I am creating an angularjs application using angular ui router with Java backend rest api that runs in Websphere app server. AngularJS application is in a subfolder that is not read protected (browse directories is switched off).
When I use the application normally it works fine. But if I refresh the angularjs page with any other sub-route other than the main sub-route it says Cannot GET /xsubroute?xapp=xmyquerytoken.
Read in the docs that I have to redirect requests to index.html. How do I reconfigure my web.xml to redirect all requests for the angularjs app to get redirected to index.html.
Related
Most of the tutorials on the internet are using React JS in a Spring Project, therefore it will be a server-side render like thymeleaf. But in my project, spring boot (REST API Backend) and ReactJS (SPA) are separated.
I have a monolithic app so I think I don't have to use JWT (moreover spring oauth2 authorization project is deprecated).
Is it possible to use Spring Security session authentication (Jsessionid) with a SPA such as react js?
How do I login, what is the endpoint for it? Is it just a POST
request to /login endpoint with a payload of username and password?
For the other endpoint, does the React only have to include the cookie of Jsessionid whenever make a REST API Call to spring boot so it can be authenticated?
Typically jsp, xhtml, jsf pages are rendered in server side and converted into html in server so If you want to use react js and do not use JWT how can clients side ui will depends to security layer? If you want to use hybrid ui, you can use it but if you want to use full client side rendering it won't happen.
You can use Spring MVC for login mechanism and you have to manage session. Your configuration of server side has to depend on session management. When you send request to rest endpoint, Security filters will be triggered and checks the session is valid or not. You can specify your custom filters as well.
But the best approach is using JWT and react together. Also you are using spring boot and create static folder in resources and deploy your react app to that location. There will be some html files like login.html, index.html, main.html etc.
Each html file can be small react applications but managed with Spring MVC.
We have an application that is using AngularJS on the client side and ASP.NET MVC Core on the server side. We are mostly using the ASP.NET MVC API and only have simple MVC Views that use Angular to load the different html/js views. In legacy full ASP.NET MVC apps we would put [Authorize] attributes on the controllers for the chtml Views and the redirect would happen to the Login page and then back using the ReturnURL.
In this app, let's say we have an /accounts/review page. The Accounts controller exists but the review page is a SPA page that is handled by Angular. If I put the [Authorize] attribute on the Accounts controller and try to hit the /accounts/review page, the Authorize attribute is triggered by the Accounts controller, and redirected to the Login page. However, the ReturnUrl is not the full RawURL, it is just the '/accounts' url (without the /review). Instead, I want the ReturnUrl to have the full URL, including the piece of the URL that is "handled" by AngularJS.
In older versions, you could create your own custom attribute that could change the way the Authorize attribute is handled. I've also read where you can return an Unauthorized response instead and then have AngularJS handle the redirecting to the Login page.
Is there a simple solution to this that I'm missing? I feel like somewhere I should be able to override how the /accounts authorization is handled and inject a different return URL, but I'm not sure where that would go in the pipeline.
I'm trying to develop an app in Shopify platform, in which I'm having hard time to bring my app as embedded inside Shopify. when ever i try to install after confirm installation it always redirected to the URL which I specified in redirect URL column of app settings.
Guide me how can i load my app inside Shopify web page itself.
Note
My app settings as follow:
App URL (required) of my app is : https://ngrok.io/sp-testapp/#/page/sh-register?appname=shopify
Redirection URL (required) of my app is : https://ngrok.io/sp-testapp/#/page/sh-register?appname=shopify
I have tried with different redirection URL and app URL which also loads out side of Shopify web page
I am using node.js as my back end and shopify-node-api library as OAuth2 Module for Shopify API
Thanks in advance
Redirect Url:
After a merchant authorizes your app, they can be redirected back to any of these URLs (that your enter in "redirect url textbox" during setting app). You can specify the URL using the redirect_uri parameter during the authorization step.
Please refer below URL
https://help.shopify.com/api/tutorials/building-public-app#step-2-configuring-your-application
I am using UI-Router in my Angularjs app on Apache. I want to use subdomains for user profiles. How can I change http://example.com/variable to http://variable.example.com and trailing urls.
Is there a way this could be done using htaccess?
So when a user logs in your server side code should redirect them to their subdomain with an HTTP 302 redirect. Once there, the angular app can load. Note that changing the hostname will cause a full page reload (your angular app will start over), so you could do this for login but you wouldn't want to do this if userA is allowed to visit userB's profile as angularjs is optimized for single page applications and using subdomains like this would make your app a multi-page application.
I have an angular app that I need to secure. We have a central SSO app in our organisation.
This central app provides a login page and sets cookie after authenticating the user.
Now I need to redirect user from my angular app to this central login page in case authentication cookie is missing/expired.
Can someone please help, how can I redirect to a different page using angular routing ? It seems angular always redirect only relative to base url.
I also tried to use spring mvc and security to restrict access to index.html from server end, but I am not able to set the mapping for showing index.html file (outside web-inf) from dispatcher servlet.
angular's routing is for routing within the page.
Use native location.href for this.
It sounds to me that you are trying to have partial AngularJS page and partial Spring MVC web application. I have also tried this, but then things did not go so well.
If you want to build a web application using AngularJS, I suggest you to start using AngularJS fully as Single Page Web Application and use your Spring MVC as a RESTful web service which is secured by Spring Security.
Read this article: restful-web-service-with-spring-security
The custom AuthenticationEntryPoint must return an HTTP status which AngularJS will process further in $http.success or $http.error. In case of $http.error you force user to go to the login page maybe something like $location.url("/login");
To make all $http.error points to the login page, you can use AngularJS http interceptors.
NB: You should secure your whole web application on the web server level by permanently redirect from http to https. Example: Apache HTTPD