我已经使用带有Spring安全性的Spring 4设置了一个简单的REST API
的web.xml
qfbvAccountController.java
<context-param>
<param-name>contextConfigLocation</param-name>
<param-value>/WEB-INF/mysabisabi-servlet.xml,
classpath*:META-INF/spring/applicationContext.xml,
classpath*:META-INF/spring/mysabisabi-security.xml
</param-value>
</context-param>
<listener>
<listener-class>org.springframework.web.context.ContextLoaderListener</listener-class>
</listener>
<servlet>
<servlet-name>mysabisabi-rest</servlet-name>
<servlet-class>org.springframework.web.servlet.DispatcherServlet</servlet-class>
<load-on-startup>1</load-on-startup>
</servlet>
<servlet-mapping>
<servlet-name>mysabisabi-rest</servlet-name>
<url-pattern>/</url-pattern>
</servlet-mapping>
mysabisabi-servlet.xml中
@RestController
@RequestMapping(value="/api")
public class AccountController {
@RequestMapping(value="/update", method=RequestMethod.POST)
public ResponseEntity<GenericResponse> updateRegistrationToken(@RequestBody RegistrationToken token){
GenericResponse response = new GenericResponse();
//some code here
return new ResponseEntity<GenericResponse>(response, HttpStatus.ACCEPTED);
}
}
mysabisabi-security.xml文件
<bean id="jacksonObjectMapper" class="com.mysabisabi.mapper.JsonCustomMapper" />
<bean id="jackson2HttpMessageConverter"
class="org.springframework.http.converter.json.MappingJackson2HttpMessageConverter">
<property name="objectMapper" ref="jacksonObjectMapper" />
</bean>
<mvc:annotation-driven>
<mvc:message-converters register-defaults="true">
<ref bean="jackson2HttpMessageConverter" />
</mvc:message-converters>
</mvc:annotation-driven>
的applicationContext.xml
<http pattern="/oauth/token" create-session="stateless" authentication-manager-ref="clientAuthenticationManager"
xmlns="http://www.springframework.org/schema/security">
<intercept-url pattern="/oauth/token" access="isFullyAuthenticated()"/>
<csrf disabled="true"/>
<anonymous enabled="false"/>
<http-basic entry-point-ref="clientAuthenticationEntryPoint"/>
<!-- include this only if you need to authenticate clients via request parameters -->
<custom-filter ref="clientCredentialsTokenEndpointFilter" after="BASIC_AUTH_FILTER"/>
<access-denied-handler ref="oauthAccessDeniedHandler"/>
</http>
<http pattern="/api/*" create-session="never" entry-point-ref="oauthAuthenticationEntryPoint"
access-decision-manager-ref="accessDecisionManager" xmlns="http://www.springframework.org/schema/security">
<anonymous enabled="false"/>
<csrf disabled="true"/>
<intercept-url pattern="/api/*" access="hasRole('ROLE_USER')"/>
<custom-filter ref="resourceServerFilter" before="PRE_AUTH_FILTER"/>
<access-denied-handler ref="oauthAccessDeniedHandler"/>
日志文件
<mvc:annotation-driven />
<context:annotation-config />
<context:component-scan base-package="com.mysabisabi" />
<context:property-placeholder location="classpath:mysabisabi.properties" />
<tx:annotation-driven transaction-manager="transactionManager" />
//dataSource configuration
当我尝试访问2016-07-16 16:24:45 INFO RequestMappingHandlerMapping:537 - Mapped "{[/api/update],methods=[POST]}" onto public org.springframework.http.ResponseEntity<com.mysabisabi.dto.response.GenericResponse> com.mysabisabi.controller.AccountController.updateRegistrationToken(com.mysabisabi.dto.request.RegistrationToken)
时,我收到http://localhost:8080/mysabisabi/api/update
我已尝试HTTPStatus 404 Not Found - The requested resource is not available和/作为网址格式,但仍然相同。
有人可以指出我错过了什么吗?
感谢。
答案 0 :(得分:1)
你的申请容器是什么?
例如,Tomcat会将应用名称添加到链接中,如http://localhost:8080/mysabisabi/api/update中所示,而Google App Engine则不会,例如:http://localhost:8080/api/update
答案 1 :(得分:0)
你的配置看起来很好。 在web.xml中更改以下代码。
<servlet> <servlet-name>mysabisabi-rest</servlet-name> <servlet-class>org.springframework.web.servlet.DispatcherServlet</servlet-class> <init-param> <param-name>contextConfigLocation</param-name> <param-value>/WEB-INF/mysabisabi-servlet.xml</param-value> </init-param> <load-on-startup>1</load-on-startup> </servlet>
另请查看以下网址。 Order of loading contextConfigLocation in web.xml of Spring Servlet project