Warning: file_get_contents(/data/phpspider/zhask/data//catemap/9/java/393.json): failed to open stream: No such file or directory in /data/phpspider/zhask/libs/function.php on line 167

Warning: Invalid argument supplied for foreach() in /data/phpspider/zhask/libs/tag.function.php on line 1116

Notice: Undefined index: in /data/phpspider/zhask/libs/function.php on line 180

Warning: array_chunk() expects parameter 1 to be array, null given in /data/phpspider/zhask/libs/function.php on line 181
Java Spring安全配置-403禁止_Java_Spring_Rest_Spring Security_Basic Authentication - Fatal编程技术网
Fatal编程技术网
  • java/
  • Java Spring安全配置-403禁止

Java Spring安全配置-403禁止

java spring rest spring-security

Java Spring安全配置-403禁止,java,spring,rest,spring-security,basic-authentication,Java,Spring,Rest,Spring Security,Basic Authentication,我使用Spring5.0.7.RELEASE,我需要为我的spring应用程序添加基本身份验证,这是一个非常旧的应用程序。这就是为什么它使用注册配置类的旧方法。我添加了SecurityConfig类,并将其导入SpringMvcConfig中,如下所示 @Configuration @EnableWebMvc @ComponentScan( basePackages = { "com.test" }, excludeFilters = {

我使用Spring5.0.7.RELEASE,我需要为我的spring应用程序添加基本身份验证,这是一个非常旧的应用程序。这就是为什么它使用注册配置类的旧方法。我添加了
SecurityConfig
类,并将其导入
SpringMvcConfig
中,如下所示

@Configuration
@EnableWebMvc
@ComponentScan( basePackages = {
        "com.test" },
        excludeFilters = {
                @ComponentScan.Filter( Configuration.class )
        } )
@ImportResource("classpath:/spring-context.xml")
@EnableSwagger2
@Import({SwaggerConfig.class, SecurityConfig.class})
public class SpringMvcConfig extends WebMvcConfigurationSupport {

    @Autowired private ApplicationContext applicationContext;

    private static final String[] RESOURCE_BUNDLES = new String[] { "MessageResources" };
    private static final String[] YAML_RESOURCE_BUNDLES = new String[] { "messages" };

    /**
     * Configures the Jackson object mapper
     */
    @Bean( name = "objectMapper" )
    public ObjectMapper getObjectMapper( JacksonService jacksonService ) {
        return jacksonService.getObjectMapper();
    }

    /**
     * Configures the ApplicationContextProvider
     */
    @Bean( name = "applicationContextProvider" )
    public ApplicationContextProvider getApplicationContextProvider() {
        return new ApplicationContextProvider();
    }
}
下面是web.xml

    <servlet>
        <servlet-name>springmvc</servlet-name>
        <servlet-class>org.springframework.web.servlet.DispatcherServlet</servlet-class>
        <load-on-startup>1</load-on-startup>

        <init-param>
            <param-name>contextClass</param-name>
            <param-value>org.springframework.web.context.support.AnnotationConfigWebApplicationContext</param-value>
        </init-param>

        <init-param>
            <param-name>contextConfigLocation</param-name>
            <param-value>com.test.SpringMvcConfig</param-value>
        </init-param>
    </servlet>

    <servlet-mapping>
        <servlet-name>springmvc</servlet-name>
        <url-pattern>/</url-pattern>
    </servlet-mapping>

 <!-- Spring Security Configuration -->
    <filter>
        <filter-name>springSecurityFilterChain</filter-name>
        <filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
    </filter>
    <filter-mapping>
        <filter-name>springSecurityFilterChain</filter-name>
        <url-pattern>/*</url-pattern>
    </filter-mapping>
我得到一个403禁止服务器理解请求,但拒绝授权。我还补充说

public class SecurityWebApplicationInitializer extends AbstractSecurityWebApplicationInitializer {
}
你在你的主类中尝试过这个
@Import(value={SecurityConfig.class})
吗?我尝试过这个,发生的情况是,在启动时,类启动了,但我的身份验证仍然不起作用,这意味着我可以在不使用用户名和密码的情况下访问我的端点,因此您需要在web.xml中创建委派筛选器代理链,创建一个WebAppInitializer类,该类扩展AbstractAnnotationConfigDispatchers Servletilizer此示例将帮助您。嗯,尝试了这个方法,但目前为止运气不佳。您是否错过了
springSecurityFilterChain
servlet过滤器?我在您的配置中没有看到它。 
public class SecurityWebApplicationInitializer extends AbstractSecurityWebApplicationInitializer {
}