Webjars未正确加载

Question

我使用的是SpringMVC 4.3.13和SpringSecurity4.2.4。

在过去的几天里，我在我的webapp中添加了webjars依赖项，如果我已经登录到应用程序中，那么所有这些都可以正常工作。

我唯一的问题是在登录页面中，我不能使用webjars，因为Security不能允许我下载资源。

在这里，我如何在登录页面中加载资源

<script src="/webjars/jquery/jquery.min.js"></script>

这里是MVCConfiguration中的资源配置

 @Override
 public void addResourceHandlers(final ResourceHandlerRegistry registry) {
     registry.addResourceHandler("/webjars/**").addResourceLocations(/webjars/")
        .resourceChain(false)
        .addResolver(new WebJarsResourceResolver())
        .addResolver(new PathResourceResolver());
     registry.addResourceHandler("/css/**").addResourceLocations("/css/");
     registry.addResourceHandler("/js/**").addResourceLocations("/js/");
     registry.addResourceHandler("/plugins/**").addResourceLocations(/plugins/");
     registry.addResourceHandler("/img/**").addResourceLocations("/img/");
     registry.addResourceHandler("/images/**").addResourceLocations(/images/");
     registry.addResourceHandler("/font/**").addResourceLocations("/font/");
     registry.addResourceHandler("/fonts/**").addResourceLocations("/fonts/");
     registry.addResourceHandler("/servlet/**").addResourceLocations("/servlet/");
     registry.addResourceHandler("/user/**").addResourceLocations("/user/");
     registry.addResourceHandler("/asset/**").addResourceLocations("/asset/");
     registry.addResourceHandler("/xslt/**").addResourceLocations("/xslt/");
     registry.addResourceHandler("/jsp/**").addResourceLocations("/jsp/");
     registry.addResourceHandler("/applets/**").addResourceLocations("/applets/");
     registry.addResourceHandler("/manager/**").addResourceLocations("/manager/");
     registry.addResourceHandler("/resources/**").addResourceLocations("/resources/");
 }

最后我的WebSecurityConfig

 @Override
 public void configure(WebSecurity web) throws Exception {
     web
        .ignoring()
        .antMatchers("/webjars/**");
 }

 @Override protected void configure(final HttpSecurity http) throws Exception {
      LOGGER.info("Initialization HTTP configuration");
      http
          .csrf().disable()
          .addFilterBefore(authenticationFilter(), UsernamePasswordAuthenticationFilter.class)
          .authorizeRequests().antMatchers("/login", "/asset/**","/privileged/**").permitAll()
          .anyRequest().authenticated()
          .and().formLogin().loginPage("/login")
          .defaultSuccessUrl("/home")
          .successHandler(customAuthenticationSuccessHandler)
          .permitAll();
 }

正如您所看到的，我已经在Security中添加了异常。我也尝试过这个配置。

.antMatchers("/login", "/asset/**","/privileged/**","/webjars/**").permitAll()

但如果没有成功，有人会有任何想法。

更新 resourceHandler和ResourceLocations的配置是正确的。事实上，在登录之后，webjars工作正常。

Answer 1

这个问题与Security无关。

罪犯是一个旧的自定义安全层，将来将完全被Spring安全所取代。

Answer 2

在xml配置文件中添加以下代码。

<mvc:resources mapping="/webjars/**" location="classpath:/META-INF/resources/webjars/"/>

或者使用JavaConfig

@Configuration
public class WebConfig extends WebMvcConfigurerAdapter {

  @Override
  public void addResourceHandlers(ResourceHandlerRegistry registry) {
    registry.addResourceHandler("/webjars/**").addResourceLocations("classpath:/META-INF/resources/webjars/");
  }

}