I have a simple Spring web application.
#Controller
public class GreetingController {
#Autowired
GreetingRepository repository;
#GetMapping("/greeting")
public String greetingForm(Model model) {
model.addAttribute("greeting", new Greeting());
return "greeting";
}
#PostMapping("/greeting")
public String greetingSubmit(#ModelAttribute Greeting greeting) {
repository.save(greeting);
return "result";
}
}
The HTML is:
<!DOCTYPE HTML>
<html xmlns:th="http://www.thymeleaf.org">
<head>
<title>Greeting Sample</title>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
<link rel="stylesheet" th:href="#{/css/style.css}"/>
</head>
<body>
<h1>Form</h1>
<form action="#" th:action="#{/greeting}" th:object="${greeting}" method="post">
<p>Id: <input type="text" th:field="*{id}" /></p>
<p>Message: <input type="text" th:field="*{content}" /></p>
<p><input type="submit" value="Submit" /> <input type="reset" value="Reset" /></p>
</form>
</body>
</html>
This is the css file that is referenced in the HTML:
p {
color: #ff5588;
}
However, the css is not applied.
In fact, when I query localhost:8080/css/style.css it returns the HTML content of the index page.
It might be a security configuration issue. Is there a security implementation (SpringSecurity or custom) on your project? If so, does your user have access to /css/* url or this url has public access? The redirection might be occur if user doesn't have access to url or there is an exception while processing request.
The security configuration turned out to be blocking all requests to resources. In stead, it was redirecting those requests to the index page (which was configured).
The solution turned out to be simple, authorize all requests to the resources of the website (/images/** and /css/** and /js/**).
Once that was configured, the web-application worked as expected.
Related
I have two html pages:
greeting.html
<!DOCTYPE HTML>
<html xmlns:th="https://www.thymeleaf.org">
<head>
<title>Getting Started: Handling Form Submission</title>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
</head>
<body>
<h1>Form</h1>
<form action="#" th:action="#{/greeting}" th:object="${greeting}" method="post">
<p>Id: <input type="text" th:field="*{ch}" /></p>
<p>Message: <input type="number" th:field="*{count}" /></p>
<p><input type="submit" value="Submit" /> <input type="reset" value="Reset" /></p>
</form>
</body>
</html>
result.html
<!DOCTYPE HTML>
<html xmlns:th="https://www.thymeleaf.org">
<head>
<title>Getting Started: Handling Form Submission</title>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
</head>
<body>
<h1>Result</h1>
<p th:text="'symbol: ' + ${greeting.ch}" />
<p th:text="'count: ' + ${greeting.count}" />
Submit another message
</body>
</html>
And a simple controller:
package com.example.secMVC.Controller;
import com.example.secMVC.Entity.CharacteristicsEntity;
import org.springframework.http.ResponseEntity;
import org.springframework.stereotype.Controller;
import org.springframework.ui.Model;
import org.springframework.web.bind.annotation.*;
#Controller
public class UserController {
#GetMapping("/greeting")
public String greetingForm(Model model){
model.addAttribute("greeting",new CharacteristicsEntity());
return "greeting";
}
#PostMapping("/greeting")
public String greetingSubmit(#ModelAttribute CharacteristicsEntity charEntity,Model model){
model.addAttribute("greeting",charEntity);
return "result";
}
}
And now if I run the program with the #Controller annotation, it shows what is needed, i.e. a page with input fields and 2 buttons.But if you change it to #RestContoller, then just a page with the text "greeting" is shown.
I'm a beginner and apparently I don't understand something, but I saw that they wrote that these should be equivalent annotations in theory.I would be glad to help figure out this issue.
Entity just in case:
package com.example.secMVC.Entity;
public class CharacteristicsEntity {
private String ch;
private Integer count;
public String getCh() {
return ch;
}
public void setCh(String ch) {
this.ch = ch;
}
public Integer getCount() {
return count;
}
public void setCount(Integer count) {
this.count = count;
}
}
Well #RestContoller annotation is used when someone creates a RESTful webservices (REST APIs). #RestContoller actually takes care of all the boilerplate code when you creating a RESTful webservice.
Theoretically #Controller and #RestContoller is not equal. But yet you can use both of these annotation if you are creating RESTful webservices in following combination.
#RestContoller
public class ClassName{}
or
#Controller
#ResponseBody
public class ClassName{}
But when you use template engine like Thymeleaf, you better use #Controller rather than #RestContoller.
