那些遇到过的问题

小编Raj*_*ani的帖子

Spring Security在安全注释配置中排除了url模式

我有使用java配置方法配置Spring安全性的Spring Web应用程序.我想从身份验证中排除一些URL模式(例如:静态资源等).我之前使用spring security xml config做了这个,但是无法弄清楚java配置,因为添加antmatchers没有帮助.

以下是我在扩展WebSecurityConfigurerAdapter的安全配置类中添加的代码

@Override
public void configure(HttpSecurity http) throws Exception {
    http.authorizeRequests()
            .antMatchers("/authFailure")
            .permitAll()
            .anyRequest()
            .authenticated()
            .and()
            .httpBasic()
            .and()
            .authenticationProvider(_provider)
            .sessionManagement()
            .sessionCreationPolicy(SessionCreationPolicy.STATELESS)
            .and()
            .addFilter(authFilter())
            .addFilterAfter(executionContextFilter(),
                    TokenBasedSecurityFilter.class).csrf().disable();
}
Run Code Online (Sandbox Code Playgroud)

我使用的弹簧安全版本是3.2.0.在此先感谢您的帮助

编辑:

我在点击排除的网址时得到的堆栈跟踪,

org.springframework.security.authentication.AuthenticationServiceException: Authorization Header is not available in the request
    at com.inventory.ricemill.tba.spring.TokenBasedSecurityFilter.doFilter(TokenBasedSecurityFilter.java:59)
    at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342)
    at org.springframework.security.web.authentication.logout.LogoutFilter.doFilter(LogoutFilter.java:110)
    at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342)
    at org.springframework.security.web.header.HeaderWriterFilter.doFilterInternal(HeaderWriterFilter.java:57)
    at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107)
    at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342)
    at org.springframework.security.web.context.SecurityContextPersistenceFilter.doFilter(SecurityContextPersistenceFilter.java:87)
    at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342)
    at org.springframework.security.web.context.request.async.WebAsyncManagerIntegrationFilter.doFilterInternal(WebAsyncManagerIntegrationFilter.java:50)
    at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107)
    at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342)
    at org.springframework.security.web.FilterChainProxy.doFilterInternal(FilterChainProxy.java:192)
    at org.springframework.security.web.FilterChainProxy.doFilter(FilterChainProxy.java:160)
    at org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:343)
    at org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:260)
    at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:243)
    at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:210)
    at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:222) …
Run Code Online (Sandbox Code Playgroud)

spring spring-mvc spring-security basic-authentication

Raj*_*ani
2015 01-12
27
推荐指数
5
解决办法
10万
查看次数

正确释放I/O资源

我想知道什么是释放文件资源/句柄的最佳/适当方式.

传统代码,

BufferredInputStream stream = null
try{
  ----
  stream = new BufferredInputStream(new FileInputStream());
  ----
} finally{
  if(stream != null){
    stream.close()
  }
Run Code Online (Sandbox Code Playgroud)

}

通过BufferredInputStream.close单独关闭来释放文件句柄,还是需要stream(i.e. FileInputStream.close())显式调用底层文件句柄.

P.S. Javadoc for [FilterOutputStream.close]method指定它也将显式关闭基础流.但其他流似乎在文档中没有这个.

[FilterOutputStream.close]: http://docs.oracle.com/javase/1.4.2/docs/api/java/io/FilterOutputStream.html#close%28%29
Run Code Online (Sandbox Code Playgroud)

请指教.提前致谢.

java io file

Raj*_*ani
2012 12-26
6
推荐指数
1
解决办法
238
查看次数

从XSD生成枚举时,JaxB添加undescore(_)

我使用maven JaxB插件从XSD生成源。

插件的详细信息如下,

<groupId>org.jvnet.jaxb2.maven2</groupId>
<artifactId>maven-jaxb2-plugin</artifactId>
<version>0.8.3</version>
Run Code Online (Sandbox Code Playgroud)

XSD中定义的枚举有两个值,

<simpleType name="MyEnum">
    <restriction base="xsd:string">
        <enumeration value="SimpleText" />
        <enumeration value="ComplexText" />
    </restriction>
</simpleType>
Run Code Online (Sandbox Code Playgroud)

生成的代码在枚举值的工作边界之间添加下划线。例如:“ SimpleText”在枚举中为SIMPLE_TEXT。

生成的代码,

@XmlType(name = "MyEnum")
@XmlEnum
public enum MyEnum {

   @XmlEnumValue("SimpleText")
   SIMPLE_TEXT("SimpleText"),
   @XmlEnumValue("ComplexText")
   COMPLEX_TEXT("ComplexText");
   private final String value;

   MyEnum(String v) {
      value = v;
   }

   public String value() {
      return value;
   }

   public static MyEnum fromValue(String v) {
      for (MyEnum c: MyEnum.values()) {
          if (c.value.equals(v)) {
              return c;
          }
      }
      throw new IllegalArgumentException(v);
   }
Run Code Online (Sandbox Code Playgroud)

}

当枚举在不同位置用下划线分隔相同文本时,会出现此问题。例如

<simpleType name="MyEnum">
    <restriction base="xsd:string"> …
Run Code Online (Sandbox Code Playgroud)

xml enums xsd jaxb maven-jaxb2-plugin

Raj*_*ani
2015 09-17
3
推荐指数
1
解决办法
2046
查看次数

字符串连接不适用于逗号字符

bash脚本上的字符串连接对逗号","字符不起作用.

A="Hello";
B=",World";
C=$A$B
echo $C;
Run Code Online (Sandbox Code Playgroud)

它将输出打印为

你好,世界

Bash版本是:

GNU bash, version 4.1.2(1)-release (x86_64-redhat-linux-gnu)
Run Code Online (Sandbox Code Playgroud)

相同的代码似乎在这里工作

bash string-concatenation

Raj*_*ani
2015 05-02
2
推荐指数
1
解决办法
3453
查看次数

标签 统计

bash ×1

basic-authentication ×1

enums ×1

file ×1

io ×1

java ×1

jaxb ×1

maven-jaxb2-plugin ×1

spring ×1

spring-mvc ×1

spring-security ×1

string-concatenation ×1

xml ×1

xsd ×1