我在我的REST应用程序中使用Java 8,Spring MVC 4,Spring Boot和Gradle.
我想通过某些Spring MVC 4控制器中的自定义方法注释为我的REST应用程序添加安全性.
这是一个基本的例子.
HomeController.java
package myapp;
import org.springframework.web.bind.annotation.RestController;
import org.springframework.web.bind.annotation.RequestMapping;
@RestController
@RequestMapping("/")
public class HomeController {
@RequestMapping("/")
public String index() {
return "<h1>Hello, World!</h1><p>Lorem Ipsum Lorem Ipsum Lorem Ipsum Lorem Ipsum Lorem Ipsum Lorem Ipsum</p>";
}
@CustomSecurityAnnotation
@RequestMapping("/secure")
public String secure() {
return "<h1>Secured!</h1><p>Lorem Ipsum Lorem Ipsum Lorem Ipsum Lorem Ipsum Lorem Ipsum Lorem Ipsum</p>";
}
}
我想CustomSecurityAnnotation运行一个自定义方法,它将检查传入REST请求的标头,查看HTTP标头Authorization,提取所提供的值(如果提供了一个),并在允许该方法之前对该值运行代码以验证请求继续.如果授权无效,注释应该能够覆盖响应并提供HTTP 401或403,并且如果我决定成功传递注释自定义方法,则允许注释下的方法运行.
我意识到我可以使用类似的东西PreAuthorize和其他MVC注释,但我正在寻找在单个注释内的方法中打包自定义逻辑,以便在我选择的任何控制器上的任何方法上使用.
谢谢!
我正在研究 jq 过滤和结果输出,以输出到另一个接受 JSON 有效负载的程序中。考虑以下示例:
输入:
My-MBP:myorg myname$ aws ec2 describe-snapshots --owner-id 12345678 | jq '.Snapshots[] | select(.Description | contains("myorg-database-b"))'
结果:
{
"Description": "myorg-database-b redacted",
"Encrypted": false,
"VolumeId": "vol-1234",
"State": "completed",
"VolumeSize": 500,
"StartTime": "2018-08-28T17:52:14.000Z",
"Progress": "100%",
"OwnerId": "12345678",
"SnapshotId": "snap-2424"
}
{
"Description": "myorg-database-b redacted",
"Encrypted": false,
"VolumeId": "vol-23456",
"State": "completed",
"VolumeSize": 500,
"StartTime": "2018-08-28T19:01:18.000Z",
"Progress": "100%",
"OwnerId": "12345678",
"SnapshotId": "snap-5535"
}
无论我尝试做什么,我都无法jq打印有效的 JSON,以便将其通过管道传输到另一个程序中。
来自 AWS 的原始 JSON 是一个对象数组,为什么我无法取回有效的对象数组?我在这里做错了什么吗?
以下是 AWS 负载在通过管道输入之前的样子jq:
{
"Snapshots": [ …我正在编写一个Java Spring MVC 4 REST应用程序,它将位于前端设备(网站,移动应用程序等)和数据库之间.我在下面的代码将为每个请求创建一个新会话(因为REST是无状态的),查看请求的Authorization标头,并确认令牌有效并请求经过身份验证.
当用户请求没有有效令牌的安全方法时,我希望将未经授权的请求从500 Access Is Denied消息重定向到401 Unauthorized消息.
这就是我到目前为止所拥有的.
