Angular 4.0 + Spring boot + Spring Security：TemplateInputException：解析模板“登录”时出错

我正在将 Spring Security 集成到我的第一个 Angular 项目中。我关注了许多文章和示例，包括this https://github.com/kamalber/spring-boot-angular4-authentication, this https://libraries.io/github/kamalber/spring-boot-angular4-authentication, this https://spring.io/guides/tutorials/spring-security-and-angular-js/, this https://spring.io/blog/2015/01/12/the-login-page-angular-js-and-spring-security-part-ii and this https://spring.io/guides/gs/authenticating-ldap/。我希望我的应用程序具有 Spring Security 并通过 LDAP 进行身份验证。如果我在 \src\main\resources\templates 中保存一个 login.html 那么我可以看到登录页面。但我希望登录页面来自 Angular 组件。所以我从\src\main\resources\templates 中删除/重命名了login.html。当我点击 localhost:8080 时，它会转到我的 LoginController （yu=ou 可以在日志中看到 sysout），然后我收到以下错误

018-04-28 07:30:34.610 DEBUG 11520 --- [nio-8080-exec-9] o.s.s.w.a.i.FilterSecurityInterceptor    : RunAsManager did not change Authentication object
2018-04-28 07:30:34.610 DEBUG 11520 --- [nio-8080-exec-9] o.s.security.web.FilterChainProxy        : /login reached end of additional filter chain; proceeding with original chain
>>>>>>>>>>>> LoginController.login()...
2018-04-28 07:30:34.611 ERROR 11520 --- [nio-8080-exec-9] org.thymeleaf.TemplateEngine             : [THYMELEAF][http-nio-8080-exec-9] Exception processing template "login": Error resolving template "login", template might not exist or might not be accessible by any of the configured Template Resolvers
2018-04-28 07:30:34.611 DEBUG 11520 --- [nio-8080-exec-9] w.c.HttpSessionSecurityContextRepository : SecurityContext is empty or contents are anonymous - context will not be stored in HttpSession.
2018-04-28 07:30:34.611 DEBUG 11520 --- [nio-8080-exec-9] s.s.w.c.SecurityContextPersistenceFilter : SecurityContextHolder now cleared, as request processing completed
2018-04-28 07:30:34.612 ERROR 11520 --- [nio-8080-exec-9] o.a.c.c.C.[.[.[/].[dispatcherServlet]    : Servlet.service() for servlet [dispatcherServlet] in context with path [] threw exception [Request processing failed; nested exception is org.thymeleaf.exceptions.TemplateInputException: Error resolving template "login", template might not exist or might not be accessible by any of the configured Template Resolvers] with root cause

org.thymeleaf.exceptions.TemplateInputException: Error resolving template "login", template might not exist or might not be accessible by any of the configured Template Resolvers
    at org.thymeleaf.TemplateRepository.getTemplate(TemplateRepository.java:246)
    at org.thymeleaf.TemplateEngine.process(TemplateEngine.java:1104)
    at org.thymeleaf.TemplateEngine.process(TemplateEngine.java:1060)

谷歌搜索后我尝试了很多方法，但还没有成功。有什么建议请..

我的文件：

登录控制器.java

 @RequestMapping("/login")
    String login(){
        System.out.println(">>>>>>>>>>>> LoginController.login()...");
        return "login";
    }

WebSecurityConfiguration.java

    @Override
    protected void configure(HttpSecurity http) throws Exception {
        http
        //.httpBasic().and()
        .authorizeRequests()
      //  .antMatchers("/**").permitAll()
        .antMatchers("/index.html", "/", "/home", "/login").permitAll()
            .anyRequest().authenticated()
            .and().formLogin().loginPage("/login")
            .and()
        .csrf()
            .csrfTokenRepository(CookieCsrfTokenRepository.withHttpOnlyFalse());
        /*http
                .authorizeRequests()
                .antMatchers(HttpMethod.GET, "/resources/**", "/assets/**", "/css/**", "/js/**", "/fonts/**")
              //.antMatchers("/**")
                .permitAll()
                .and()
                .authorizeRequests()
                .anyRequest()
                .authenticated()
                .and()
                .formLogin()
                .loginPage("/login")
                .successHandler(authenticationSuccessHandler)
                .permitAll()
                .and()
                .logout()
                .logoutUrl("/logout")
                .and()
                .csrf()
                .csrfTokenRepository(CookieCsrfTokenRepository.withHttpOnlyFalse())
                .and()
                .httpBasic();
                //http.cors();
*/    }

应用程序路由.module.ts

const routes: Routes = [
    { path: 'login', component: LoginComponent },    
    { path: '', redirectTo: '/home', pathMatch: 'full' },
    { path: 'dashboard', redirectTo: '/home', pathMatch: 'full' },
    {
        path: 'home',
        component: DashboardComponent,
        data: { title: 'Dashboard' }
    },
    {
        path: 'linesidemonitor',
        component: LinesideMonitorComponent,
        data: {title: 'Lineside Monitor'}
    },

如果我使用 .and().formLogin() 那么我会收到此错误：

2018-04-28 08:32:08.394 DEBUG 10404 --- [nio-8080-exec-6] o.s.s.w.a.ExceptionTranslationFilter     : Access is denied (user is anonymous); redirecting to authentication entry point

org.springframework.security.access.AccessDeniedException: Access is denied
    at org.springframework.security.access.vote.AffirmativeBased.decide(AffirmativeBased.java:84)
    at org.springframework.security.access.intercept.AbstractSecurityInterceptor.beforeInvocation(AbstractSecurityInterceptor.java:233)
    at org.springframework.security.web.access.intercept.FilterSecurityInterceptor.invoke(FilterSecurityInterceptor.java:124)
    at org.springframework.security.web.access.intercept.FilterSecurityInterceptor.doFilter(FilterSecurityInterceptor.java:91)

如果我使用 .httpBasic().and()，那么我会收到我不想要的浏览器登录弹出窗口

@SK

您收到以下异常的原因是您使用的是 Controller 而不是 RestController。

org.thymeleaf.exceptions.TemplateInputException：解析模板“登录”时出错，模板可能不存在或可能无法被任何配置的模板解析器访问 在 org.thymeleaf.TemplateRepository.getTemplate(TemplateRepository.java:246) 在 org.thymeleaf.TemplateEngine.process(TemplateEngine.java:1104)

因此，它不是直接将输出作为 JSON 写入浏览器，而是使用 ViewResolver 来解析 MVC 的视图部分。

用 RestController 替换 Controller 将使.formLogin().loginPage("/login")发出浏览器登录请求，如果允许，您将获得 Angular 的登录页面。

httpBasic，这是浏览器弹出的本质，因为它会收到 401 响应代码。