我遵循骡子流程: -
<jms:activemq-connector name="Active_MQ" brokerURL="tcp://localhost:61616" validateConnections="true" doc:name="Active MQ"/>
<mule-ss:security-manager>
<mule-ss:delegate-security-provider name="memory-provider" delegate-ref="authenticationManager" />
</mule-ss:security-manager>
<spring:beans>
<ss:authentication-manager alias="authenticationManager">
<ss:authentication-provider>
<ss:user-service id="userService">
<ss:user name="username" password="password" authorities="ROLE_ADMIN" />
</ss:user-service>
</ss:authentication-provider>
</ss:authentication-manager>
</spring:beans>
<flow name="testFlow1" doc:name="testFlow1">
<http:inbound-endpoint exchange-pattern="request-response" host="localhost" port="8083" doc:name="HTTP">
<mule-ss:http-security-filter realm="realm" />
</http:inbound-endpoint>
<jersey:resources doc:name="REST">
<component class="MyRest" />
</jersey:resources>
<logger message="Done !!!!!" level="INFO" doc:name="Logger"/>
<!-- http://username:password@localhost:8083/myrest or http://localhost:8083/myrest and in this case we need to provide username and password from browser-->
<catch-exception-strategy>
<choice >
<when expression="#[exception.getCauseException().getClass().getName()=='org.springframework.security.authentication.BadCredentialsException']">
<logger level="INFO" message="Authentication failed exception: #[exception.getCauseException().getClass().getName()]"/>
<set-property propertyName="http.status" value="401"/>
<http:response-builder status="401" doc:name="Status code = 401" doc:description="Authentication failed"/>
</when>
<when expression="#[exception.getCauseException().getClass().getName()=='org.springframework.security.access.AccessDeniedException']">
<logger level="INFO" message="Access denied exception: #[exception.getCauseException().getClass().getName()]"/>
<set-property propertyName="http.status" value="405"/>
<http:response-builder status="405" doc:name="Status code = 405" doc:description="Authorization exception - Access denied"/>
</when>
<otherwise>
<logger message="An exception has been caught: #[exception.getCauseException().getClass().getName()]" level="ERROR" doc:name="Exception Thrown"/>
<set-payload value="Error detected while processing" doc:name="Prepare response for client"/>
<set-property propertyName="http.status" value="500"/>
<http:response-builder status="500" doc:name="Status code = 500" doc:description="Exception - Sending a 500 Http Status code as Response"/>
</otherwise>
</choice>
</catch-exception-strategy>
</flow>
我已将以下内容作为参考: - https://github.com/daveEason/mule-example-spring-security/blob/master/src/main/app/mule-config.xml
现在每当我点击网址时出现问题: - http://localhost:8083/myrest ...我收到以下异常: -
ERROR 2014-10-20 23:06:52,223 [[test].connector.http.mule.default.receiver.03] org.mule.exception.CatchMessagingExceptionStrategy:
********************************************************************************
Message : Registered authentication is set to org.mule.module.spring.security.filters.http.HttpBasicAuthenticationFilter but there was no security context on the session. Authentication denied on endpoint http://localhost:8083. Message payload is of type: String
Code : MULE_ERROR--2
--------------------------------------------------------------------------------
Exception stack is:
1. Registered authentication is set to org.mule.module.spring.security.filters.http.HttpBasicAuthenticationFilter but there was no security context on the session. Authentication denied on endpoint http://localhost:8083. Message payload is of type: String (org.mule.api.security.UnauthorisedException)
org.mule.transport.http.filters.HttpBasicAuthenticationFilter:156 (http://www.mulesoft.org/docs/site/current3/apidocs/org/mule/api/security/UnauthorisedException.html)
--------------------------------------------------------------------------------
