id="socialwrap"><div class="fb-like" data-href="http://onlinearizonahomes.info" data-send="true" data-width="450" data-show-faces="true" data-font="arial"></div></div> i thinking of calling template part within post <?php get_template_part( 'social' ); ?> cannot use php within post without plugin (i'd avoid using plugin this). an alternative using javascript create html in post, seems unnecessary use of javascript. what best way add html within wordpress post? you can use shortcode. add functions.php function cudjex_fbshare( $atts, $content = null ) { global $post; $link = get_permalink($post->id); return '<div id="socialwrap...
Read more

Firefox SVG shape not printing when it has stroke -

Image
i having issue svg shapes have stroke , trying them print in firefox. this simplest example: <svg xmlns="http://www.w3.org/2000/svg" version="1.1" xmlns:xlink="http://www.w3.org/1999/xlink"> <rect x="0" y="0" rx="15" ry="15" width="300" height="400" style="stroke:black;stroke-width:5;" fill="black" /> <circle id="firstcircle" cx="50" cy="50" r="30" stroke="black" stroke-width="2" fill="white" style="opacity:0.75;"/> <circle id="secondcircle" cx="50" cy="150" r="30" fill="white" style="opacity:0.75;"/> </svg> when try , print first shape 1 of 2 things: it not show @ all it shows off center in bounding box. the second shape no stroke shows expected, expected. when displaying on scre...
Read more

How to mention the localhost in android -

i trying call localhost in android application. unfortunately not possible used several methods emulator local host http://10.0.2.2/android/dbconnection.php and network ip address http://192.168.1.xx/android/dbconnection.php also http://localhost:8080/android/dbconnection.php but nothing connected localhost. purpose refer stackoverflow answers not working i facing same problem when worked on localhost. referred stackoverflow answer got solution create new emulator works fine in new emulator.
Read more