问题描述
我正在开发 spring 安全并添加了过滤器。当从邮递员“Header”发送的请求能够读取但从反应/角度请求“header”显示为空时。邮递员没有问题,但在使用应用程序调用时遇到问题。
@Component
public class GenericFiltering extends GenericFilterBean {
@Autowired
ServiceAccessparams serviceAccessparams;
@SuppressWarnings("unused")
@Override
public void doFilter(ServletRequest request,ServletResponse response,FilterChain chain)
throws IOException,servletexception {
try {
HttpServletRequest req = (HttpServletRequest) request;
HttpServletResponse res = (HttpServletResponse) response;
System.out.println("GenericFiltering is called..."+req.getRequestURI());
Enumeration<String> headerNames = req.getHeaderNames();
//map<String,String> mp=new HashMap<>();
//headerNames.forEach((key,value) ->{ System.out.println("Header Name: "+key+" Header Value: "+value); });
/* if (headerNames != null) {
while (headerNames.hasMoreElements()) {
System.out.println("Header: " + req.getHeader(headerNames.nextElement()));
}
}*/
if (headerNames != null) {
while (headerNames.hasMoreElements()) {
String name = headerNames.nextElement();
System.out.println("Header: " + name + " value:" + req.getHeader(name));
}
}
String hdrEncryptedData = req.getHeader("secretkey");
System.out.println("sc key:"+hdrEncryptedData);
Authentication auth = SecurityContextHolder.getContext().getAuthentication();
chain.doFilter(request,response);
} catch (CustomException e) {
setResponse(response,e.getExceptionMessage());
} catch (Exception e) {
setResponse(response,e.getMessage());
}
}
}
安全文件
@Order(Ordered.HIGHEST_PRECEDENCE)
@SuppressWarnings("deprecation")
@Configuration
@EnableWebSecurity
@EnableGlobalMethodSecurity(prePostEnabled = true)
public class SecurityConfig extends WebSecurityConfigurerAdapter {
@Autowired
AuthenProvider authenProvider;
@Autowired
GenericFiltering genericFiltering;
@Bean
public PasswordEncoder encoder() {
return NoOpPasswordEncoder.getInstance();
}
@Override
@Autowired
protected void configure(AuthenticationManagerBuilder auth) throws Exception {
auth.authenticationProvider(authenProvider);
}
@Override
protected void configure(HttpSecurity http) throws Exception {
http
.csrf().disable()
.anonymous().disable()
. authorizeRequests()
.antMatchers("/oauth/token/").permitAll();
http.addFilterBefore(genericFiltering,BasicAuthenticationFilter.class);
}
@Override
public void configure(WebSecurity web) throws Exception {
web.ignoring().antMatchers(HttpMethod.OPTIONS);
}
@Override
@Bean
public AuthenticationManager authenticationManagerBean() throws Exception {
return super.authenticationManagerBean();
}
}
解决方法
暂无找到可以解决该程序问题的有效方法,小编努力寻找整理中!
如果你已经找到好的解决方法,欢迎将解决方案带上本链接一起发送给小编。
小编邮箱:dio#foxmail.com (将#修改为@)