在这里,我们将给大家分享关于spring启动时的过滤顺序的知识,让您更了解spring实现过滤器的本质,同时也会涉及到如何更有效地java–Spring启动csrf过滤器、java–Tomcat7和S
在这里,我们将给大家分享关于spring启动时的过滤顺序的知识,让您更了解spring实现过滤器的本质,同时也会涉及到如何更有效地java – Spring启动csrf过滤器、java – Tomcat 7和Spring启动战争启动、java-Spring启动application.yml中的Spring Kafka SSL设置、Payara 5启动时的Spring MVC Jackson异常的内容。
本文目录一览:- spring启动时的过滤顺序(spring实现过滤器)
- java – Spring启动csrf过滤器
- java – Tomcat 7和Spring启动战争启动
- java-Spring启动application.yml中的Spring Kafka SSL设置
- Payara 5启动时的Spring MVC Jackson异常
spring启动时的过滤顺序(spring实现过滤器)
如何在spring-boot中指定我的过滤器的顺序?我需要在Spring
Security过滤器之后插入我的MDC过滤器。我几乎尝试了所有方法,但过滤器始终是第一位的。这不起作用:
@Bean@Order(Ordered.LOWEST_PRECEDENCE)public UserInsertingMdcFilter userInsertingMdcFilter() { return new UserInsertingMdcFilter();}这也不起作用:
@Beanpublic FilterRegistrationBean userInsertingMdcFilterRegistrationBean() { FilterRegistrationBean registrationBean = new FilterRegistrationBean(); UserInsertingMdcFilter userFilter = new UserInsertingMdcFilter(); registrationBean.setFilter(userFilter); registrationBean.setOrder(Integer.MAX_VALUE); return registrationBean;}答案1
小编典典spring的家伙再次提供帮助。参见https://github.com/spring-projects/spring-
boot/issues/1640和https://jira.spring.io/browse/SEC-2730
Spring Security不会在它创建的Filter
bean上设置订单。这意味着,在Boot为它创建FilterRegistrationBean时,它将获得默认顺序LOWEST_PRECEDENCE。如果您想在Spring Security之后使用自己的过滤器,则可以为Spring Security的过滤器创建自己的注册并指定顺序。
所以我的问题的答案是:
@Beanpublic FilterRegistrationBean securityFilterChain(@Qualifier(AbstractSecurityWebApplicationInitializer.DEFAULT_FILTER_NAME) Filter securityFilter) { FilterRegistrationBean registration = new FilterRegistrationBean(securityFilter); registration.setOrder(Integer.MAX_VALUE - 1); registration.setName(AbstractSecurityWebApplicationInitializer.DEFAULT_FILTER_NAME); return registration;}@Beanpublic FilterRegistrationBean userInsertingMdcFilterRegistrationBean() { FilterRegistrationBean registrationBean = new FilterRegistrationBean(); UserInsertingMdcFilter userFilter = new UserInsertingMdcFilter(); registrationBean.setFilter(userFilter); registrationBean.setOrder(Integer.MAX_VALUE); return registrationBean;}
java – Spring启动csrf过滤器
我试图为某些特定的api调用启用csrf过滤器,而其他人则不需要csrf过滤器.我所做的是
@Override
protected void configure(HttpSecurity http) throws Exception {
http.csrf().disable().authorizeRequests().antMatchers("/public/**").permitAll();
http.exceptionHandling().authenticationEntryPoint(authenticationEntryPoint);
http.csrf().disable().addFilterBefore(new StatelessCSRFFilter(),CsrfFilter.class).authorizeRequests().antMatchers("/rest/**").permitAll();
}
问题是当我调用localhost:8080 / public / hello时
出现错误
“message”:“缺少或不匹配的CSRF令牌”
我正在使用Spring启动和Spring Security.
谢谢你的帮助.
