这是我的Spring Boot 1.5.1执行器application.properties:
#Spring Boot Actuator
management.contextPath: /actuator
management.security.roles=R_0
这是我的WebSecurityConfig:
@Configuration
@EnableWebSecurity
public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
@Autowired
private UserDetailsService userDetailsService;
@Value("${logout.success.url}")
private String logoutSuccessUrl;
@Override
protected void configure(HttpSecurity http) throws Exception {
// @formatter:off
http.addFilterBefore(new CorsFilter(), ChannelProcessingFilter.class);
http
.csrf().ignoringAntMatchers("/v1.0/**", "/logout")
.and()
.authorizeRequests()
.antMatchers("/oauth/authorize").authenticated()
//Anyone can access the urls
.antMatchers("/signin/**").permitAll()
.antMatchers("/v1.0/**").permitAll()
.antMatchers("/auth/**").permitAll()
.antMatchers("/actuator/health").permitAll()
.antMatchers("/actuator/**").hasAuthority("R_0")
.antMatchers("/login").permitAll()
.anyRequest().authenticated()
.and()
.formLogin()
.loginPage("/login")
.loginProcessingUrl("/login")
.failureUrl("/login?error=true")
.usernameParameter("username")
.passwordParameter("password")
.permitAll()
.and()
.logout()
.logoutUrl("/logout")
.logoutSuccessUrl(logoutSuccessUrl)
.permitAll();
// @formatter:on
}
/**
* Configures …java spring spring-security spring-boot spring-boot-actuator
我使用Docker和https://github.com/fabric8io/docker-maven-plugin进行集成测试.
在我的Windows 10(更新到Windows 10 1709之后)机器上,我的Maven 3.5.0构建面临以下错误:
[ERROR] Failed to execute goal org.apache.maven.plugins:maven-failsafe-plugin:2.20.1:verify (default) on project api: There are test failures.
[ERROR]
[ERROR] Please refer to D:\Projects\example\api\target\failsafe-reports for the individual test results.
[ERROR] Please refer to dump files (if any exist) [date]-jvmRun[N].dump, [date].dumpstream and [date]-jvmRun[N].dumpstream.
[ERROR] org.apache.maven.surefire.booter.SurefireBooterForkException: The forked VM terminated without properly saying goodbye. VM crash or System.exit called?
[ERROR] Command was cmd.exe /X /C "c:\Java\jdk1.8.0_152\jre\bin\java -jar C:\Users\ALEXAN~1\AppData\Local\Temp\surefire1232565117555778729\surefirebooter3745527118196863348.jar C:\Users\Alexander\AppData\Local\Temp\surefire1232565117555778729 2017-10-19T16-45-23_780-jvmRun1 surefire4633356271541422594tmp surefire_169922891955689988tmp"
[ERROR] Error …我在 PostgreSQL 数据库中有大约 10TB 的数据。我需要将此数据导出到 AWS S3 存储桶中。
我知道如何导出到本地文件,例如:
CONNECT DATABASE_NAME;
COPY (SELECT (ID, NAME, ADDRESS) FROM CUSTOMERS) TO ‘CUSTOMERS_DATA.CSV WITH DELIMITER '|' CSV;
但我没有 10TB 大小的本地驱动器。
如何直接导出到 AWS S3 存储桶?
我有以下maven配置:
<resources>
<resource>
<directory>src/main/resources</directory>
<filtering>true</filtering>
<excludes>
<exclude>keystore.jks</exclude>
</excludes>
</resource>
</resources>
我想要keystore.jks包含在我的类/ war应用程序中,但不要由Maven过滤处理.
如何更改此配置?
在我的openSUSE Leap 42.3服务器上,在嵌入式Tomcat服务器上的Spring Boot 2.0.0.M6应用程序启动期间,我在日志中看到以下错误:
ERROR 30471 --- [main] o.a.catalina.core.AprLifecycleListener: An incompatible version [1.1.34] of the APR based Apache Tomcat Native library is installed, while Tomcat requires version [1.2.14]
你可以解释一下应该在那里修复什么(以及在哪里)以避免这个错误?
我使用Maven,docker-maven-plugin和Spring Boot。现在,我遇到以下问题:
[INFO] BUILD FAILURE
[INFO] ------------------------------------------------------------------------
[INFO] Total time: 03:08 min
[INFO] Finished at: 2018-03-30T20:31:08+03:00
[INFO] Final Memory: 76M/1162M
[INFO] ------------------------------------------------------------------------
[ERROR] Failed to execute goal org.apache.maven.plugins:maven-failsafe-plugin:2.20.1:verify (default) on project domain: There are test failures.
