那些遇到过的问题

小编tec*_*ner的帖子

Spring Security排除自定义筛选器上的URL 

@SuppressWarnings("SpringJavaAutowiringInspection")
@Configuration
@EnableWebSecurity
public class WebSecurityConfig extends WebSecurityConfigurerAdapter {

   @Autowired
   private JwtAuthenticationEntryPoint unauthorizedHandler;

   @Autowired
   private UserDetailsService userDetailsService;

   @Autowired
   public void configureAuthentication(AuthenticationManagerBuilder
      authenticationManagerBuilder) throws Exception {
      authenticationManagerBuilder.userDetailsService(userDetailsService);
   }

   @Bean
   public JwtAuthenticationTokenFilter authenticationTokenFilterBean() throws Exception {
      return new JwtAuthenticationTokenFilter();
   }

   @Override
   protected void configure(HttpSecurity httpSecurity) throws Exception {
      httpSecurity
         .csrf().disable()
         .exceptionHandling()
             .authenticationEntryPoint(unauthorizedHandler)
             .and()
         .sessionManagement()
             .sessionCreationPolicy(SessionCreationPolicy.STATELESS)
             .and()
         .authorizeRequests()
             .antMatchers("/test").permitAll()
             .antMatchers("/api/**").permitAll()
             .anyRequest().authenticated();

      httpSecurity.addFilterBefore(authenticationTokenFilterBean(), UsernamePasswordAuthenticationFilter.class);
   }
}
Run Code Online (Sandbox Code Playgroud)

我有一个在Spring Security之前运行的自定义过滤器.我希望能够/test从过滤器和Spring Security中排除某些URL(例如)以及其他被拦截的URL (如/api/**).

当使用邮递员进行测试时localhost/test,即使我有,仍然会通过过滤器antMatchers("/test").permitAll().

如何绕过过滤器?

spring-security

tec*_*ner
2016 11-08
5
推荐指数
1
解决办法
8348
查看次数

Mule http请求记录

我正在向第三方api发送https请求并返回403的响应.如何将请求登录到控制台?我想验证我发送的内容,因为它在卷曲时起作用.使用Mule 3.7.0

<flow name="EmailFlow" >
   <jms:inbound-endpoint queue="outbound.queue" doc:name="email outbound communicationQ" connector-ref="Active_MQ" >
   </jms:inbound-endpoint>
   <json:object-to-json-transformer doc:name="Object to JSON"/>

   <logger message="msg is: #[payload]" level="INFO" doc:name="Logger"/>

  <http:request config-ref="https_request_config" path="/api/v1/transmissions" method="POST" doc:name="HTTP">
     <http:request-builder>
     <http:header headerName="Authorization" value="somekey"/>
     <http:header headerName="Content-Type" value="application/json"/>
     </http:request-builder>
     <http:success-status-code-validator values="403"/>
  </http:request>

  <logger level="INFO" doc:name="Logger"/>
</flow>
Run Code Online (Sandbox Code Playgroud)

mule

tec*_*ner
lucky-day
4
推荐指数
1
解决办法
6563
查看次数

标签 统计

mule ×1

spring-security ×1