解决方法
http.antMatcher("/public/**").authorizeRequests().anyRequest().permitAll();
http.exceptionHandling().authenticationEntryPoint(authenticationEntryPoint);
http.antMatcher("/rest/**").addFilterBefore(new StatelessCSRFFilter(),CsrfFilter.class).csrf().disable();
或者你可以这样做.我想两者都会奏效.
http.antMatcher("/public/**").csrf().disable();
http.exceptionHandling().authenticationEntryPoint(authenticationEntryPoint);
http.antMatcher("/rest/**").addFilterBefore(new StatelessCSRFFilter(),CsrfFilter.class).csrf().disable();
java – Tomcat 7和Spring启动战争启动
当我将战争部署到Tomcat 7时,我收到以下消息:
nested exception is java.lang.NoClassDefFoundError: javax/el/ELManager
我添加了< tomcat.version> 7.0.61< /tomcat.version\u0026gt;到我的pom.xml,现在可以在我的开发环境中重现错误. 在bean创建之后发生错误,其他更改是让我运行战争所必需的. 我试图更改我的pom.xml,以便它使用可能与tomcat 7一起使用的旧版本,但未能解决问题.我不知道哪个包产生了问题. 请参阅pom.xml:
<?xml version="1.0" encoding="UTF-8"?>
<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
<modelVersion>4.0.0</modelVersion>
<parent>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-parent</artifactId>
<version>2.1.2.RELEASE</version>
<relativePath/> <!-- lookup parent from repository -->
</parent>
<groupId>com.xxx</groupId>
<artifactId>monitormonitor</artifactId>
<version>0.0.1-SNAPSHOT</version>
<name>monitormonitor</name>
<description>Web Service Monitoring project for Spring Boot</description>
<properties>
<java.version>1.8</java.version>
<start-class>com.xxx.monitormonitor.MonitormonitorApplication</start-class>
<!-- deploying war-file on tomcat 7 -->
<tomcat.version>7.0.61</tomcat.version><!-- nested exception is java.lang.NoClassDefFoundError: javax/el/ELManager -->
<servlet-api.version>3.0.1</servlet-api.version>
</properties>
<packaging>war</packaging>
<dependencies>
<!-- added other version of log4j for invalid byte tag error -->
<dependency>
<groupId>org.apache.logging.log4j</groupId>
<artifactId>log4j-api</artifactId>
<!-- changed version vs. ClassFormatException: Invalid byte tag in constant pool: 19 -->
<!--<version>2.11.1</version>-->
<version>2.7</version>
<!--<scope>provided</scope>-->
</dependency>
<dependency>
<groupId>org.apache.logging.log4j</groupId>
<artifactId>log4j-core</artifactId>
<version>2.7</version>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-jdbc</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-mail</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-web</artifactId>
<!-- <scope>provided</scope> -->
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-tomcat</artifactId>
<scope>provided</scope>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-devtools</artifactId>
<scope>runtime</scope>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-test</artifactId>
<scope>test</scope>
</dependency>
<dependency>
<groupId>org.springframework</groupId>
<artifactId>spring-context-support</artifactId>
</dependency>
<!--
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-tomcat</artifactId>
<version>1.1.6.RELEASE</version>
<scope>provided</scope>
</dependency>
-->
<!-- added vs java.lang.NoClassDefFoundError: javax/el/ELManager -->
