Junjie Junjie - 2 months ago 6
CSS Question

when spring security enabled, resouces(css or js) can't be loaded

The resource is under src/main/resources/static/css or src/main/resources/static/js, I'm using spring boot, and the class of security is:

public class WebSecurityConfig extends WebSecurityConfigurerAdapter {

protected void configure(HttpSecurity http) throws Exception {
// http.authorizeRequests().antMatchers("/", "/index", "/quizStart")
// .permitAll().anyRequest().authenticated();
// http.formLogin().loginPage("/login").permitAll().and().logout()
// .permitAll();

protected void configure(AuthenticationManagerBuilder auth)
throws Exception {

It works well (resources can be loaded) when I access "/index" from browser, however, if I uncomment the four lines in the class, resources can not be loaded, the four lines means:

http.authorizeRequests().antMatchers("/", "/index", "/quizStart")

Could anyone help with this ? Thanks in advance.


You probably want to make sure to have your directory containing those items set as permitAll.

Here's an excerpt from my spring security context file. Under the resources directory, I have js, css, and images folders which are given permissions by this line.

<security:intercept-url pattern="/resources/**" access="permitAll" />