Java 如何添加Spring安全HTTP响应头_Java_Spring_Spring Security - Fatal编程技术网

Warning: file_get_contents(/data/phpspider/zhask/data//catemap/9/java/308.json): failed to open stream: No such file or directory in /data/phpspider/zhask/libs/function.php on line 167

Warning: Invalid argument supplied for foreach() in /data/phpspider/zhask/libs/tag.function.php on line 1116

Notice: Undefined index: in /data/phpspider/zhask/libs/function.php on line 180

Warning: array_chunk() expects parameter 1 to be array, null given in /data/phpspider/zhask/libs/function.php on line 181
Java 如何添加Spring安全HTTP响应头_Java_Spring_Spring Security - Fatal编程技术网

Java 如何添加Spring安全HTTP响应头

java spring spring-security

Java 如何添加Spring安全HTTP响应头,java,spring,spring-security,Java,Spring,Spring Security,从Spring 3.2开始，我可以简单地将其添加到我的安全xml中： <security:headers> <security:frame-options policy="SAMEORIGIN" /> </security:headers> 但是Spring 3.1版不支持这一点，在不升级版本的情况下有什么解决方法吗这是3.1版的文档：我相信xframeoptionheaderwriter实现了此配置背后的逻辑。它是

从Spring 3.2开始，我可以简单地将其添加到我的安全xml中：

 <security:headers>
    <security:frame-options
            policy="SAMEORIGIN" />
</security:headers>

但是Spring 3.1版不支持这一点，在不升级版本的情况下有什么解决方法吗
这是3.1版的文档：

我相信
xframeoptionheaderwriter
实现了此配置背后的逻辑。它是在Spring3.2中引入的，在该版本之前没有类似的版本
如果您想自己实现，可以使用一个简单的过滤器：

public class XFrameOptionsHeaderFilter extends OncePerRequestFilter { @Override protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain filterChain) throws ServletException, IOException { response.setHeader("X-Frame-Options", "SAMEORIGIN"); filterChain.doFilter(request, response); } }
您需要在应用程序上下文中为此类创建bean：

<bean id="xFrameOptionsHeaderFilter" class="your.package.XFrameOptionsHeaderFilter"/>

您可以在控制器响应中设置自定义标头；tnx非常好的回答，但我似乎无法让它工作，我看到bean已加载，但在我发出请求时未调用方法。你知道可能遗漏了什么吗？也许你把豆子放错地方了？您应该将它放在应用程序上下文中，即
contextConfigLocation
中使用的上下文，而不是servlet上下文中。
<filter> <filter-name>xFrameOptionsHeaderFilter</filter-name> <filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class> </filter> <filter-mapping> <filter-name>xFrameOptionsHeaderFilter</filter-name> <url-pattern>/*</url-pattern> </filter-mapping>

[spring]相关文章推荐

springsource工具套件（eclipse）教程？ spring spring-mvc

具有会话范围bean的Spring和Jersey客户端 spring jaxb jersey

Spring 使用方法级安全性处理拒绝访问 spring spring-security

Spring @NumberFormat批注不起作用 spring spring-mvc

从Spring TaskExecutor和TaskScheduler获取有关运行任务的信息 spring asynchronous

JSF2或Spring3中的动态依赖注入 spring jsf dependency-injection

Spring云aws（消息传递）-未获取消息 spring amazon-web-services spring-cloud

为什么mailSender总是以空值获取？spring/jsf spring jsf

未调用自定义spring验证程序 spring

Spring Boot JPA Hibernate多个Datasouce属性设置 spring spring-boot

嵌套对象中的Spring数据mongodb审核信息 spring mongodb

为什么Spring Security将SecurityContext存储在线程局部变量中 spring spring-security

Spring 如何排除applicationContext.xml spring

JMS-ActiveMQ-SpringBoot.FailoverTransport spring spring-boot jms activemq

Spring 条件重存储资源 spring

使用spring网关和Oauth2配置客户端凭据流 spring spring-boot spring-security

如何从TASKLET中的execute方法获取Spring批处理作业实例id spring spring-batch

Spark/Spring验证api依赖项冲突 spring apache-spark hadoop dependencies

可以在Spring路由器dsl中使用HttpServletResponse吗？ spring spring-mvc

Spring 检查令牌是否未过期的服务 spring spring-security

随机文章推荐

Anaconda Jupyter笔记本电脑/实验室未启动 anaconda jupyter-notebook

Anaconda condacreate--name py36 python=3.6冻结 anaconda

粘贴时，从Anaconda提示符复制会导致格式错误 anaconda windows-10

[java]相关推荐

Tags

Fullcalendar Quickbooks Itext Laravel 4 Salesforce X86 Powershell Keyboard Serialization Teamcity Vmware Ecmascript 6 Tcp Firefox Google Maps Google Bigquery Time Complexity Xaml Compilation Mqtt Algorithm Java Me Parallel Processing Silverlight 4.0 Openlayers Glsl Lotus Notes Logging Jquery Plugins Computer Vision Database Jersey Macros Text Dotnetnuke Influxdb Docker Compose Unix Tsql Arrays Animation Cmake Yocto Prestashop Nest Office365 Workflow Windows Phone 7 Ethereum Jestjs Sql Server 2005 Xcode Google Visualization Telegram Optimization Doxygen Api Android Emulator Dask Serial Port Libgdx C Polymer Apache Zookeeper Identityserver4 Windows 10 Scroll Unit Testing Email Linkedin Java Mvvm Internet Explorer 8 Encoding Glassfish Usb Spotify Memory Management Jasmine Geolocation Editor Sorting Makefile Stream Oracle10g Db2 Twitter Bootstrap 3 Sockets View Single Sign On Navigation Telerik Matlab Clang Extjs4 Iis 7 Struct Functional Programming Dependency Injection Logic React Native Safari Drools Cmd Mongoose Function Class Embedded Combobox Terminal Azure Active Directory Vb6 Input Download Monitoring Automated Tests Macos Apache Kafka Com Content Management System Mfc Rally Jaxb Botframework Less Floating Point Google Plus Rest Haskell Google Cloud Platform Dynamics Crm Cuda Cordova Kdb Typo3 Concurrency Redirect Apache Ios Snmp Grid Frameworks Lucene Network Programming Windows 7 Typescript C# 3.0 Arangodb Cygwin Mdx Memory Leaks Google Sheets Sap Documentation Google Drive Api Templates R Websocket Routes Abap Anaconda Url Rewriting Wxpython Ember.js Ssl File Sml Boost Isabelle Loops Video Apache Flink Jekyll Wolfram Mathematica Ant Ansible Angular6 Qt4 Kotlin Openid Github Terraform Prometheus Bison Openstack Sharepoint 2007 Gdb Titanium Json Linux Kernel Apache Flex Facebook Graph Api Nunit Spring Paypal Visual Studio 2013 Eclipse Rcp Dart Maps Racket Angular

Copyright © 2024. All Rights Reserved by - Fatal编程技术网