[ERROR]
[ERROR] Please refer to D:\Projects\decisionwanted\domain\target\failsafe-reports for the individual test results.
[ERROR] Please refer to dump files (if any exist) [date]-jvmRun[N].dump, [date].dumpstream and [date]-jvmRun[N].dumpstream.
[ERROR] org.apache.maven.surefire.booter.SurefireBooterForkException: The forked VM terminated without properly saying goodbye. VM crash or System.exit called?
[ERROR] Command was cmd.exe /X …我可以使用启用/禁用整个@RestController功能@ConditionalOnProperty,例如:
@RestController
@ConditionalOnProperty(name = "com.example.api.controller.decision.DecisionController.enabled", havingValue = "true")
@RequestMapping("/v1.0/decisions")
public class DecisionController {
}
以下配置可以正常工作。但是我需要对此控制器进行更细粒度的控制,并启用/禁用对其中某些方法的访问,例如:
@RestController
@ConditionalOnProperty(name = "com.example.api.controller.decision.DecisionController.enabled", havingValue = "true")
@RequestMapping("/v1.0/decisions")
public class DecisionController {
@ConditionalOnProperty(name = "com.example.api.controller.decision.DecisionController.create.enabled", havingValue = "true")
@PreAuthorize("isAuthenticated()")
@RequestMapping(method = RequestMethod.POST)
public DecisionResponse create(@Valid @RequestBody CreateDecisionRequest request, Authentication authentication) {
...
}
}
如您所见,我已添加@ConditionalOnProperty到createmethod中,但这种方法不起作用,即使启用DecisionController了该create方法,即使com.example.api.controller.decision.DecisionController.create.enabledmy中没有属性也可以启用该方法application.properties。
create在这种情况下如何正确启用/禁用方法?
我计划在AngularJS上使用Spring RESTful API后端和客户端创建应用程序.
我想通过Google OAuth2授权服务器保护我的Spring RESTful API.
我有一个架构问题:
在Google成功授权后,我会从Google OAuth2授权服务器收到accessToken.我是否需要将此accessToken传输到我的客户端应用程序(AngularJS),或者我需要在我的后端应用程序中引入一些自己的安全层(例如使用JWT)并基于Google accessToken发布自己的jwtToken并仅将此令牌传输到我的客户端应用?
换句话说 - 将Google的accessToken显示给我的客户端AngularJS应用并将其用于我自己的RESTful API中的身份验证是否安全?
另外,在我的RESTful API的情况下,我是否需要在从客户端应用程序(AngularJS)到我的安全RESTful API的每次调用之后使用Google Auth服务器验证Google accessToken?
在我的Spring Boot/Data/JPA应用程序中,我有一个以下实体:
@Entity
@NamedEntityGraph(name = "graph.User", attributeNodes = { @NamedAttributeNode("authorities") })
@Table(name = "users")
public class User extends BaseEntity implements UserDetails {
private static final long serialVersionUID = 8884184875433252086L;
@Id
@SequenceGenerator(name = "users_id_seq", sequenceName = "users_id_seq", allocationSize = 1)
@GeneratedValue(strategy = GenerationType.AUTO, generator = "users_id_seq")
private Long id;
...
