Dan*_*use 4 spring-security spring-boot spring-boot-actuator
我有一个使用 spring boot 2、执行器和 spring 安全性的宁静 Web 应用程序。
在进行一些测试时,我正在检查 /httptrace 路径并意识到主体返回为 null。我很困惑为什么会这样,因为当我调试日志SecurityContextHolder.getContext().getAuthentication().getPrincipal()我取回我的 Application 对象,它实现了 UserDetails。
所以我很好奇为什么当我有一个委托人时,委托人会以 null 的形式返回。如果我可以提供更多详细信息来帮助解决此问题,请在评论中告诉我,我会将它们包括在内。
{
"traces":[
{
"timestamp":"2019-06-19T16:14:33.252994100Z",
"principal":null,
"session":null,
"request":{
"method":"GET",
"uri":"http://localhost:8080/api/ims/oneroster/v1p1/orgs",
"headers":{
"cookie":[
"JSESSIONID=095BD749...."
],
"postman-token":[
"54c241d7-8810-459c-b62a-bd64e9c73e9f"
],
"host":[
"localhost:8080"
],
"connection":[
"keep-alive"
],
"cache-control":[
"no-cache"
],
"accept-encoding":[
"gzip, deflate"
],
"user-agent":[
"PostmanRuntime/7.15.0"
],
"accept":[
"*/*"
]
},
"remoteAddress":null
},
"response":{
"status":"200",
"headers":{
"X-Frame-Options":[
"DENY"
],
"Transfer-Encoding":[
"chunked"
],
"Cache-Control":[
"no-cache, no-store, max-age=0, must-revalidate"
],
"X-Content-Type-Options":[
"nosniff"
],
"Pragma":[
"no-cache"
],
"Expires":[
"0"
],
"X-XSS-Protection":[
"1; mode=block"
],
"Date":[
"Wed, 19 Jun 2019 16:14:33 GMT"
],
"Content-Type":[
"application/json;charset=UTF-8"
]
}
},
"timeTaken":"389"
}
]
}
Run Code Online (Sandbox Code Playgroud)
小智 5
默认情况下,Spring Actuator HTTP 跟踪仅包括值的子集。您必须配置 Spring以包含原则,例如:
management.trace.http.include=principal,request-headers,response-headers,cookie-headers,time-taken,authorization-header,remote-address,session-id
Run Code Online (Sandbox Code Playgroud)
| 归档时间: |
|
| 查看次数: |
738 次 |
| 最近记录: |