For learning purposes, I make an application, as an Angular 2 client on the Spring boot backend, are on different servers. At the moment, made the registration of a user with autologin, but after registration only anonymousUser returned. As a method of authorization, I chose token authentication. If you make such authorization through JSP everything works, and through the SPA there is not enough knowledge how to implement it and examples in the network can not be found.

I hope for a hint that you need to add for authorization.

Front end
Back end

UPDATE 1
Fixed a cant so that SecurityServiceImpl was not used anywhere. Now the session is saved in the database and it seems like the authorization has passed, but SecurityContextHolder.getContext().getAuthentication().getDetails() returns null .

  • Check the cookies that are sent from the front to the back, are they actually sent the same, or are they different with each request? Is the angular parameter withCredentials = true enabled, as indicated in this answer ? - MrFylypenko
  • @MrFylypenko withCredentials = true when sending post requests for registration. Cookies do not come at all, only the session header in the response header. - Bleser
  • For cross-domain queries, you should always send withCredentials=true , without it, authorization does not work. - MrFylypenko
  • @MrFylypenko I sent only POST requests, so withCredentials always true you can see it here on line 18 on github.com/Bleser92/frontend-spring-angular2-sci-lvl-4/blob/… - Bleser
  • You misunderstand how it works withCredentials , you can read here . Those. when requested without this parameter (when cross-domain requests), the server will NEVER know that this is the current user and will always see it as a new one and open a new session for each request. In your example on github, fron sends the post a request for registration with this parameter, and in the user service het request without it, so getting the user will always be zero or anonymous. - MrFylypenko

0