如何解决无法在 spring 过滤器中读取 HEADER
我正在开发 spring 安全并添加了过滤器。当从邮递员“Header”发送的请求能够读取但从反应/角度请求“header”显示为空时。邮递员没有问题,但在使用应用程序调用时遇到问题。
@Component
public class GenericFiltering extends GenericFilterBean {
@Autowired
ServiceAccessparams serviceAccessparams;
@SuppressWarnings("unused")
@Override
public void doFilter(ServletRequest request,ServletResponse response,FilterChain chain)
throws IOException,servletexception {
try {
HttpServletRequest req = (HttpServletRequest) request;
HttpServletResponse res = (HttpServletResponse) response;
System.out.println("GenericFiltering is called..."+req.getRequestURI());
Enumeration<String> headerNames = req.getHeaderNames();
//map<String,String> mp=new HashMap<>();
//headerNames.forEach((key,value) ->{ System.out.println("Header Name: "+key+" Header Value: "+value); });
/* if (headerNames != null) {
while (headerNames.hasMoreElements()) {
System.out.println("Header: " + req.getHeader(headerNames.nextElement()));
}
}*/
if (headerNames != null) {
while (headerNames.hasMoreElements()) {
String name = headerNames.nextElement();
System.out.println("Header: " + name + " value:" + req.getHeader(name));
}
}
String hdrEncryptedData = req.getHeader("secretkey");
System.out.println("sc key:"+hdrEncryptedData);
Authentication auth = SecurityContextHolder.getContext().getAuthentication();
chain.doFilter(request,response);
} catch (CustomException e) {
setResponse(response,e.getExceptionMessage());
} catch (Exception e) {
setResponse(response,e.getMessage());
}
}
}
安全文件
@Order(Ordered.HIGHEST_PRECEDENCE)
@SuppressWarnings("deprecation")
@Configuration
@EnableWebSecurity
@EnableGlobalMethodSecurity(prePostEnabled = true)
public class SecurityConfig extends WebSecurityConfigurerAdapter {
@Autowired
AuthenProvider authenProvider;
@Autowired
GenericFiltering genericFiltering;
@Bean
public PasswordEncoder encoder() {
return NoOpPasswordEncoder.getInstance();
}
@Override
@Autowired
protected void configure(AuthenticationManagerBuilder auth) throws Exception {
auth.authenticationProvider(authenProvider);
}
@Override
protected void configure(HttpSecurity http) throws Exception {
http
.csrf().disable()
.anonymous().disable()
. authorizeRequests()
.antMatchers("/oauth/token/").permitAll();
http.addFilterBefore(genericFiltering,BasicAuthenticationFilter.class);
}
@Override
public void configure(WebSecurity web) throws Exception {
web.ignoring().antMatchers(HttpMethod.OPTIONS);
}
@Override
@Bean
public AuthenticationManager authenticationManagerBean() throws Exception {
return super.authenticationManagerBean();
}
}
版权声明:本文内容由互联网用户自发贡献,该文观点与技术仅代表作者本人。本站仅提供信息存储空间服务,不拥有所有权,不承担相关法律责任。如发现本站有涉嫌侵权/违法违规的内容, 请发送邮件至 dio@foxmail.com 举报,一经查实,本站将立刻删除。