springboot公共匹配器

bbuxkriu  于 2021-07-24  发布在  Java
关注(0)|答案(1)|浏览(270)

我有一个spring boot应用程序,Map如下:

@GetMapping(value = {  "/",  })
public String home(Model model) {
}

localhot:8080 , localhost:8080/ , localhost:8080/. , localhost:8080/.. 重定向到 / 但不是

localhost:8080/...

而在 WebSecurityConfig 我只有一个公开的匹配者: / .
我想限制 localhost:8080/. 以及 localhost:8080/.. 在这里:

@Configuration
@EnableWebSecurity
public class WebSecurityConfig extends WebSecurityConfigurerAdapter {

    private final UserSecurityService userSecurityService;
    private final Environment env;

    private static final String SALT = "fd&l23j§sfs23#$1*(_)nof";

    public WebSecurityConfig(UserSecurityService userSecurityService, Environment env) {
        this.userSecurityService = userSecurityService;
        this.env = env;
    }

    @Bean
    public BCryptPasswordEncoder passwordEncoder() {
        return new BCryptPasswordEncoder(12, new SecureRandom(SALT.getBytes()));
    }

    @Override
    protected void configure(HttpSecurity http) throws Exception {

        CharacterEncodingFilter encodingFilter = new CharacterEncodingFilter();
        encodingFilter.setEncoding("UTF-8");
        encodingFilter.setForceEncoding(true);

        http.addFilterBefore(encodingFilter, CsrfFilter.class);

        http.csrf().disable();

        http
            .authorizeRequests()
                .antMatchers(publicMatchers()).permitAll()
                .anyRequest().authenticated()
                .and()
            .formLogin()
                .loginPage("/login.html")
                .defaultSuccessUrl("/advertise.html")
                .failureUrl("/login.html?error").permitAll()
                .and()
            .logout()
                .permitAll()
                .and()
            .rememberMe()
                .key("uniqueAndSecret");
    }

    @Autowired
    public void configureGlobal(AuthenticationManagerBuilder auth) throws Exception {

        auth
            .userDetailsService(userSecurityService)
                .passwordEncoder(passwordEncoder());
    }

    private String[] publicMatchers() {

        final String[] PUBLIC_MATCHERS = {
                "/webjars/**",
                "/css/**",
                "/fonts/**",
                "/images/**",
                "/img/**",
                "/js/**",
                "/home.html",
                "/links/**",
                "/links.html",
                "/favicon.ico",
                "/forgotmypassword.html",
                "/directory/**",
                "/",
                "/error/**/*",
                "/h2-console/**",
                ForgotMyPasswordController.FORGOT_PASSWORD_URL_MAPPING,
                ForgotMyPasswordController.CHANGE_PASSWORD_PATH
        };

        return PUBLIC_MATCHERS;
    }
}
gywdnpxw

gywdnpxw1#

我举了一个和你相似的简单例子。我正在用curl(不是web浏览器)进行测试,结果如下: localhost:8080/. 内部服务器错误。
此异常在服务器中引发:org.springframework.security.web.firewall.requestrejectedexception:请求被拒绝,因为url未规范化。 localhost:8080/.. 错误的请求
似乎嵌入的tomcat给了您这样的响应。我尝试添加一个全局错误控制器,我可以在spring中得到错误 localhost:8080/... 找不到终结点
这是exepced,因为我没有这样的端点“/”的任何Map
我认为你的浏览器实际上要求 localhost:8080/ 当你打字的时候 localhost:8080/. 或者 localhost:8080/.. 你的spring boot应用程序没有重定向

相关问题