java


Authorization of access to resources with spring security and Angularjs


I made permission to access resources in spring security as shown in this code: "The user authentication is then from the DB"
#Configuration
#EnableWebSecurity
public class WebSecurityConfig extends WebSecurityConfigurerAdapter{
#Autowired
protected void globalConfig(AuthenticationManagerBuilder auth, DataSource dataSource) throws Exception {
//auth.inMemoryAuthentication().withUser("user").password("123").roles("USER");
auth.jdbcAuthentication()
.dataSource(dataSource)
.usersByUsernameQuery("select username as principal, password as credentials, etat as actived from utilisateurs where username=?")
.authoritiesByUsernameQuery("select u.username as principal, ur.nom_role as role from utilisateurs u inner join roles ur on(u.roles_id=ur.id_role) where u.username=?")
.rolePrefix("ROLE_");
}
protected void configure(HttpSecurity http) throws Exception {
http
.csrf().disable()
.sessionManagement().maximumSessions(100).maxSessionsPreventsLogin(false).expiredUrl("/Login");
http
.authorizeRequests()
.antMatchers("/AppJS/**","/images/**","/pdf/**","/Template/**","/Views/**","/MainApp.js").permitAll()
.antMatchers("/Users/**").access("hasRole('ADMIN')")
.antMatchers("/Dashbord/**").access("hasRole('ADMIN')")
.antMatchers("/Login*").anonymous()
.anyRequest().authenticated()
.and()
.formLogin().loginPage("/Login").permitAll()
.defaultSuccessUrl("/home")
.failureUrl("/Login?error=true")
.and().exceptionHandling().accessDeniedPage("/Access_Denied")
.and()
.logout()
.invalidateHttpSession(true)
.clearAuthentication(true)
.logoutUrl("/logout")
.permitAll()
.logoutSuccessUrl("/Login");
}
}
Subsequently, I specified the views for each URL:
#Configuration
public class MvcConfig extends WebMvcConfigurerAdapter{
#Override
public void addViewControllers(ViewControllerRegistry registry) {
registry.addViewController("/Login").setViewName("Login");
registry.addViewController("/Dashbord").setViewName("home");
registry.addViewController("/logout").setViewName("Login");
registry.addViewController("/Users").setViewName("Views/ListUsers");
}
}
I used the angularJS routeProvider to keep track of URLs:
var app = angular.module('Mainapp', ['ngRoute','file-model','ui.bootstrap','ngMessages']);
app.config(function($routeProvider) {
$routeProvider
.when('/Users', {
controller:'UsersController',
templateUrl: 'Views/ListUsers'
})
.when('/Dashbord', {
controller: 'ResultController',
templateUrl: 'Views/home.html'
});
});
My problem is how to make the link of the access authorization that I
defined in spring security with the URLs of angularjs ($
routeProvider)
Thank you,
and Have a good day,
You could try enable html5mode, to get this
AngularJS: http://localhost:8080/Users
app.config(function($routeProvider, $locationProvider) {
$routeProvider
.when('/Users', {
controller:'UsersController',
templateUrl: 'Views/ListUsers'
})
.when('/Dashbord', {
controller: 'ResultController',
templateUrl: 'Views/home.html'
});
$locationProvider.html5Mode(true)
});
I am not sure this will meets your requirement but yes i have already did before with the use of ngPermission. Before that you need list of the roles to set in your route.
.state('view1', {
templateUrl: 'view1/view1.html',
controller: 'View1Ctrl',
resolve: {
authorization: ["ngPermissionService", function (ngPermissionService) {
//you need to call webserivce at this level for get all user's permissions and return it.
return ngPermissionService.role(["admin"])
}]
}
});
For more details click here

Related Links

Why getItem(position) works with a new instance? (should not be zero?)
Getting an empty JavaScript Array in Java (Selenium test)
Java 8 Lambdas - equivalent of c# OfType
log4j:ERROR setFile(null,true) call failed. java.io.FileNotFoundException: log.txt (Permission denied)
Web socket chat and EJB services
Where does my logging go?
getType() method not found in antlr4
Java 8 fill array with supplier
Left joins on the same table
Reading json from java application with python
ActiveMQ Broker RedeliveryPlugin Message Storage
Iterating through ArrayList with JSP EL
How to migrate a database along with a java application
What happens if I remove the super constructor call from class file?
Using accelerometer code in a separate class
Max number from arrays in java

Categories

HOME
compiler-construction
keycloak
image-processing
reserved
filtering
youtube-api-v3
c#-2.0
ip
callback
cross-browser
uber-api
tomcat6
collectd
dynamics-crm-online
jsdoc
contextmenu
openedx
google-pagespeed
mps
facebook-instant-articles
wkwebview
google-search-api
captiveportal
php-openssl
xpages-ssjs
django-storage
facebook-access-token
kannel
compatibility
directx-10
calibre
subset-sum
y86
wixsharp
disassembling
qwerty
libraries
dynamics-crm-2013
uft-api
hp-ux
reportingservices-2005
glew
heightmap
jsch
avconv
qsslsocket
python-c-api
nodebb
crypt
flow-control
dwscript
redundancy
mediaelement
azure-sdk
libpng
ado.net-entity-data-model
measures
django-debug-toolbar
storekit
pagedlist
wso2cloud
pundit
e10s
nstableviewcell
nsbutton
wordpress-theme-customize
issuu
has-many-through
jubula
stxxl
intentservice
xsockets.net
ril
spring-validator
limejs
trusted
bluepill
ticoredatasync
wse3.0
netdna-api
mercurial-server
zpt
blackberry-playbook
ecl
datareader
ctp4
noscript
thread-local-storage

Resources

Mobile Apps Dev
Database Users
javascript
java
csharp
php
android
MS Developer
developer works
python
ios
c
html
jquery
RDBMS discuss
Cloud Virtualization
Database Dev&Adm
javascript
java
csharp
php
python
android
jquery
ruby
ios
html
Mobile App
Mobile App
Mobile App