2

I am developing a REST-API with Spring Boot. Now I want to act as a OAuth2 provider as well and therefore I want to add support for the "client_credentials" grant type.

In order to do that I have to allow users to login and authorize the client. Spring provides an ugly default login form for doing that so now I want to show my own custom login form instead.

The problem is I can't get it to work outside my IDE.

My configuration looks as follows:

@Configuration
@EnableWebSecurity
public class SpringSecurityConfig extends WebSecurityConfigurerAdapter {

    @Override
    protected void configure(HttpSecurity http) throws Exception {
        http.csrf().requireCsrfProtectionMatcher(new AntPathRequestMatcher("**/login")).and().authorizeRequests().antMatchers("/hellopage").hasAuthority(Role.USER.value())
                .and().formLogin().defaultSuccessUrl("/hellopage").loginPage("/login").and().logout().permitAll();
    }

    @Override
    public void configure(WebSecurity web) throws Exception {
        web.ignoring().antMatchers("/*.css");
        web.ignoring().antMatchers("/*.js");
    }
}

@Configuration
protected class WebConfig extends WebMvcConfigurerAdapter {

    @Override
    public void addResourceHandlers(final ResourceHandlerRegistry registry) {
        registry.addResourceHandler("/*.js/**").addResourceLocations("/ui/static/");
        registry.addResourceHandler("/*.css/**").addResourceLocations("/ui/static/");
    }

    @Override
    public void addViewControllers(ViewControllerRegistry registry) {
        registry.addViewController("/").setViewName("login");
        registry.addViewController("/login").setViewName("login");
        registry.addViewController("/testpage").setViewName("testpage");
        registry.addViewController("/hellopage").setViewName("hellopage");
    }

    @Bean
    public InternalResourceViewResolver setupViewResolver() {
        InternalResourceViewResolver resolver = new InternalResourceViewResolver();
        resolver.setPrefix("/ui/jsp/");
        resolver.setSuffix(".jsp");
        resolver.setViewClass(JstlView.class);
        return resolver;
    }

And my folder structure looks like this:

enter image description here

When I run my application inside Eclipse and visit http://localhost:8080/login everything works fine and my custom login form is shown. When I package my application with maven and execute the generated .war file, visiting http://localhost:8080/login shows the ugly default login form which leads me to believe that spring is unable to find the resources for my custom form.

When I try to access any other .jsp like testpage.jsp, I get the following error (this also works fine when the app is run from my IDE):

enter image description here

I am deploying my application using a docker container that runs the .war file using java -jar myserver.war, so this has to work for me.

How can I make sure Spring can find my provided resources when executing the .war file?

Philipp Jahoda
  • 50,880
  • 24
  • 180
  • 187
  • try keeping the jars in src/main/webapp/WEB-INF/jsp https://www.mkyong.com/spring-boot/spring-boot-hello-world-example-jsp/.. also you can consider building a fat-jar instead of war (if you haven't already).. – Jos Jun 26 '17 at 15:50
  • According to your posted image you're getting HTTP 500 internal server error, can you share your stack trace? – Moshe Arad Jun 26 '17 at 20:17
  • Turns out the solution was indeed to put it into WEB-INF - so my folder structure is `src/main/webapp/WEB-INF/jsp` now and it works. @redflar3 if you want to provide an answer I can accept it. – Philipp Jahoda Jun 27 '17 at 12:04

1 Answers1

1

By default Maven expects a the jsp's in /WEB-INF/* location.

You can keep the jsp's in src/main/webapp/WEB-INF/jsp. Also you can update the InternalViewResolver prefix as well accordingly.

For detailed explanation you can refer https://stackoverflow.com/a/19786283/3981536

Jos
  • 2,015
  • 1
  • 17
  • 22