I am still getting the error 403 forbidden (Access to the specified resource has been forbidden). This is my web.xml
<?xml version="1.0" encoding="ISO-8859-1" standalone="no"?> <web-app xmlns="http://java.sun.com/xml/ns/javaee"; xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"; version="2.5" xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd";> <display-name>abc</display-name> <description>ABC Web application</description> <!-- Enable escaping of form submission contents --> <context-param> <param-name>defaultHtmlEscape</param-name> <param-value>true</param-value> </context-param> <context-param> <param-name>contextConfigLocation</param-name> <param-value>classpath*:META-INF/spring/applicationContext*.xml</param-value> </context-param> <filter> <filter-name>CharacterEncodingFilter</filter-name> <filter-class>org.springframework.web.filter.CharacterEncodingFilter</filter-class> <init-param> <param-name>encoding</param-name> <param-value>UTF-8</param-value> </init-param> <init-param> <param-name>forceEncoding</param-name> <param-value>true</param-value> </init-param> </filter> <filter> <filter-name>HttpMethodFilter</filter-name> <filter-class>org.springframework.web.filter.HiddenHttpMethodFilter</filter-class> </filter> <filter> <filter-name>springSecurityFilterChain</filter-name> <filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class> </filter> <filter> <filter-name>Spring OpenEntityManagerInViewFilter</filter-name> <filter-class>org.springframework.orm.jpa.support.OpenEntityManagerInViewFilter</filter-class> </filter> <filter-mapping> <filter-name>CharacterEncodingFilter</filter-name> <url-pattern>/*</url-pattern> </filter-mapping> <filter-mapping> <filter-name>HttpMethodFilter</filter-name> <url-pattern>/*</url-pattern> </filter-mapping> <filter-mapping> <filter-name>springSecurityFilterChain</filter-name> <url-pattern>/*</url-pattern> </filter-mapping> <filter-mapping> <filter-name>Spring OpenEntityManagerInViewFilter</filter-name> <url-pattern>/*</url-pattern> </filter-mapping> <!-- Creates the Spring Container shared by all Servlets and Filters --> <listener> <listener-class>org.springframework.web.context.ContextLoaderListener</listener-class> </listener> <!-- Handles Spring requests --> <servlet> <servlet-name>ABC</servlet-name> <servlet-class>org.springframework.web.servlet.DispatcherServlet</servlet-class> <init-param> <param-name>contextConfigLocation</param-name> <param-value>WEB-INF/spring/webmvc-config.xml</param-value> </init-param> <load-on-startup>1</load-on-startup> </servlet> <!-- <servlet> <servlet-name>default</servlet-name> <servlet-class>org.apache.catalina.servlets.DefaultServlet</servlet-class> <init-param> <param-name>debug</param-name> <param-value>0</param-value> </init-param> <init-param> <param-name>listings</param-name> <param-value>false</param-value> </init-param> <init-param> <param-name>readonly</param-name> <param-value>false</param-value> </init-param> <load-on-startup>1</load-on-startup> </servlet> --> <persistence-unit-ref> <persistence-unit-ref-name>persistence/persistenceUnit</persistence-unit-ref-name> <persistence-unit-name>persistenceUnit</persistence-unit-name> </persistence-unit-ref> <!-- <servlet> <servlet-name>spring-ws</servlet-name> <servlet-class>org.springframework.ws.transport.http.MessageDispatcherServlet</servlet-class> <init-param> <param-name>contextConfigLocation</param-name> <param-value>WEB-INF/spring/webmvc-config.xml</param-value> </init-param> <load-on-startup>1</load-on-startup> </servlet> <servlet-mapping> <servlet-name>spring-ws</servlet-name> <url-pattern>/services</url-pattern> </servlet-mapping> --> <servlet-mapping> <servlet-name>ABC</servlet-name> <url-pattern>/</url-pattern> </servlet-mapping> <session-config> <session-timeout>10</session-timeout> </session-config> <error-page> <exception-type>java.lang.Exception</exception-type> <location>/uncaughtException</location> </error-page> <error-page> <error-code>404</error-code> <location>/resourceNotFound</location> </error-page> <!-- <security-constraint> <web-resource-collection> <web-resource-name>ABC</web-resource-name> <url-pattern>/api/mode</url-pattern> <http-method>DELETE</http-method> <http-method>PUT</http-method> <http-method>HEAD</http-method> <http-method>OPTIONS</http-method> <http-method>TRACE</http-method> <http-method>GET</http-method> <http-method>POST</http-method> </web-resource-collection> <user-data-constraint> <transport-guarantee>NONE</transport-guarantee> </user-data-constraint> </security-constraint> --> <!-- <security-constraint> <web-resource-collection> <web-resource-name>ABC</web-resource-name> <url-pattern>/*</url-pattern> <http-method>PUT</http-method> </web-resource-collection> <auth-constraint> <role-name>admin</role-name> </auth-constraint> </security-constraint> <login-config> <auth-method>BASIC</auth-method> <realm-name>ABC</realm-name> </login-config> <security-role> <description>Role for restricted resources</description> <role-name>admin</role-name> </security-role> --> </web-app> Javascript File factory.js angular.module('cnitch').factory('configFactory', ['$http', function($http) { var urlBase= '/ABC/api/mode'; var urlrootmode= '/ABC/api/mode/host/all/tranx/all'; var configFactory = {}; configFactory.getConfig = function (id) { return $http.get(urlBase+"/"+id); }; configFactory.getConfigs = function () { return $http.get(urlBase); }; configFactory.getConfignew = function () { return $http.get(urlrootmode); }; configFactory.insertConfig = function (configString) { return $http.post(urlBase, configString); }; configFactory.updateConfig = function (id, configString) { return $http.put(urlBase + '/' + id, configString); }; configFactory.updateConfignew = function (id, configString) { return $http.put(urlBase, configString); }; configFactory.deleteConfig = function (id) { return $http.delete(urlBase + '/' + id); }; return configFactory; }]); ApplicationContext-security.xml <?xml version="1.0" encoding="UTF-8"?> <beans:beans xmlns="http://www.springframework.org/schema/security"; xmlns:beans="http://www.springframework.org/schema/beans"; xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"; xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-3.1.xsd http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-3.1.xsd";> <!-- HTTP security configurations --> <http auto-config="true" use-expressions="true"> <form-login login-processing-url="/resources/j_spring_security_check" login-page="/login" authentication-failure-url="/login?login_error=t" /> <logout logout-url="/resources/j_spring_security_logout" /> <!-- Configure these elements to secure URIs in your application --> <intercept-url pattern="/choices/**" access="hasRole('ROLE_ADMIN')" /> <intercept-url pattern="/member/**" access="isAuthenticated()" /> <intercept-url pattern="/resources/**" access="permitAll" /> <intercept-url pattern="/main/**" access="permitAll" /> <intercept-url pattern="/api/**" access="permitAll" /> <intercept-url pattern="/**" access="permitAll" /> </http> <!-- Configure Authentication mechanism --> <authentication-manager alias="authenticationManager"> <!-- SHA-256 values can be produced using 'echo -n your_desired_password | sha256sum' (using normal *nix environments) --> <authentication-provider> <jdbc-user-service data-source-ref="dataSource" users-by-username-query="select username,password, enabled from users where username=?" authorities-by-username-query="select u.username, ur.authority from users u, user_roles ur where u.user_id = ur.user_id and u.username =? " /> </authentication-provider> </authentication-manager> </beans:beans>
