@H_502_1@我正在使用
Spring Security和Bootstrap在我的HTML文件(百里香模板)中构建一个Spring MVC应用程序. Spring Security部分基于Spring Guide
for Spring Security,并结合了Spring引导应用程序服务器.
启用Spring Security后,引导程序css文件将不会加载错误消息:
Refused to execute script from 'http://localhost:8080/js/bootstrap.min.js' because its MIME type ('text/html') is not executable,and strict MIME type checking is enabled.
上面的错误信息来自chrome开发者控制台.
我试过的
>禁用Spring Security
=> bootstrap css再次工作,但我需要安全
>在春季论坛上搜索,但是没有解决方案的循环链接
>添加资源处理程序,但我看不到处理程序被调用,也不会消失错误
>将资源路径添加到permit调用
我的目录结构:
/main |-> /java | BootStart.java |-> /security |SecurityConfiguration.java |-> /resources |-> /static |-> /css /** bootstrap location */ |-> /js |-> /fonts |-> /templates | /user | sample.html
BootStart.java是由Spring Boot拾取的java文件.
BootStart.java:
@EnableAutoConfiguration @ComponentScan public class BootStart { public static void main(String[] args) { SpringApplication.run(BootStart.class,args); } }
SecurityConfiguration.java:
@Configuration @EnableWebSecurity public class SecurityConfiguration extends WebSecurityConfigurerAdapter { @Override protected void configure(HttpSecurity http) throws Exception { http .formLogin() .loginPage("/login") .permitAll() .and() .logout() .permitAll(); http .authorizeRequests() .antMatchers("/","/resources/static/**").permitAll() .anyRequest().authenticated(); } @Override protected void configure(AuthenticationManagerBuilder auth) throws Exception { auth .inMemoryAuthentication() .withUser("user").password("password").roles("USER"); } }
Sample.html:
<!DOCTYPE HTML> <html> <head> <link rel="stylesheet" th:href="@{/css/bootstrap.css}" href="../../css/bootstrap.min.css"/> <link rel="stylesheet" th:href="@{/css/bootstrap-theme.css}" href="../../css/bootstrap-theme.min.css"/> <title></title> <Meta http-equiv="Content-Type" content="text/html; charset=UTF-8"/> </head> <body> <div class="alert alert-danger" role="alert">!Basic template!</div> <script src="https://ajax.googleapis.com/ajax/libs/jquery/1.11.1/jquery.min.js"></script> <script src="js/bootstrap.min.js"></script> </body> </html>
目前我在我的pom中使用以下依赖项:
<dependency> <groupId>org.springframework.boot</groupId> <artifactId>spring-boot-starter-thymeleaf</artifactId> </dependency> <dependency> <groupId>org.springframework.security</groupId> <artifactId>spring-security-core</artifactId> <version>3.2.4.RELEASE</version> </dependency> <dependency> <groupId>org.springframework.security</groupId> <artifactId>spring-security-web</artifactId> <version>3.2.4.RELEASE</version> </dependency> <dependency> <groupId>org.springframework.security</groupId> <artifactId>spring-security-config</artifactId> <version>3.2.4.RELEASE</version> </dependency>
我如何配置Spring Security可以从我的/ static资源目录加载css / js文件?