<!--<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-validation</artifactId>
</dependency>
-->
<dependency>
<groupId>javax.el</groupId>
<artifactId>javax.el-api</artifactId>
<version>2.2.4</version>
<scope>provided</scope>
</dependency>
<dependency>
<groupId>org.glassfish.web</groupId>
<artifactId>javax.el</artifactId>
<version>2.2.4</version>
<scope>provided</scope>
</dependency>
</dependencies>
<build>
<plugins>
<plugin>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-maven-plugin</artifactId>
<configuration>
<mainClass>com.xxx.monitormonitor.MonitormonitorApplication</mainClass>
</configuration>
</plugin>
</plugins>
</build>
</project>
依赖树:
[INFO] com.xxx:monitormonitor:war:0.0.1-SNAPSHOT
[INFO] +- org.apache.logging.log4j:log4j-api:jar:2.7:compile
[INFO] +- org.apache.logging.log4j:log4j-core:jar:2.7:compile
[INFO] +- org.springframework.boot:spring-boot-starter-jdbc:jar:2.1.2.RELEASE:compile
[INFO] | +- org.springframework.boot:spring-boot-starter:jar:2.1.2.RELEASE:compile
[INFO] | | +- org.springframework.boot:spring-boot-starter-logging:jar:2.1.2.RELEASE:compile
[INFO] | | | +- ch.qos.logback:logback-classic:jar:1.2.3:compile
[INFO] | | | | \- ch.qos.logback:logback-core:jar:1.2.3:compile
[INFO] | | | +- org.apache.logging.log4j:log4j-to-slf4j:jar:2.11.1:compile
[INFO] | | | \- org.slf4j:jul-to-slf4j:jar:1.7.25:compile
[INFO] | | \- org.yaml:snakeyaml:jar:1.23:runtime
[INFO] | +- com.zaxxer:HikariCP:jar:3.2.0:compile
[INFO] | | \- org.slf4j:slf4j-api:jar:1.7.25:compile
[INFO] | \- org.springframework:spring-jdbc:jar:5.1.4.RELEASE:compile
[INFO] | \- org.springframework:spring-tx:jar:5.1.4.RELEASE:compile
[INFO] +- org.springframework.boot:spring-boot-starter-mail:jar:2.1.2.RELEASE:compile
[INFO] | \- com.sun.mail:javax.mail:jar:1.6.2:compile
[INFO] | \- javax.activation:activation:jar:1.1:compile
[INFO] +- org.springframework.boot:spring-boot-starter-web:jar:2.1.2.RELEASE:compile
[INFO] | +- org.springframework.boot:spring-boot-starter-json:jar:2.1.2.RELEASE:compile
[INFO] | | +- com.fasterxml.jackson.core:jackson-databind:jar:2.9.8:compile
[INFO] | | | +- com.fasterxml.jackson.core:jackson-annotations:jar:2.9.0:compile
[INFO] | | | \- com.fasterxml.jackson.core:jackson-core:jar:2.9.8:compile
[INFO] | | +- com.fasterxml.jackson.datatype:jackson-datatype-jdk8:jar:2.9.8:compile
[INFO] | | +- com.fasterxml.jackson.datatype:jackson-datatype-jsr310:jar:2.9.8:compile
[INFO] | | \- com.fasterxml.jackson.module:jackson-module-parameter-names:jar:2.9.8:compile
[INFO] | +- org.hibernate.validator:hibernate-validator:jar:6.0.14.Final:compile
[INFO] | | +- javax.validation:validation-api:jar:2.0.1.Final:compile
[INFO] | | +- org.jboss.logging:jboss-logging:jar:3.3.2.Final:compile
[INFO] | | \- com.fasterxml:classmate:jar:1.4.0:compile
[INFO] | +- org.springframework:spring-web:jar:5.1.4.RELEASE:compile
[INFO] | \- org.springframework:spring-webmvc:jar:5.1.4.RELEASE:compile
[INFO] | +- org.springframework:spring-aop:jar:5.1.4.RELEASE:compile
[INFO] | \- org.springframework:spring-expression:jar:5.1.4.RELEASE:compile
[INFO] +- org.springframework.boot:spring-boot-starter-tomcat:jar:2.1.2.RELEASE:provided
