MrN*_*NVK 8 java spring spring-boot
我有几个文件夹,/static/img/**我需要为其中一些添加拦截器来检查用户权限.我之前使用过拦截器并以这种方式添加它们:
@SpringBootApplication
@EnableTransactionManagement
public class Application extends WebMvcConfigurerAdapter {
...
@Override
public void addResourceHandlers(ResourceHandlerRegistry registry) {
registry
.addResourceHandler("/static/**")
.addResourceLocations("classpath:/static/");
}
@Bean
public AuthHeaderInterceptor authHeaderInterceptor() {
return new AuthHeaderInterceptor();
}
@Bean
public AuthCookieInterceptor authCookieInterceptor() {
return new AuthCookieInterceptor();
}
@Override
public void addInterceptors(InterceptorRegistry registry) {
registry
.addInterceptor(authHeaderInterceptor())
.addPathPatterns(REST_URL)
.excludePathPatterns(
new String[] {
REST_SECURITY_URL,
REST_SETTINGS_URL,
REST_REPORTS_URL
}
);
registry
.addInterceptor(authCookieInterceptor())
.addPathPatterns(REST_REPORTS_URL);
}
}
一切都适用于休息控制器及其URL,但现在我需要保护一些静态资源,我添加了这个:
@SpringBootApplication
@EnableTransactionManagement
public class Application extends WebMvcConfigurerAdapter {
...
@Bean
public RoleAdminInterceptor roleAdminInterceptor() {
return new RoleAdminInterceptor();
}
@Override
public void addInterceptors(InterceptorRegistry registry) {
registry
.addInterceptor(authHeaderInterceptor())
.addPathPatterns(REST_URL)
.excludePathPatterns(
new String[] {
REST_SECURITY_URL,
REST_SETTINGS_URL,
REST_REPORTS_URL
}
);
//THIS NOT WORK
registry
.addInterceptor(roleAdminInterceptor())
.addPathPatterns("/static/img/admin/**");
registry
.addInterceptor(authCookieInterceptor())
.addPathPatterns(REST_REPORTS_URL);
}
}
注释行不起作用.当我发送请求/static/img/admin/test.png RoleAdminInterceptor从未被呼叫.
我做错了什么?
我认为在这种情况下,您可以使用 Spring Security 的过滤器而不是拦截器,因为您甚至可以在访问拦截器之前就在流程中更早地验证访问,除非有特定的用例需要在此处使用拦截器。
关于这两者之间差异的一些主题: filters-vs-interceptor
| 归档时间: |
|
| 查看次数: |
1122 次 |
| 最近记录: |