小编Dav*_*sta的帖子

Spring Security - @PreAuthorize 返回 404

当我使用 Spring Method Security 时，我目前遇到一个奇怪的问题， @PreAuthorize("hasRole('MODERATOR')")

如果用户尝试访问需要“MODERATOR”角色的控制器，则资源将被返回，并且一切都很好（如果用户实际上具有该角色）。但是，如果用户不具有此角色，服务器将返回 404 - Not Found。这很奇怪，因为我预计服务器会返回其他内容，也许是 403 Forbidden？知道为什么会发生这种情况吗？这是我的安全配置：

@EnableWebSecurity
@Order(2)
public class WebSecurity extends WebSecurityConfigurerAdapter {

    private final UserDetailsService userDetailsService;
    private final BCryptPasswordEncoder bCryptPasswordEncoder;

    public WebSecurity(UserDetailsService userDetailsService, BCryptPasswordEncoder bCryptPasswordEncoder) {
        super();
        this.userDetailsService = userDetailsService;
        this.bCryptPasswordEncoder = bCryptPasswordEncoder;
    }

    @Override
    protected void configure(HttpSecurity http) throws Exception {
        http
                .antMatcher("/api/**")
                .cors()
                .and()
                .csrf().disable()
                .authorizeRequests()
                .antMatchers("/**").permitAll()
                .anyRequest().authenticated()
                .and()
                .addFilter(new JWTAuthenticationFilter(authenticationManager()))
                .addFilter(new JWTAuthorizationFilter(authenticationManager()))
                .sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS); 
    }

    @Override
    protected void configure(AuthenticationManagerBuilder auth) throws Exception {
        auth.userDetailsService(userDetailsService).passwordEncoder(bCryptPasswordEncoder);
    }

    @Bean 
    CorsConfigurationSource corsConfigurationSource() { …

Run Code Online (Sandbox Code Playgroud)

java security spring

Dav*_*sta

lucky-day

6
推荐指数

2
解决办法

3099
查看次数

ControlValueAccessor 未检测到更改 - Angular 2

我已经实现了 ControlValueAccessor，如我正在关注的教程中所示。但是，我实现 controlvalueaccessor 的组件似乎没有检测到 ngModel 的任何更改。我错过了什么？

import { Component, OnInit, forwardRef } from '@angular/core';
import { ControlValueAccessor, NG_VALUE_ACCESSOR } from '@angular/forms';

@Component({
    selector: 'app-counter',
    templateUrl: './counter.component.html',
    styleUrls: ['./counter.component.css'],
    providers: [
        {
            provide: NG_VALUE_ACCESSOR,
            useExisting: forwardRef(() => CounterComponent),
            multi: true
        }
    ]
})
export class CounterComponent implements OnInit, ControlValueAccessor {

    constructor() { }

    counterValue = 0;

    writeValue(value: any) {
        console.log('writeValue: ', value);
    }

    registerOnChange(fn: any) {
        console.log('on change: ', fn);
    }

    registerOnTouched(fn: any) {
        console.log('on touch: ', fn);
    }

    increment() { …

Run Code Online (Sandbox Code Playgroud)

angular

Dav*_*sta

2018 01-09

5
推荐指数

1
解决办法

2739
查看次数