Spring Security + AngularJS + Permissions: disabling all pages for non authenticated users other than login -
i want users have login before seeing other pages. if try access other page, have login first.
i tried using following, keeps giving me http status 401 - access denied error.
http.csrf().disable().exceptionhandling() .authenticationentrypoint(unauthorizedhandler).and() .formlogin().loginpage("/login").successhandler(authsuccess) .failurehandler(authfailure).and().authorizerequests() .antmatchers("/login", "/#/login", "/login.html", "/login.jsp", "login", "/login") .permitall().anyrequest().authenticated();
since using angularjs, might have that. still tried add /#/login part, still without result.
you can achieve using routing. have @ below code.
app.run(function($rootscope, $location,cachelogout) { // register listener watch route changes $rootscope.$on("$routechangestart", function(event, next, current) { if ($rootscope.loggeduser == null) { // no logged user, should going #login if (next.templateurl == "login.html") { // going #login, no redirect needed } else { // not going #login, should redirect $location.path("/login"); } } }); });
this borrowed redirecting route based on condition. using redirecting login page if user not logged in. $rootscope.loggeduser value set once user logged in.
Comments
Post a Comment