For more info - Here
I am trying to redirect a user to external url to complete the transaction and this website is based SAML based authentication and accepts SAMLResponse as a post parameter. Below is my controller able to get the values in the logs
----- Controller ---------------------------------------------------
#RequestMapping(value="/redirect", method = { RequestMethod.GET, RequestMethod.POST })
public String redirect(HttpServletRequest request, HttpServletResponse response, RedirectAttributes redirectAttrs) {
String samlRes = String.valueOf(request.getSession().getAttribute("STRRESPONSE"));
byte[] base64samlRes = Base64.encode(samlRes.getBytes());
redirectAttrs.addAttribute("SAMLResponse", base64samlRes);
L.debug("Redirecting " + samlRes);
L.debug("Redirecting Base64 Encoder " + new String(base64samlRes, Charset.forName("UTF-8")));
return "redirect";
---------------- Controller Ends ----------------------
and using the below html to post the external website.. I am seeing the browser the html title but it is not loading the external portal and values in the html is also null
---- HTML auto submit -----------------------
<!DOCTYPE html>
<html xmlns:th="http://www.thymeleaf.org">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
<title>Redirect Payment Portal</title>
</head>
<body>
<ul>
<li>SamlResponse: "${SAMLResponse}"</li>
</ul>
<form name="myRedirectForm" action="<external url>" method="post">
<input name="SAMLResponse" type="hidden" value="${SAMLResponse}" />
<noscript>
<input type="submit" value="Click here to continue" />
</noscript>
</form>
<script type="text/javascript">
$(document).ready(function() {
document.myRedirectForm.submit();
});
</script>
</body>
</html>
===================== End HTML ----------------------
Am i missing anything
I am able to retrieve the value in html by modifying the value [[${SAMLResponse}]] but the form is not getting submitted
Finally issue is resolved with the following updates
------ HTML---
modified the following line
<input name="SAMLResponse" type="hidden" value="${SAMLResponse}" />
to
<input name="SAMLResponse" type="hidden" th:value="${SAMLResponse}" />
--- End HTML ----
----- Controller Changes ----
#RequestMapping(value="/redirect", method = { RequestMethod.GET, RequestMethod.POST })
public ModelAndView redirect(HttpServletRequest request, HttpServletResponse response, Model model) {
String samlRes = String.valueOf(request.getSession().getAttribute("STRRESPONSE"));
byte[] base64samlRes = Base64.encode(samlRes.getBytes());
model.addAttribute("SAMLResponse", new String(base64samlRes, Charset.forName("UTF-8"));
L.debug("Redirecting " + samlRes);
L.debug("Redirecting Base64 Encoder " + new String(base64samlRes, Charset.forName("UTF-8")));
return new ModelAndView ("redirect");
---- Controller Changes End ------
I am trying to follow this as reference Serving Static content in SpringBoot
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
import org.springframework.web.bind.annotation.RequestParam;
import org.springframework.ui.Model;
/**
* Created by Eric on 11/25/2015.
*/
#org.springframework.stereotype.Controller
public class Controller {
#RequestMapping("/appPage")
public String greeting(#RequestParam(value="name", required=false, defaultValue="World") String name, Model model) {
model.addAttribute("name", name);
model.addAttribute("title", "Best Of the App");
model.addAttribute("basecontext", "Best Of the App");
return "appPage";
}
}
My HTML form being below
<!DOCTYPE HTML>
<html xmlns:th="http://www.thymeleaf.org">
<head>
<title th:text="${title}" />
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
</head>
<body>
<p th:text="'Hello, ' + ${name} + '!'" />
<input type="hidden" type="text" id="basecontext" value='${basecontext}'/>
</body>
</html>
I am trying to set value in hidden input field. But that gives me error
org.springframework.web.util.NestedServletException: Request processing failed; nested exception is org.thymeleaf.exceptions.TemplateInputException: Exception parsing document: template="appPage", line 9 - column 33
I am trying to move this html page which was getting loaded in a JSP application to Spring Boot + ThymeLeaf.
If I simply place this content in index.html without a Context handler in Controller. the page is loaded just fine. Thymeleaf does not throw any error.
ThymeLeaf uses xml and not html and you are not allowed to have attributes of the same name in xml type="hidden" type="text"
You actually should get SAXParseException: Attribute "type" was already specified for element in your spring log
I have a Spring + Thymeleaf project with the following view code.