[INFO] | +- javax.annotation:javax.annotation-api:jar:1.3.2:compile
[INFO] | +- org.apache.tomcat.embed:tomcat-embed-core:jar:7.0.61:provided
[INFO] | +- org.apache.tomcat.embed:tomcat-embed-el:jar:7.0.61:provided
[INFO] | \- org.apache.tomcat.embed:tomcat-embed-websocket:jar:7.0.61:provided
[INFO] +- org.springframework.boot:spring-boot-devtools:jar:2.1.2.RELEASE:runtime
[INFO] | +- org.springframework.boot:spring-boot:jar:2.1.2.RELEASE:compile
[INFO] | \- org.springframework.boot:spring-boot-autoconfigure:jar:2.1.2.RELEASE:compile
[INFO] +- org.springframework.boot:spring-boot-starter-test:jar:2.1.2.RELEASE:test
[INFO] | +- org.springframework.boot:spring-boot-test:jar:2.1.2.RELEASE:test
[INFO] | +- org.springframework.boot:spring-boot-test-autoconfigure:jar:2.1.2.RELEASE:test
[INFO] | +- com.jayway.jsonpath:json-path:jar:2.4.0:test
[INFO] | | \- net.minidev:json-smart:jar:2.3:test
[INFO] | | \- net.minidev:accessors-smart:jar:1.2:test
[INFO] | | \- org.ow2.asm:asm:jar:5.0.4:test
[INFO] | +- junit:junit:jar:4.12:test
[INFO] | +- org.assertj:assertj-core:jar:3.11.1:test
[INFO] | +- org.mockito:mockito-core:jar:2.23.4:test
[INFO] | | +- net.bytebuddy:byte-buddy:jar:1.9.7:test
[INFO] | | +- net.bytebuddy:byte-buddy-agent:jar:1.9.7:test
[INFO] | | \- org.objenesis:objenesis:jar:2.6:test
[INFO] | +- org.hamcrest:hamcrest-core:jar:1.3:test
[INFO] | +- org.hamcrest:hamcrest-library:jar:1.3:test
[INFO] | +- org.skyscreamer:jsonassert:jar:1.5.0:test
[INFO] | | \- com.vaadin.external.google:android-json:jar:0.0.20131108.vaadin1:test
[INFO] | +- org.springframework:spring-core:jar:5.1.4.RELEASE:compile
[INFO] | | \- org.springframework:spring-jcl:jar:5.1.4.RELEASE:compile
[INFO] | +- org.springframework:spring-test:jar:5.1.4.RELEASE:test
[INFO] | \- org.xmlunit:xmlunit-core:jar:2.6.2:test
[INFO] +- org.springframework:spring-context-support:jar:5.1.4.RELEASE:compile
[INFO] | +- org.springframework:spring-beans:jar:5.1.4.RELEASE:compile
[INFO] | \- org.springframework:spring-context:jar:5.1.4.RELEASE:compile
[INFO] +- javax.el:javax.el-api:jar:2.2.4:provided
[INFO] \- org.glassfish.web:javax.el:jar:2.2.4:provided
解决方法
spring boot 2.1.2 release支持任何Servlet 3.1兼容容器.
Tomcat 7不是其中之一
弹簧靴docs
使用tomcat 8或更高版本http://tomcat.apache.org/whichversion.html
java-Spring启动application.yml中的Spring Kafka SSL设置
我正在尝试使用Kafka客户端设置Spring Boot应用程序以使用SSL.
由于以下原因,我将我的keystore.jks和truststore.jks存储在文件系统上(在Docker容器上):https://github.com/spring-projects/spring-kafka/issues/710
这是我的application.yml:
spring:
kafka:
ssl:
key-password: pass
keystore-location: /tmp/kafka.client.keystore.jks
keystore-password: pass
truststore-location: /tmp/kafka.client.truststore.jks
truststore-password: pass
但是,当我启动应用程序(在Docker容器中)时,它说:
Caused by: java.lang.IllegalStateException: Resource 'class path resource [tmp/kafka.client.keystore.jks]' must be on a file system
[..]
Caused by: java.io.FileNotFoundException: class path resource [tmp/kafka.client.keystore.jks] cannot be resolved to URL because it does not exist
我检查了容器,并在/ tmp中找到.jks.
我不明白如何将.jks传递给spring boot.
