赏金21小时后到期。此问题的答案有资格获得+100声誉奖励。彼得科斯特伦正在寻找一个标准答案。
我有这个spring安全配置:
<?xml version="1.0" encoding="UTF-8" ?>
<beans xmlns="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:oauth="http://www.springframework.org/schema/security/oauth2"
xsi:schemaLocation="http://www.springframework.org/schema/security/oauth2 http://www.springframework.org/schema/security/spring-security-oauth2-2.0.xsd
http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-3.2.xsd
http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-4.1.xsd ">
<http pattern="/api/swagger-ui.html" security="none" xmlns="http://www.springframework.org/schema/security"/>
<http pattern="/api/webjars/**" security="none" xmlns="http://www.springframework.org/schema/security"/>
<http pattern="/api/swagger-resources/**" security="none" xmlns="http://www.springframework.org/schema/security"/>
<http pattern="/api/v2/api-docs" security="none" xmlns="http://www.springframework.org/schema/security"/>
<http pattern="/api/**" create-session="never" entry-point-ref="oauthAuthenticationEntryPoint"
access-decision-manager-ref="accessDecisionManager" xmlns="http://www.springframework.org/schema/security">
<anonymous enabled="false"/>
<intercept-url pattern="/api/**" access="IS_AUTHENTICATED_FULLY"/>
<custom-filter ref="resourceServerFilter" before="PRE_AUTH_FILTER"/>
<access-denied-handler ref="oauthAccessDeniedHandler"/>
</http>
<bean id="accessDecisionManager" class="org.springframework.security.access.vote.UnanimousBased"
xmlns="http://www.springframework.org/schema/beans">
<constructor-arg>
<list>
<bean class="org.springframework.security.oauth2.provider.vote.ScopeVoter"/>
<bean class="org.springframework.security.access.vote.AuthenticatedVoter"/>
</list>
</constructor-arg>
</bean>
<bean id="oauthAuthenticationEntryPoint"
class="org.springframework.security.oauth2.provider.error.OAuth2AuthenticationEntryPoint">
<property name="realmName" value="sample"/>
</bean>
<bean id="oauthAccessDeniedHandler"
class="org.springframework.security.oauth2.provider.error.OAuth2AccessDeniedHandler"/>
<oauth:resource-server id="resourceServerFilter" resource-id="sample" token-services-ref="remoteTokenServices"/>
<bean id="remoteTokenServices" class="org.springframework.security.oauth2.provider.token.RemoteTokenServices">
<property name="checkTokenEndpointUrl" value="${oauth.check.token.url}"/>
<property name="clientId" value="${oauth.client:crdb}"/>
<property name="clientSecret" value="${oauth.secret:secret}"/>
</bean>
<authentication-manager alias="authenticationManager" xmlns="http://www.springframework.org/schema/security">
</authentication-manager>
<oauth:expression-handler id="oauthExpressionHandler"/>
<oauth:web-expression-handler id="oauthWebExpressionHandler"/>
</beans>fortify returns to me spring安全配置错误:第9、10、11、15行的请求匹配器类型不正确。有人能告诉我如何解决此问题吗?似乎有一些路径问题,但我不太熟悉fortify,所以我不知道如何解决这个问题。
暂无答案!
目前还没有任何答案,快来回答吧!