Spring boot 从Application.Property中定义的属性使用Spring引导筛选器实现在类文件中获取NULL
我正在尝试为application.property中定义的变量执行rest模板和属性注入的一个示例。为此,我创建了一个过滤器实现,如下所示。但是当我访问这个属性时,我得到了如下错误Spring boot 从Application.Property中定义的属性使用Spring引导筛选器实现在类文件中获取NULL,spring-boot,properties,Spring Boot,Properties,我正在尝试为application.property中定义的变量执行rest模板和属性注入的一个示例。为此,我创建了一个过滤器实现,如下所示。但是当我访问这个属性时,我得到了如下错误 java.lang.IllegalArgumentException: URI must not be null 我创建了我的过滤器实现代码,如下所示 @Component public class CustomSecurityFilter extends OncePerRequestFilter impl
java.lang.IllegalArgumentException: URI must not be null
我创建了我的过滤器实现代码,如下所示
@Component
public class CustomSecurityFilter extends OncePerRequestFilter implements Filter{
@Value ("${securityTriggerServiceApiUrl}" )
public String triggerUrl;
@Override
protected void doFilterInternal(final HttpServletRequest request, final HttpServletResponse response, final FilterChain filterChain) throws ServletException, IOException {
String authHeaderToken = request.getHeader("authToken");
System.out.println("token :"+authHeaderToken);
if(checkAuthenticationByAuthToken(authHeaderToken))
{
filterChain.doFilter(request, response);
}
else
{
response.sendError(HttpServletResponse.SC_BAD_REQUEST);
}
}
private static HttpHeaders getApiHeaders(){
String plainCredentials="${seccurityTriggerEncodingCredential}";
String base64Credentials = new String(Base64.encodeBase64(plainCredentials.getBytes()));
HttpHeaders headers = new HttpHeaders();
headers.add("Authorization", "Basic " + base64Credentials);
headers.setContentType(MediaType.APPLICATION_JSON);
return headers;
}
public Boolean checkAuthenticationByAuthToken(String authTokenRequest) {
AuthorizationRequest authApiRequestObj = new AuthorizationRequest();
authApiRequestObj.auth_token = authTokenRequest;
RestTemplate restTemplate = new RestTemplate();
HttpEntity<Object> request = new HttpEntity<Object>(authApiRequestObj, getApiHeaders());
AuthorizationResponse authorizationResponseObj = restTemplate.postForObject(getApiTriggerStringUrl(), request, AuthorizationResponse.class);
System.out.println("RoleId is :"+authorizationResponseObj.role_id);
if(authorizationResponseObj.role_id >= 0 ) {
return true;
}
return false;
}
public String getApiTriggerStringUrl() {
return this.triggerUrl;
}
}
seccurityTriggerEncodingCredential=test:test
securityTriggerServiceApiUrl=http://localhost:8065/test/security/authorizeUser
我的安全配置文件包含如下内容:
@EnableWebSecurity
@Configuration
public class SecurityConfig extends WebSecurityConfigurerAdapter {
@Override
protected void configure(HttpSecurity http) throws Exception {
http
.csrf()
.disable()
.addFilterAfter(new CustomSecurityFilter(), BasicAuthenticationFilter.class);
}
}
为什么会出现这样的错误?问题是在注册筛选器时,您已使用
new
创建了一个新筛选器。因此,配置并不是选择Spring创建的配置。您可以执行以下任一操作-
1) 自动连接配置类中现有的Springbean-
@EnableWebSecurity
@Configuration
public class SecurityConfig extends WebSecurityConfigurerAdapter {
@Autowired
private CustomSecurityFilter customSecurityFilter;
@Override
protected void configure(HttpSecurity http) throws Exception {
http
.csrf()
.disable()
.addFilterAfter(customSecurityFilter, BasicAuthenticationFilter.class);
}
}
您可以直接通过@Autowired
或通过构造函数以任何方式进行自动布线
2) 第二种方法是自己创建CustomSecurityFilter bean。示例代码与您的代码一致-
a) 不要用@组件
注释过滤器。删除@Value
并为您的属性创建一个setter
public class CustomSecurityFilter extends OncePerRequestFilter implements Filter{
public String triggerUrl;
public void setTriggerUrl(String triggerUrl) {
this.triggerUrl = triggerUrl;
}
@Override
protected void doFilterInternal(final HttpServletRequest request, final HttpServletResponse response, final FilterChain filterChain) throws ServletException, IOException {
String authHeaderToken = request.getHeader("authToken");
System.out.println("token :"+authHeaderToken);