@JsonIgnore
@ManyToMany(fetch = FetchType.LAZY)
@JoinTable(name = "users_authorities", joinColumns = { @JoinColumn(name = "user_id") }, inverseJoinColumns = { @JoinColumn(name = "authority_id") })
private Set<Authority> authorities = new HashSet<Authority>();
}
这是我的春天AuthenticationService: …
在我的 Spring Bott 应用程序中,我使用授权/资源服务器配置了自己的 OAuth2。
我已经实现了以下 JwtAccessTokenConverter:
@Bean
public JwtAccessTokenConverter accessTokenConverter() {
JwtAccessTokenConverter converter = new JwtAccessTokenConverter() {
@Override
public OAuth2AccessToken enhance(OAuth2AccessToken accessToken, OAuth2Authentication authentication) {
DBUserDetails user = (DBUserDetails) authentication.getUserAuthentication().getPrincipal();
final Map<String, Object> additionalInfo = new HashMap<>();
additionalInfo.put("user_id", user.getUser().getId());
((DefaultOAuth2AccessToken) accessToken).setAdditionalInformation(additionalInfo);
OAuth2AccessToken enhancedToken = super.enhance(accessToken, authentication);
return enhancedToken;
}
};
converter.setSigningKey("123");
DefaultAccessTokenConverter accessTokenConverter = new DefaultAccessTokenConverter();
DefaultUserAuthenticationConverter userTokenConverter = new DefaultUserAuthenticationConverter();
userTokenConverter.setUserDetailsService(userDetailsService);
accessTokenConverter.setUserTokenConverter(userTokenConverter);
converter.setAccessTokenConverter(accessTokenConverter);
return converter;
}
现在我的应用程序生成以下令牌,例如:
eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1c2VyX2lkIjoxNzgzNTEsInVzZXJfbmFtZSI6ImFkbWluIiwic2NvcGUiOlsicmVhZCIsIndyaXRlIl0sImV4cCI6MTQ3NTA5NDA4NSwiYXV0aG9yaXRpZXMiOlsiUEVSTUlTU0lPTl9ERUxFVEVfT1dOX0NSSVRFUklPTiIsIlBFUk1JU1NJT05fREVMRVRFX09XTl9DT01NRU5UIiwiUEVSTUlTU0lPTl9VUERBVEVfT1dOX0NSSVRFUklPTiIsIlBFUk1JU1NJT05fVVBEQVRFX0FOWV9DUklURVJJT04iLCJQRVJNSVNTSU9OX0RFTEVURV9PV05fQ1JJVEVSSU9OX0dST1VQIiwiUEVSTUlTU0lPTl9ERUxFVEVfQU5ZX0RFQ0lTSU9OIiwiUEVSTUlTU0lPTl9DUkVBVEVfVk9URSIsIlBFUk1JU1NJT05fREVMRVRFX0FOWV9DUklURVJJT04iLCJQRVJNSVNTSU9OX0NSRUFURV9DUklURVJJT05fR1JPVVAiLCJQRVJNSVNTSU9OX0RFTEVURV9PV05fREVDSVNJT04iLCJQRVJNSVNTSU9OX0NSRUFURV9ERUNJU0lPTiIsIlBFUk1JU1NJT05fREVMRVRFX0FOWV9DUklURVJJT05fR1JPVVAiLCJQRVJNSVNTSU9OX0RFTEVURV9BTllfVk9URSIsIlBFUk1JU1NJT05fREVMRVRFX09XTl9WT1RFIiwiUEVSTUlTU0lPTl9VUERBVEVfT1dOX0NSSVRFUklPTl9HUk9VUCIsIlBFUk1JU1NJT05fVVBEQVRFX0FOWV9DUklURVJJT05fR1JPVVAiLCJQRVJNSVNTSU9OX1VQREFURV9BTllfQ09NTUVOVCIsIlBFUk1JU1NJT05fVVBEQVRFX09XTl9DT01NRU5UIiwiUEVSTUlTU0lPTl9VUERBVEVfQU5ZX0RFQ0lTSU9OIiwiUEVSTUlTU0lPTl9BUFBFTkRfREVDSVNJT04iLCJQRVJNSVNTSU9OX1VQREFURV9PV05fVk9URSIsIlBFUk1JU1NJT05fVVBEQVRFX0FOWV9WT1RFIiwiUEVSTUlTU0lPTl9ERUxFVEVfQU5ZX0NPTU1FTlQiLCJQRVJNSVNTSU9OX1VQREFURV9PV05fREVDSVNJT04iLCJQRVJNSVNTSU9OX0NSRUFURV9DT01NRU5UIiwiUEVSTUlTU0lPTl9DUkVBVEVfQ1JJVEVSSU9OIiwiUEVSTUlTU0lPTl9SRUFEX0FDVFVBVE9SX0RBVEEiXSwianRpIjoiMWU3OGMzMGYtNTY0ZS00NjliLWE1MmMtODlhOGM4YzFiZmY2IiwiY2xpZW50X2lkIjoiZGVjaXNpb253YW50ZWRfY2xpZW50X2lkIn0.Cnj_7b3FAanmL0Y-_kxcH2f4yjLFHOw-4NOVr67WZ88
这个令牌可以在这里使用 JWT 调试器解码https://jwt.io/
我不想将此令牌的内部结构暴露给外部世界,并希望以某种方式对此令牌进行编码。
如何使用 Spring Boot、OAuth2、JWT 实现?
spring spring-security jwt spring-boot spring-security-oauth2
java ×5
spring-boot ×5
spring ×4
maven ×3
docker ×2
windows-10 ×2
amazon-s3 ×1
angularjs ×1
apr ×1
jpa ×1
jwt ×1
oauth2 ×1
postgresql ×1
rest ×1
spring-data ×1
tomcat ×1
tomcat8 ×1