更新06/07/2018
这是我的dockerfile
FROM openjdk:8-jdk-alpine
VOLUME /tmp
copY ssl/kafka.client.keystore.jks /tmp
copY ssl/kafka.client.truststore.jks /tmp
ARG JAR_FILE
ADD ${JAR_FILE} app.jar
ENTRYPOINT ["java","-Djava.security.egd=file:/dev/./urandom","-jar","/app.jar"]
解决方法:
根据讨论并启用kafka ssl配置,首先需要在ConsumerFactory中启用和设置ssl属性
@Bean
public ConsumerFactory<String, ReportingTask> consumerFactory() {
Map<String, Object> props = new HashMap<>();
props.put(ConsumerConfig.BOOTSTRAP_SERVERS_CONfig, bootstrapServers);
props.put(ConsumerConfig.GROUP_ID_CONfig, groupId);
props.put(ConsumerConfig.KEY_DESERIALIZER_CLASS_CONfig, StringDeserializer.class);
props.put(ConsumerConfig.VALUE_DESERIALIZER_CLASS_CONfig, JsonSerializable.class);
props.put(ConsumerConfig.CLIENT_ID_CONfig, clientId);
props.put(ConsumerConfig.ENABLE_AUTO_COMMIT_CONfig, enableAutoCommit);
props.put(ConsumerConfig.AUTO_COMMIT_INTERVAL_MS_CONfig, autoCommitInterval);
props.put(ConsumerConfig.SESSION_TIMEOUT_MS_CONfig, sessionTimeout);
props.put(ConsumerConfig.MAX_POLL_RECORDS_CONfig, maxRecords);
props.put(ConsumerConfig.AUTO_OFFSET_RESET_CONfig, offSet);
if (sslEnabled) {
props.put("security.protocol", "SSL");
props.put("ssl.truststore.location", trustStoreLocation);
props.put("ssl.truststore.password", trustStorePassword);
props.put("ssl.key.password", keyStorePassword);
props.put("ssl.keystore.password", keyStorePassword);
props.put("ssl.keystore.location", keyStoreLocation);
}
return new DefaultKafkaConsumerFactory<>(props, new StringDeserializer(), new JsonDeserializer<>(Task.class));
}
并将证书复制到Docker容器中
copY ssl/stage/* /var/lib/kafka/stage/
Payara 5启动时的Spring MVC Jackson异常
如何解决Payara 5启动时的Spring MVC Jackson异常?
我的应用程序正在使用以下内容:
JDK版本:开放JDK
jdk-11.0.11+9
Payara:5.2021.5
Spring版本:5.2.7.RELEASE
jackson版本:2.9.4。
Payara 5.2021.5 使用 Jackson 版本 2.10.2,而应用程序使用 Jackson 版本:2.9.4。看起来 SpringMVC 使用的一些 Jackson 方法的方法签名在 Jackson 2.10.2 中发生了变化。
在服务器启动时,抛出以下异常:
Details: Location: org/springframework/http/converter/json/Jackson2ObjectMapperBuilder$XmlObjectMapperInitializer.create
(Lcom/fasterxml/jackson/core/JsonFactory;)Lcom/fasterxml/jackson/databind/ObjectMapper; @15: areturn Reason: Type ''com/fasterxml/jackson/dataformat/xml/XmlMapper'' (current frame,stack[0]) is not assignable to ''com/fasterxml/jackson/databind/ObjectMapper'' (from method signature)
我尝试通过在 glassfish-web.xml 中设置元素以及全局,通过在 domain.xml 中将系统属性 fish.payara.classloading.delegate 设置为 false 来禁用本地类加载层次结构
我还尝试按照文档中的建议将以下内容添加到 web.xml 中,并将 init 参数添加到 dispatcherServlet,但似乎没有帮助-
<context-param>
<param-name>jersey.config.jsonFeature</param-name>
<param-value>JacksonFeature</param-value>
</context-param>
解决方法
尝试通过在 glassfish-web.xml 中设置元素来在本地禁用类加载层次结构。看起来 Payara 忽略了这个标志并继续加载 \payara-5.2021.5\payara5\glassfish\modules 中的库,而不是从应用程序加载。我什至尝试用 payara-web.xml 替换 glassfish-web.xml
通过在 domain.xml 中将系统属性 fish.payara.classloading.delegate 设置为 false 解决的问题。
今天的关于spring启动时的过滤顺序和spring实现过滤器的分享已经结束,谢谢您的关注,如果想了解更多关于java – Spring启动csrf过滤器、java – Tomcat 7和Spring启动战争启动、java-Spring启动application.yml中的Spring Kafka SSL设置、Payara 5启动时的Spring MVC Jackson异常的相关知识,请在本站进行查询。
本文标签:
![[转帖]Ubuntu 安装 Wine方法(ubuntu如何安装wine)](https://www.gvkun.com/zb_users/cache/thumbs/4c83df0e2303284d68480d1b1378581d-180-120-1.jpg)