if(checkAuthenticationByAuthToken(authHeaderToken))
{
filterChain.doFilter(request, response);
}
else
{
response.sendError(HttpServletResponse.SC_BAD_REQUEST);
}
}
private static HttpHeaders getApiHeaders(){
String plainCredentials="${seccurityTriggerEncodingCredential}";
String base64Credentials = new String(Base64.encodeBase64(plainCredentials.getBytes()));
HttpHeaders headers = new HttpHeaders();
headers.add("Authorization", "Basic " + base64Credentials);
headers.setContentType(MediaType.APPLICATION_JSON);
return headers;
}
public Boolean checkAuthenticationByAuthToken(String authTokenRequest) {
AuthorizationRequest authApiRequestObj = new AuthorizationRequest();
authApiRequestObj.auth_token = authTokenRequest;
RestTemplate restTemplate = new RestTemplate();
HttpEntity<Object> request = new HttpEntity<Object>(authApiRequestObj, getApiHeaders());
AuthorizationResponse authorizationResponseObj = restTemplate.postForObject(getApiTriggerStringUrl(), request, AuthorizationResponse.class);
System.out.println("RoleId is :"+authorizationResponseObj.role_id);
if(authorizationResponseObj.role_id >= 0 ) {
return true;
}
return false;
}
public String getApiTriggerStringUrl() {
return this.triggerUrl;
}
}
公共类CustomSecurityFilter扩展OncePerRequestFilter实现筛选器{
公共字符串触发器URL;
公共void setTriggerUrl(字符串triggerUrl){
this.triggerUrl=triggerUrl;
}
@凌驾
受保护的void doFilterInternal(最终HttpServletRequest请求、最终HttpServletResponse响应、最终FilterChain FilterChain)抛出ServletException、IOException{
字符串authHeaderToken=request.getHeader(“authToken”);
System.out.println(“令牌:+authHeaderToken”);
if(检查AuthenticationByAuthToken(authHeaderToken))
{
filterChain.doFilter(请求、响应);
}
其他的
{
senderError(HttpServletResponse.SC\u BAD\u请求);
}
}
私有静态HttpHeaders getApiHeaders(){
字符串plainCredentials=“${seccurityTriggerEncodingCredential}”;
String base64Credentials=新字符串(Base64.encodeBase64(plainCredentials.getBytes());
HttpHeaders=新的HttpHeaders();
添加(“授权”、“基本”+base64凭证);
headers.setContentType(MediaType.APPLICATION_JSON);
返回标题;
}
公共布尔checkAuthenticationByAuthToken(字符串authTokenRequest){
AuthorizationRequest authApiRequestObj=新的AuthorizationRequest();
authApiRequestObj.auth_token=authTokenRequest;
RestTemplate RestTemplate=新RestTemplate();
HttpEntity请求=新的HttpEntity(authApiRequestObj,getApiHeaders());
AuthorizationResponse authorizationResponseObj=restTemplate.postForObject(getApiTriggerStringUrl(),请求,AuthorizationResponse.class);
System.out.println(“RoleId是:“+authorizationResponseObj.role\u id”);
if(authorizationResponseObj.role_id>=0){
返回true;
}
返回false;
}
公共字符串getApiTriggerStringUrl(){
返回this.triggerUrl;
}
}
b) 然后,您的配置类将被删除-
@EnableWebSecurity
@Configuration
public class SecurityConfig extends WebSecurityConfigurerAdapter {
@Override
protected void configure(HttpSecurity http) throws Exception {
http
.csrf()
.disable()
.addFilterAfter(customSecurityFilter(), BasicAuthenticationFilter.class);
}
@Bean
public CustomSecurityFilter customSecurityFilter() {
CustomSecurityFilter customSecurityFilter = new CustomSecurityFilter();
customSecurityFilter.setTriggerUrl(<property value>);
return customSecurityFilter;
}
}
@EnableWebSecurity
@配置
公共类SecurityConfig扩展了WebSecurity配置适配器{
@凌驾
受保护的无效配置(HttpSecurity http)引发异常{
http
.csrf()
.disable()
.addFilterAfter(customSecurityFilter(),BasicAuthenticationFilter.class);
}
@豆子
公共CustomSecurityFilter CustomSecurityFilter(){
CustomSecurityFilter CustomSecurityFilter=新建CustomSecurityFilter();
customSecurityFilter.setTriggerUrl();
返回customSecurityFilter;
}
}
如果值为null
则您的筛选器未注册为abean,而只是使用new
而不是从@Bean
方法创建。您能否确认您的筛选器是如何在配置中注册的?@Akash-我使用了addFilterAfter方法。我更新了我的问题。这是我的配置文件,如@M.Deinum所述,这就是问题所在。注册筛选器时,您已经创建了一个新筛选器。配置未拾取spring创建的筛选器。有两种方法可以解决这个问题。请检查下面我的答案。谢谢您的回复。这个答案是完美的。我试过这种方法,现在它起作用了。