我使用Sping Boot 和Spring Security。Request TRACE http://localhost:8080/invalid/path在我的spring Boot 应用程序中Map了/error。我能知道这个请求被Map到/error的确切位置吗?我想处理发送自定义响应的请求。我通过以下行启用了Web安全性调试。
public void configure(WebSecurity web) throws Exception {
web.debug(true);
}curl -D - -X TRACE http://localhost:8081/invalid/path的输出
HTTP/1.1 405
Allow: HEAD, DELETE, POST, GET, OPTIONS, PUT
Content-Type: message/http
Content-Length: 83
Date: Thu, 14 May 2020 06:24:25 GMT
TRACE /error HTTP/1.1
host: localhost:8104
user-agent: curl/7.64.1
accept: */*应用程序日志显示以下内容
************************************************************
Request received for TRACE '/error':
org.apache.catalina.core.ApplicationHttpRequest@7dba82cf
servletPath:/error
pathInfo:null
headers:
host: localhost:8104
user-agent: curl/7.64.1
accept: */*
Security filter chain: [] empty (bypassed by security='none')
************************************************************我的自定义防火墙忽略RequestRejectedException
@Override
public FirewalledRequest getFirewalledRequest(final HttpServletRequest request) {
try {
return super.getFirewalledRequest(request);
} catch (RequestRejectedException ex) {
return new FirewalledRequest(request) {
@Override
public void reset() {}
};
}
}有人帮忙吗?
使用Sping Boot 2.2.6
1条答案
按热度按时间6pp0gazn1#
通过将其添加到webSecurityConfig
或者使用全局ExceptionHandler检查此https://www.baeldung.com/spring-security-exceptionhandler