Root Exception stack trace:
org.mule.api.security.UnauthorisedException: Registered authentication is set to org.mule.module.spring.security.filters.http.HttpBasicAuthenticationFilter but there was no security context on the session. Authentication denied on endpoint http://localhost:8083. Message payload is of type: String
at org.mule.transport.http.filters.HttpBasicAuthenticationFilter.authenticateInbound(HttpBasicAuthenticationFilter.java:156)
at org.mule.security.AbstractEndpointSecurityFilter.authenticate(AbstractEndpointSecurityFilter.java:54)
at org.mule.security.AbstractAuthenticationFilter.doFilter(AbstractAuthenticationFilter.java:52)
+ 3 more (set debug level logging or '-Dmule.verbose.exceptions=true' for everything)
********************************************************************************
ERROR 2014-10-20 23:06:52,225 [[test].connector.http.mule.default.receiver.03] org.mule.api.processor.LoggerMessageProcessor: An exception has been caught: org.mule.api.security.UnauthorisedException
ERROR 2014-10-20 23:06:52,520 [[test].connector.http.mule.default.receiver.03] org.mule.exception.CatchMessagingExceptionStrategy:
********************************************************************************
Message : Registered authentication is set to org.mule.module.spring.security.filters.http.HttpBasicAuthenticationFilter but there was no security context on the session. Authentication denied on endpoint http://localhost:8083. Message payload is of type: String
Code : MULE_ERROR--2
--------------------------------------------------------------------------------
Exception stack is:
1. Registered authentication is set to org.mule.module.spring.security.filters.http.HttpBasicAuthenticationFilter but there was no security context on the session. Authentication denied on endpoint http://localhost:8083. Message payload is of type: String (org.mule.api.security.UnauthorisedException)
org.mule.transport.http.filters.HttpBasicAuthenticationFilter:156 (http://www.mulesoft.org/docs/site/current3/apidocs/org/mule/api/security/UnauthorisedException.html)
--------------------------------------------------------------------------------
Root Exception stack trace:
org.mule.api.security.UnauthorisedException: Registered authentication is set to org.mule.module.spring.security.filters.http.HttpBasicAuthenticationFilter but there was no security context on the session. Authentication denied on endpoint http://localhost:8083. Message payload is of type: String
at org.mule.transport.http.filters.HttpBasicAuthenticationFilter.authenticateInbound(HttpBasicAuthenticationFilter.java:156)
at org.mule.security.AbstractEndpointSecurityFilter.authenticate(AbstractEndpointSecurityFilter.java:54)
at org.mule.security.AbstractAuthenticationFilter.doFilter(AbstractAuthenticationFilter.java:52)
+ 3 more (set debug level logging or '-Dmule.verbose.exceptions=true' for everything)
********************************************************************************
ERROR 2014-10-20 23:06:52,522 [[test].connector.http.mule.default.receiver.03] org.mule.api.processor.LoggerMessageProcessor: An exception has been caught: org.mule.api.security.UnauthorisedException
我想知道为什么会产生这种异常..
但是,如果我从代码中移除例外区块并点击http://localhost:8083/myrest它就可以正常工作并询问用户名和密码如预期并产生预期结果..
但是我想知道为什么当我在代码中使用异常块时它会产生异常。 实际上我使用异常阻止的意图是在不同情况下获取和控制不同的http状态
答案 0 :(得分:3)
这里有两件事情可以发挥作用:
泽西岛资源引发的异常
此类异常必须由一个或多个自定义JAX-RS异常处理程序处理,这些异常处理程序通过一个或多个jersey:resources元素注册到jersey:exception-mapper。
mule-ss:http-security-filter
这些异常是由Jule抛出的,超出了JAX-RS的范围,所以它们必须由catch-exception-strategy元素处理,就像你在问题中所做的那样。
这种错误处理组合应该可以为您提供所需的信息。
答案 1 :(得分:1)
要检索HTTP代码,您可以使用过滤器并在流中引发异常。这是一个例子:
<message-filter throwOnUnaccepted="true">
<message-property-filter pattern="message.inboundProperties['http.status'] >= 400" />
</message-filter>