小编Sho*_*lah的帖子

我有一个sendGetREST方法来发送一些URL endpoint并获得响应:

@Component
public class HttpURLCommand {
    private static Logger logger = Logger.getLogger(HttpURLCommand.class);

public String sendGetREST(String soapUrl, Object[] parameters) throws IOException{
        final String SOAP_URL = MessageFormat.format(soapUrl, parameters);
        RestTemplate restTemplate = new RestTemplate();
        ResponseEntity<String> response = restTemplate.getForEntity(SOAP_URL, String.class);

    logger.info("status code is: "+response.getStatusCode());
    if(response.getStatusCode().equals(HttpStatus.OK)){
        logger.info("send success");
        return response.getBody();
    }
    else {
        logger.info("send failed");
        return null;
    }

  }
}

哪个运作良好.但是,为了使超时时间可以自定义,我HTTPConfiguration在本教程中有这个:

@Configuration
public class HTTPConfiguration {

@Bean
public RestTemplate restTemplate() {
    return new RestTemplate(clientHttpRequestFactory());
}

private …

我有一个使用 Spring 安全性的 SpringBoot 应用程序，但我想在身份验证而不是授权上对其进行自定义。我已成功登录，但我不知道我必须将注销操作放在哪里。以下是我的一些代码： 1. 控制器：

    @RequestMapping(value={"/login"}, method=RequestMethod.GET)
    public ModelAndView login(){

    return new ModelAndView("pages/login");

    }

2. 网络安全配置

   @Configuration
   @EnableWebSecurity
   @EnableGlobalMethodSecurity(prePostEnabled = true)
   public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
       private @Autowired CustomAuthenticationProvider authenticationManager;
       @Override
       protected void configure(HttpSecurity http) throws Exception {
           http
           .authorizeRequests()
               .anyRequest()
                   .authenticated()
               .and()
               .formLogin()
                   .usernameParameter("username")
                   .passwordParameter("password")
                   .failureUrl("/login?error")
                   .defaultSuccessUrl("/")
                   .loginPage("/login")
                   .permitAll()
               .and()
                   .logout()
                   .logoutRequestMatcher(
                           new AntPathRequestMatcher("/login?logout")
                   ).logoutSuccessUrl("/login").permitAll()
               .and()
               .csrf().disable();
       }
   
       @Autowired
       @Override
       protected void configure(AuthenticationManagerBuilder auth) throws Exception {
         auth.authenticationProvider( authenticationManager );
       }
   
       @Bean
       protected AuthenticationProvider getServicesAuthenticationProvider() {
       //stackoverflow.com/questions/22453550/custom-authentication-provider-not-being-called/22457561#22457561 …

   Run Code Online (Sandbox Code Playgroud)