1、前端页面报错:index.html:1 Refused to display ‘http://localhost:8080/admin-list.html’ in a frame because it set ‘X-Frame-Options’ to ‘deny’.
后端可以查询
网上查询说是跨域问题;
添加此配置
@EnableWebSecurity
@Configuration
public class WebSecurityConfig extends DefaultWebSecurityConfigurer {
@Override
protected void configure(HttpSecurity http) throws Exception {
super.configure(http);
http.headers().frameOptions().sameOrigin(); //这里
}
}
解决问题!
大功告成
成功访问!
2、空指针异常
java.lang.NullPointerException: null
at com.book.pojo.vo.SecurityUser.getAuthorities(SecurityUser.java:33) ~[classes/:na]
at org.springframework.security.authentication.dao.AbstractUserDetailsAuthenticationProvider.createSuccessAuthentication(AbstractUserDetailsAuthenticationProvider.java:197) ~[spring-security-core-5.5.1.jar:5.5.1]
at org.springframework.security.authentication.dao.DaoAuthenticationProvider.createSuccessAuthentication(DaoAuthenticationProvider.java:122) ~[spring-security-core-5.5.1.jar:5.5.1]
at org.springframework.security.authentication.dao.AbstractUserDetailsAuthenticationProvider.authenticate(AbstractUserDetailsAuthenticationProvider.java:168) ~[spring-security-core-5.5.1.jar:5.5.1]
at org.springframework.security.authentication.ProviderManager.authenticate(ProviderManager.java:182) ~[spring-security-core-5.5.1.jar:5.5.1]
at com.book.filter.LoginFilter.attemptAuthentication(LoginFilter.java:51) ~[classes/:na]
debug模式下查找,原来是在UserServiceDetailsImpl类中,重写的方法中,要返回的对象的权限没有添加进去。
package com.book.service.impl;
import com.book.mapper.ManagerMapper;
import com.book.pojo.po.Manager;
import com.book.pojo.po.Role;
import com.book.pojo.vo.SecurityUser;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.core.authority.SimpleGrantedAuthority;
import org.spring