Warning: file_get_contents(/data/phpspider/zhask/data//catemap/2/spring/11.json): failed to open stream: No such file or directory in /data/phpspider/zhask/libs/function.php on line 167

Warning: Invalid argument supplied for foreach() in /data/phpspider/zhask/libs/tag.function.php on line 1116

Notice: Undefined index: in /data/phpspider/zhask/libs/function.php on line 180

Warning: array_chunk() expects parameter 1 to be array, null given in /data/phpspider/zhask/libs/function.php on line 181
Spring 春季保安及;多部分请求_Spring_File Upload_Spring Security_Oauth 2.0 - Fatal编程技术网

Spring 春季保安及;多部分请求

Spring 春季保安及;多部分请求,spring,file-upload,spring-security,oauth-2.0,Spring,File Upload,Spring Security,Oauth 2.0,我有一个受Spring Security和OAuth2保护的@Controller,我试图让我的用户上传一个文件: @Controller @RequestMapping(value = "/api/image") public class ImageController { @PreAuthorize("hasAuthority('ROLE_USER')") @RequestMapping(value = "/upload", method = RequestMethod.P

我有一个受Spring Security和OAuth2保护的@Controller,我试图让我的用户上传一个文件:

@Controller
@RequestMapping(value = "/api/image")
public class ImageController {

    @PreAuthorize("hasAuthority('ROLE_USER')")
    @RequestMapping(value = "/upload", method = RequestMethod.PUT)
    public @ResponseBody Account putImage(@RequestParam("title") String title, MultipartHttpServletRequest request, Principal principal){
        // Some type of file processing...
        System.out.println("-------------------------------------------");
        System.out.println("Test upload: " + title);
        System.out.println("Test upload: " + request.getFile("file").getOriginalFilename());
        System.out.println("-------------------------------------------");

        return ((Account) ((OAuth2Authentication) principal).getPrincipal());
    }
}
当我试图上传一个文件和标题时,我得到以下异常。我正在将内容类型标题设置为多部分/表单数据

java.lang.IllegalStateException: Current request is not of type [org.springframework.web.multipart.MultipartHttpServletRequest]: SecurityContextHolderAwareRequestWrapper[ FirewalledRequest[ org.apache.catalina.connector.RequestFacade@1aee75b7]]
    at org.springframework.web.servlet.mvc.method.annotation.ServletRequestMethodArgumentResolver.resolveArgument(ServletRequestMethodArgumentResolver.java:84)
    at org.springframework.web.method.support.HandlerMethodArgumentResolverComposite.resolveArgument(HandlerMethodArgumentResolverComposite.java:75)
    at org.springframework.web.method.support.InvocableHandlerMethod.getMethodArgumentValues(InvocableHandlerMethod.java:156)
    at org.springframework.web.method.support.InvocableHandlerMethod.invokeForRequest(InvocableHandlerMethod.java:117)
如何在Spring Security之后进行文件上传?似乎请求从未转换为MultiPartHttpServerRequest,因此无法工作

如果我将方法签名更改为采用@RequestParam MultipartFile,则会出现如下异常:

DEBUG DefaultListableBeanFactory - Returning cached instance of singleton bean 'imageController'
DEBUG ExceptionHandlerExceptionResolver - Resolving exception from handler [public com.tinsel.server.model.Account com.tinsel.server.controller.ImageController.putImage(java.lang.String,org.springframework.web.multipart.MultipartFile,java.security.Principal)]: java.lang.IllegalArgumentException: Expected MultipartHttpServletRequest: is a MultipartResolver configured?
DEBUG ResponseStatusExceptionResolver - Resolving exception from handler [public com.tinsel.server.model.Account com.tinsel.server.controller.ImageController.putImage(java.lang.String,org.springframework.web.multipart.MultipartFile,java.security.Principal)]: java.lang.IllegalArgumentException: Expected MultipartHttpServletRequest: is a MultipartResolver configured?
DEBUG DefaultHandlerExceptionResolver - Resolving exception from handler [public com.tinsel.server.model.Account com.tinsel.server.controller.ImageController.putImage(java.lang.String,org.springframework.web.multipart.MultipartFile,java.security.Principal)]: java.lang.IllegalArgumentException: Expected MultipartHttpServletRequest: is a MultipartResolver configured?
DEBUG DispatcherServlet - Could not complete request
java.lang.IllegalArgumentException: Expected MultipartHttpServletRequest: is a MultipartResolver configured?
    at org.springframework.util.Assert.notNull(Assert.java:112)
…但我确实在XML中配置了多部分解析器:

<bean id="multipartResolver" class="org.springframework.web.multipart.commons.CommonsMultipartResolver">
    <property name="maxUploadSize" value="268435456"/> <!-- 256 megs -->
</bean>


我确实看到了-但我正在努力保持更新,目前正在使用3.1。是否有更新的修复程序?

问题是我使用的是PUT而不是POST。Commons FileUpload硬编码为仅接受文件的POST请求

检查那边的地图。若要解决此问题,请使用POST或扩展该类并重写该方法以按您喜欢的方式工作


我是为这个问题打开的。

您可以看看哪个示例演示了如何在启用了Spring Security OAuth的情况下发布到Spring MVC。我甚至使用HTML5拖放将图像拖到屏幕上,然后通过ajax将其提交到服务器。

为了解决这个问题,不要使用spring MultiPartHttpServerRequest,而是将请求作为HttpServletRequest,使用apache commons fileupload库解析来自PUT方法的请求,并处理该文件。以下是一些示例代码:

ServletFileUpload fileUpload = new ServletFileUpload(new DiskFileItemFactory());
List<FileItem> fileItems = fileUpload.parseRequest(httpServletRequest);
InputStream in = fileItems.get(0).getInputStream();
...
ServletFileUpload fileUpload=newservletfileupload(new DiskFileItemFactory());
List fileItems=fileUpload.parseRequest(httpServletRequest);
InputStream in=fileItems.get(0).getInputStream();
...
在Config.groovy中

确保启用了多部分

// whether to disable processing of multi part requests
   grails.web.disable.multipart=false
在控制器中添加Post方法

def upload(){
    MultipartHttpServletRequest mpr = (MultipartHttpServletRequest)request;
    if(request instanceof MultipartHttpServletRequest)
            {
                CommonsMultipartFile f = (CommonsMultipartFile) mpr.getFile("myFile");
                println f.contentType
                f.transferTo()
                if(!f.empty)
                    flash.message = 'success'
                else
                    flash.message = 'file cannot be empty'
            }
    else
    flash.message = 'request is not of type MultipartHttpServletRequest'}

有了这些,我可以上传文件,与Spring安全无关。

FILEUPLOAD-214通过WONTFIX解决。根据作者的说法,
PUT
不应该与
Multipart一起使用
是的,最终我改成了POST而不是PUT。它在1.3.1中3年后在1.3版中得到了修复,它仍然存在-。这个问题仍然存在。这是一个微小的变化,不会破坏任何HTTP规范(它破坏REST,特别是它不是HTTP,因此不定义多部分请求或
PUT
,在这里可以安全地忽略),但是。。。人们坚持不这样做。对于有些原因。很高兴看到愚蠢无处不在。如何在HTTPRequest中获取文件请帮助:P