0

I am doing a project with Spring MVC and Spring Security. I have tried many ways to the CSS work, but I did't have any success. In my page.tag there are some examples what I have tried. Also, I tried directly in the html code find out the right URL, but everything does not work.

That is my code.

SecurityConfiguration.java

@Override
protected void configure( HttpSecurity http )throws Exception 
{
    http.authorizeRequests().antMatchers         ( "/resources/**" ).permitAll()
                            .antMatchers         ( "/admin"        ).hasRole( "ADMIN" )
                            .antMatchers         ( "/topics/**"    ).permitAll()
                            .antMatchers         ( "/login"        ).hasRole( "USER"  )
                            .anyRequest          ()
                            .authenticated       ()
                            .and                 ()
                            .formLogin           ()
                            .loginPage           ( "/hello-world" ).permitAll()
                            .and                 ()
                            .logout              ()
                            .logoutRequestMatcher( new AntPathRequestMatcher( "/logout" ) );
}

AppWebConfiguration.java

@Override
public void addResourceHandlers( ResourceHandlerRegistry registry ) 
{
    registry.addResourceHandler("/resources/**").addResourceLocations("/resources/");
}


page.tag

<head>
<meta charset="utf-8">
<meta http-equiv="X-UA-Compatible" content="IE=edge,chrome=1">
<meta name="viewport" content="width=device-width, initial-scale=1, maximum-scale=1">

<!--<spring:url value = "/resources/css/main.css"         var = "main" />
<spring:url value = "/resources/css/home_nocache.css" var = "home_nocache" />
<link href="${main}"         rel="stylesheet" type="text/css">
<link href="${home_nocache}" rel="stylesheet" type="text/css">-->

<!--<link href="${homeLess}" rel="stylesheet" /> -->

<link href= "<c:url value='/resources/css/main.css' />"         rel="stylesheet" ></link>
<link href= "<c:url value='/resources/css/home_nocache.css' />" rel="stylesheet" ></link>

<script src="https://ajax.googleapis.com/ajax/libs/jquery/1.11.3/jquery.min.js"></script>

<style type="text/css"></style>
</head>

What is wrong with my application, does someone can help me out?

Improve this question

2 Answers 2

Reset to default
1

I think you need to permit also css folder in application context xml similar to

if css is under resources folder 

<intercept-url pattern="/resources/css/**" access="permitAll()" requires-channel="https" />

you have this /resources/**

missing /css/**

 protected void configure(HttpSecurity http) throws Exception {
        http
                .addFilterAfter(new CSRFTokenGeneratorFilter(), CsrfFilter.class)
                .authorizeRequests()
                .antMatchers("/").permitAll()
                .antMatchers( "/**/" ).permitAll()
                .antMatchers("/login").permitAll()
                .antMatchers("/wizard").permitAll()
                .antMatchers("/menu").permitAll()
                .antMatchers("/error").permitAll()
                .antMatchers("/resources/**").permitAll()
                .antMatchers("/css/**").permitAll()
                .antMatchers("/js/**").permitAll()
                .antMatchers("/fonts/**").permitAll()
                .antMatchers("/libs/**").permitAll();

}
Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

0

I have updated for this and it is the same:

@Override
    protected void configure( HttpSecurity http )throws Exception 
    {
        http.authorizeRequests().antMatchers         ( "/resources/**"        ).permitAll()
                                .antMatchers         ( "/resources/css/**"    ).permitAll()
                                .antMatchers         ( "/resources/images/**" ).permitAll()
                                .antMatchers         ( "/admin"               ).hasRole( "ADMIN" )
                                .antMatchers         ( "/topics/**"           ).permitAll()
                                .antMatchers         ( "/login"               ).hasRole( "USER"  )
                                .anyRequest          ()
                                .authenticated       ()
                                .and                 ()
                                .formLogin           ()
                                .loginPage           ( "/hello-world" ).permitAll()
                                .and                 ()
                                .logout              ()
                                .logoutRequestMatcher( new AntPathRequestMatcher( "/logout" ) );
    }
Improve this answer

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.