These are chat archives for spring-guides/tut-spring-security-and-angular-js

17th
Apr 2015
Dave Syer
@dsyer
Apr 17 2015 05:32
Part I has the pop up. Part II does not. Did you run the code from github or your own version? Did you run it from the command line?
Pascal Zwick
@pas2al
Apr 17 2015 08:06
I used the code from your github repo (single) https://github.com/dsyer/spring-security-angular/tree/master/single But i used bower to install the necessary angular/bootstrap files. I started the application using mvn spring-boot:run. I referred the necessary files (in static/bower_components) in the index.html.
Dave Syer
@dsyer
Apr 17 2015 08:32
If you run the code as I provided it, does it work?
Pascal Zwick
@pas2al
Apr 17 2015 08:34
Do i have to use any other commands to build the static files with wro?
Oh, i found that point in the article. I will test it. Give me some minutes.
Pascal Zwick
@pas2al
Apr 17 2015 08:48
Yes, it is working if i build the project (mvn package) and run it using the generated jar. Ok, thats great, but can you give me a hint why it is not working if i install the static files using bower into static/bower_components?
Dave Syer
@dsyer
Apr 17 2015 08:50
Probably because "/bower_components" is a protected path by default
You might need to set access rules for the static content
If you fork the repo and add your modifications I'll take a look. Maybe worth a new blog.
Pascal Zwick
@pas2al
Apr 17 2015 09:04
Yep, i will prepare it and send you the link.
Dave Syer
@dsyer
Apr 17 2015 09:04
Thanks
Pascal Zwick
@pas2al
Apr 17 2015 10:21
@dsyer Damn, i fixed it. Right after the commit.
If you are interested, everything is committed. You were right to set the access rule. But it is important to set it to all sub-directories (/bower_components/**)
Dave Syer
@dsyer
Apr 17 2015 10:46
Naturally
Glad you got it working
Maybe I'll just put a side bar on Part II (in the tutorial version anyway)
Pascal Zwick
@pas2al
Apr 17 2015 10:53
Should i leave that fork on github for reference or can i delete it?
Dave Syer
@dsyer
Apr 17 2015 12:08
Don't you need it?
Pascal Zwick
@pas2al
Apr 17 2015 12:09
No, it was just for testing. I am working on a different project, where i need the security.
Dave Syer
@dsyer
Apr 17 2015 12:10
I see
I'll just grab a copy. Are you going to delete the whole repository?
Pascal Zwick
@pas2al
Apr 17 2015 12:12
i would, because i don’t need it anymore. But i can make some pull request to your repo, if you want. And we can create a branch for it, for example
Dave Syer
@dsyer
Apr 17 2015 12:13
It's fine. I got it.
Pascal Zwick
@pas2al
Apr 17 2015 12:14
Ok
Dave Syer
@dsyer
Apr 17 2015 12:14
I have it locally. I'll give you a mention if it goes out in a blog.
Thanks
Pascal Zwick
@pas2al
Apr 17 2015 12:15
Oh, that’s great. Thank you!
Pascal Zwick
@pas2al
Apr 17 2015 13:30
@dsyer One question. If a user is not authenticated, i want to show him nevertheless some information from a rest resource. Some kind of information that should be accessible for everybody. Is that possible?
Dave Syer
@dsyer
Apr 17 2015 13:31
Sure. You just need to set the access rules for the resources you need to be open.
Just like you did with the static resources
Pascal Zwick
@pas2al
Apr 17 2015 13:36
Ok, i want to show some public information to the users. On my „fancy“ html. The rest resource behind it provides some more details. I want to restrict access to the rest url, but the application itself needs access to it (to build the html file)
Dave Syer
@dsyer
Apr 17 2015 13:37
How is it restricted if anyone can see it in your UI?
You might as well not protect it
Pascal Zwick
@pas2al
Apr 17 2015 13:44
hm, ok i think it is more a problem of my models. Maybe i have to change them
Greg Turnquist
@gregturn
Apr 17 2015 16:29
@pascalzwick I had to solve the same access problem in my own demo with secured assets. See => https://github.com/gregturn/spring-a-gram/blob/master/src/main/java/com/greglturnquist/springagram/WebSecurityConfiguration.java#L43
Basically, Spring Security makes no assumptions about exposing assets. It's up to you.
Pascal Zwick
@pas2al
Apr 17 2015 17:38
@gregturn I fixed it already this morning, see some messages above. But thanks for your reply!
Greg Turnquist
@gregturn
Apr 17 2015 17:51
:)