Spring Security 如果我打开身份验证,外部CSS文件不起作用

polhcujo  于 2023-01-26  发布在  Spring
关注(0)|答案(1)|浏览(178)

外部CSS文件不工作,如果我打开与Spring Security的身份验证.

@EnableWebSecurity
@Configuration
class SecurityConfig {

    @Bean
    fun security(http:HttpSecurity):SecurityFilterChain{
        http
            .formLogin()
                .loginPage("/")
                .failureUrl("/")
                .and()
            .logout()
                .logoutSuccessUrl("/")
                .and()
            .authorizeHttpRequests()
                .requestMatchers("/","/about_us").permitAll()
                .anyRequest().authenticated()
        return http.build();
    }
}
<!DOCTYPE html>
<html xmlns:th="http://www.thymeleaf.org">
<head>
  <meta charset="UTF-8">
  <title>BigBroHelp</title>
  <link rel="stylesheet" type="text/css" href="../../static/css/final_form.css">
  <link th:href="@{/css/start_page/final_form.css}" rel="stylesheet">
  <link th:href="@{https://fonts.googleapis.com/css2?family=Jost:wght@500&display=swap}" rel="stylesheet">
  <link th:href="@{/img/ответы_нейро_бошка.png}" rel="icon" type="image/png" style="width: 1000px">
  <script th:src="@{/js/start_page/validation_counter.js}"></script>
  
</head>
<body id="body">

<div class="main">
  <input type="checkbox" id="chk" aria-hidden="true">

  <div class="signup">
    <form>
      <label for="chk" aria-hidden="true" id="reg_label">Регистрация</label>
      <p id="count">0</p>
      <input type="text" name="txt" placeholder="Логин" required="" id="reg_input_login" onclick="count()">
<!--      <input type="email" name="email" placeholder="Почта" required="">-->
      <input type="password" name="pswd" placeholder="Пароль" required="">
      <button onclick="count()">Зарегистрироваться</button>
    </form>
  </div>

  <div class="login">
    <form>
      <label for="chk" aria-hidden="true">Войти</label>
      <input type="email" name="email" placeholder="Логин" required="">
      <input type="password" name="pswd" placeholder="Пароль" required="">
      <button>Войти</button>
    </form>
  </div>
</div>

<div class="bigBro">
  <div class="modal">
    <h1>
      Big Bro Help<br>
    </h1>

    <a class="btn" id="about_us" th:href="@{/about_us}">О проекте </a><br>

  </div>
</div>

</body>
</html>
@EnableWebSecurity
@Configuration
class SecurityConfig {

    @Bean
    fun security(http:HttpSecurity):SecurityFilterChain{
        http
            .authorizeHttpRequests()
                .anyRequest().permitAll()
        return http.build();
    }
}

如果我允许任何请求,那么一个外部的CSS文件就可以工作。但是如果我打开auth,css文件就不能工作。

  • Spring启动版本3.0.2(Spring安全性6.0.1)
  • 百里香版本3.1.1

spring-security

1条答案

按热度按时间
1u4esq0p

1u4esq0p1#

确保Spring Security不要求对CSS进行身份验证,如下所示:

@Bean
    fun security(http:HttpSecurity):SecurityFilterChain{
        http
            .formLogin()
                .loginPage("/")
                .failureUrl("/")
                .and()
            .logout()
                .logoutSuccessUrl("/")
                .and()
            .authorizeHttpRequests()
                .requestMatchers("/","/about_us").permitAll()
                .requestMatchers(PathRequest.toStaticResources().atCommonLocations()).permitAll()
                .anyRequest().authenticated()
        return http.build();
    }

请注意添加的这一行:

.requestMatchers(PathRequest.toStaticResources().atCommonLocations()).permitAll()
赞(0)分享  回复(0)举报  2023-01-26
我来回答

相关问题

    查看更多

    热门标签

    更多
    JavaquerypythonNode开发语言requestUtil数据库Table后端算法LoggerMessageElementParser

    最新问答

    更多
    • 蜀ICP备13028337号-1 大数据知识库 https://www.saoniuhuo.com © All rights reserved
    • 本站内容来源互联网,如果侵犯您的权益请联系我们删除, 联系方式:448109455@qq.com