AccessDeniedHandler:
public class Unauthorized401AccessDeniedHandler implements AccessDeniedHandler {
@Override
public void handle(HttpServletRequest request, HttpServletResponse response,
AccessDeniedException accessDeniedException)
throws IOException, ServletException {
response.setStatus(401);
}
}
WebSecurityConfigurerAdapter:
@Configuration
@EnableGlobalMethodSecurity(prePostEnabled = true)
@EnableWebSecurity
public class SecurityConfig extends WebSecurityConfigurerAdapter {
@Override
protected void configure(HttpSecurity http) throws Exception {
http
.sessionManagement()
.sessionCreationPolicy(SessionCreationPolicy.STATELESS)
.and()
.exceptionHandling()
.accessDeniedHandler(new Unauthorized401AccessDeniedHandler());
}
}
过滤:
public class SecurityFilter implements Filter {
final static Logger logger = Logger.getLogger(SecurityFilter.class);
@Override
public void doFilter(ServletRequest …我正在使用Windows 10使用Docker for Windows开发Linux应用程序。我也在使用docker-compose。当我尝试从Windows Robo 3T客户端连接到香草MongoDB 4.1映像时,出现此异常错误。
docker-compose.yml
version: "3"
services:
myapp-db:
image: mongo:4.1
ports:
- 27017:27017
networks:
- myapp-net
volumes:
- vol-myapp-db:/data/db
restart: always
networks:
myapp-net:
volumes:
vol-myapp-db:
当我运行此配置时,只有在尝试与Robo3T连接时才会出现以下错误。
标准输出:
$ docker-compose up --build
myapp-db_1 | 2019-02-16T02:59:05.825+0000 I NETWORK [listener] connection accepted from 172.18.0.1:42622 #1 (1 connection now open)
myapp-db_1 | 2019-02-16T02:59:05.826+0000 I NETWORK [conn1] received client metadata from 172.18.0.1:42622 conn1: { application: { name: "robo3t" }, driver: { name: "MongoDB Internal Client", version: "3.4.3-10-g865d2fb" }, os: { type: …我正在创建一个 mongodb docker 映像,其中包含我的组织主数据库的备份生产数据。但是,当我尝试向上推此图像时,我遇到了此错误。
[root@ip-1-2-3-4 inf-tool-docker-mongo]# docker push 1234567.dkr.ecr.us-east-1.amazonaws.com/inf-data-mongo:2.6-latest
The push refers to repository [1234567.dkr.ecr.us-east-1.amazonaws.com/inf-data-mongo]
e429ba9ffbf8: Pushing [==================================================>] 87.35GB/87.35GB
fbd84d2027f9: Pushing [==================================================>] 87.35GB/87.35GB
4f8f8804b65d: Pushed
140b510fa705: Pushed
a2f3704a5dbf: Pushed
c362c0ad1002: Pushed
16817a92834f: Pushed
5a637bac3303: Pushed
32f938d6fb4c: Pushed
70d8dfa3043e: Pushed
denied: Adding this part to the layer with upload id '1234567890-12345-12345-123456-12345' in the repository with name 'inf-data-mongo' in registry with id '1234567890' exceeds the maximum allowed size of a layer which is '10737418240'
我的图像大小约为 85GB-100GB,因为其中包含大量数据。Docker 映像运行良好,但当我将其推送到 AWS ECR 时,出现此错误。
我在这里看到了服务限制页面:
https://docs.aws.amazon.com/AmazonECR/latest/userguide/service_limits.html …
我想为 v17 创建一个 HapiJS 插件,以将一些自定义标头附加到响应中,用于 cors 但应该无关紧要。
const cors = {
name: 'cors',
version: '1.0.0',
async register(server) {
logger.debug('Initiating CORS internal plugin...');
const { port } = server;
originPort = port;
server.ext('onPreResponse', async (request, h) => {
return h
.response()
.header('Access-Control-Allow-Origin', resOrigin)
.header('Access-Control-Allow-Methods', 'GET,POST,PUT,DELETE')
.header('Access-Control-Allow-Headers', 'Content-Type, X-Requested-With, Authorization')
.header('Access-Control-Allow-Credentials', 'true')
.header('Access-Control-Max-Age', 1728000);
});
},
};
这是我到目前为止所拥有的。我认为这是不对的,因为我收到了错误。
我也试过:
server.ext('onPreResponse', async (request, h) => {
const { response } = request;
response.header('Access-Control-Allow-Origin', resOrigin);
response.header('Access-Control-Allow-Methods', 'GET,POST,PUT,DELETE');
response.header('Access-Control-Allow-Headers', 'Content-Type, X-Requested-With, Authorization');
response.header('Access-Control-Allow-Credentials', 'true');
response.header('Access-Control-Max-Age', …我正在使用 Golang 和 time.Time 将给定字符串解析为时间对象。
使用 RFC3339,time.Parse这是我的代码示例:
t, err := time.Parse(time.RFC3339, "2020-08-08T00:22:44Z07:00")
if err != nil {
return nil, err
}
我收到以下错误。
当我包括时区偏移时,我得到:
ERRO[0002] parsing time "2020-08-08T00:22:44Z07:00": extra text: 07:00
当我不包括时区偏移时,我得到:
ERRO[0002] parsing time "2020-08-08T00:15:36" as "2006-01-02T15:04:05Z07:00": cannot parse "" as "Z07:00"
将时间解析为结构化对象时如何避免此问题?