<!DOCTYPE html SYSTEM "http://www.thymeleaf.org/dtd/xhtml1-strict-thymeleaf-spring3-3.dtd">
<html
xmlns="http://www.w3.org/1999/xhtml"
xmlns:th="http://www.thymeleaf.org"
xmlns:sec="http://www.thymeleaf.org/thymeleaf-extras-springsecurity3">
<head>
<title>Contacts</title>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8"/>
</head>
<body>
<div id="content">
<h1>Welcome to the site!</h1>
<p th:if="${loginError}">Wrong user or password</p>
<form th:action="#{/j_spring_security_check}" method="post">
<label for="j_username">Email address</label>:
<input type="text" id="j_username" name="j_username"/> <br/>
<label for="j_password">Password</label>:
<input type="password" id="j_password" name="j_password"/> <br/>
<input type="submit" value="Log in"/>
</form>
</div>
<div sec:authorize="isAuthenticated()">
User: <span sec:authentication="name">miquel</span>
</div>
</body>
</html>
The sec:authorize and sec:authentication attributes don't work as expected - the div is always shown, even if no user is logged in, and the span always reads "miquel".
Follows a relevant snippet from my controller class.
#RequestMapping(value = "/welcome.html")
public String wellcome() {
Authentication auth = SecurityContextHolder.getContext().getAuthentication();
System.out.println("username: " + auth.getName());
return "home";
}
The println statement works as expected - if no user is logged in, it prints "anonymousUser", otherwise the username.
What am I doing wrong?
After comparing my application closely to the Thymeleaf & Spring Security demo applicaiton, I discovered the source of the error.
Apparently, in order for Thymeleaf to process the sec:authorize and sec:authentication attributes, you need to register SpringSecurityDialect as an additional dialect of the template engine bean.
<bean id="templateEngine" class="org.thymeleaf.spring3.SpringTemplateEngine">
<property name="templateResolver" ref="templateResolver" />
<property name="additionalDialects">
<set>
<bean class="org.thymeleaf.extras.springsecurity3.dialect.SpringSecurityDialect" />
</set>
</property>
</bean>
This is surprising as there is no mention of that fact on the related Thymeleaf documentation page. I hope this helps others who will face the same issue in future.
In Spring Boot I just had to add the following dependency:
<dependency>
<groupId>org.thymeleaf.extras</groupId>
<artifactId>thymeleaf-extras-springsecurity4</artifactId>
</dependency>
For the java config version, it worked for me too by adding the spring security dialect:
#Bean
public SpringTemplateEngine templateEngine() {
SpringTemplateEngine templateEngine = new SpringTemplateEngine();
templateEngine.setTemplateResolver(templateResolver());
templateEngine.addDialect(new TilesDialect());
templateEngine.addDialect(new SpringSecurityDialect());
return templateEngine;
}
Also, you may wish to clear the template cache after an authentication event, so your template is re-processed with new authentication data. Or, set the templates which are sensitive to a login session to non-cached (this is what I did), using ServletContextTemplateResolver.setNonCacheablePatterns().
So I am working in a project to send data from a C# application to ASP web application; the problem is when I want to send the data I get this error :The remote server returned an error: (405) Method Not Allowed. Here is my C# code:
static void Main(string[] args)
{
using (var wb = new WebClient())
{
var data = new NameValueCollection();
string url = "http://localhost:4241/HtmlPage2.html";
data["Text1"] = "Anas";
data["Text2"] = "Anas";
var response = wb.UploadValues(url, "POST", data);
}
}
and here my ASP code (it's just a HTML page for testing, the code is implemented in HtmlPage2.html and when I submit the button it passes the data to HtmlPage2.html)
<!DOCTYPE html>
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8"/>
<title></title>
</head>
<body>
<form method="Post" action="HtmlPage2.html">
<input id="Text1" type="text" name="Text1" />
<input id="Text2" type="text" name="Text2" />
<input id="Button1" type="submit" value="button" />
</form>
</body>
</html>
NB:My IIS is already enabled :)
So if someone can help me I will be very appreciative :)
A HTML file is a static file on a filesystem-based webserver, there is no way for it to handle POST requests, only GET (unless you're using WebDAV, but that's another story).
Basically the <form action="HtmlPage2.html"> fragment is incorrect. If it does work in your webbrowser then check the DOM of the page to see if the action attribute is being changed.