我想在简单的春季启动应用中使用cloudfoundry apis(https://apidocs.cloudfoundry.org/272/)。
我正在遵循一个文档来为它实现一个java客户端。 (https://docs.cloudfoundry.org/buildpacks/java/java-client.html)
我的pom.xml - >
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-web</artifactId>
</dependency>
<!-- https://mvnrepository.com/artifact/org.cloudfoundry/cloudfoundry-client-lib -->
<dependency>
<groupId>org.cloudfoundry</groupId>
<artifactId>cloudfoundry-client-lib</artifactId>
<version>1.1.4.RELEASE</version>
</dependency>
<dependency>
<groupId>org.cloudfoundry</groupId>
<artifactId>cloudfoundry-client-reactor</artifactId>
<version>2.20.0.RELEASE</version>
</dependency>
<dependency>
<groupId>org.cloudfoundry</groupId>
<artifactId>cloudfoundry-operations</artifactId>
<version>2.20.0.RELEASE</version>
</dependency>
<dependency>
<groupId>io.projectreactor</groupId>
<artifactId>reactor-core</artifactId>
<version>3.1.0.RELEASE</version>
</dependency>
<dependency>
<groupId>io.projectreactor.ipc</groupId>
<artifactId>reactor-netty</artifactId>
<version>0.7.0.RELEASE</version>
</dependency>
控制器和应用程序文件与示例简单弹簧启动启动工具包中提到的完全相同。 (https://spring.io/guides/gs/spring-boot/)。
当使用独立类(如cloudfoundry文档中提到)时,它可以正常工作,但是当在spring boot app中使用相同的代码时,它会给我 -
{
"timestamp": 1510245582167,
"status": 401,
"error": "Unauthorized",
"message": "Full authentication is required to access this resource",
"path": "/hello"
}
我在日志中注意到,当我添加cloudfoundry-client-lib依赖项时,会形成一个过滤器链。
2017-11-09 11:34:38.086 INFO 8648 --- [ main] o.s.s.web.DefaultSecurityFilterChain : Creating filter chain: OrRequestMatcher [requestMatchers=[Ant [pattern='/**']]],
[org.springframework.security.web.context.request.async.WebAsyncManagerIntegrationFilter@288ca5f0,
org.springframework.security.web.context.SecurityContextPersistenceFilter@2ba5aa7a, org.springframework.security.web.header.HeaderWriterFilter@4207609e,
org.springframework.security.web.authentication.logout.LogoutFilter@2c7a8af2,
org.springframework.security.web.authentication.www.BasicAuthenticationFilter@21c815e4, org.springframework.security.web.savedrequest.RequestCacheAwareFilter@22e5f96e,
org.springframework.security.web.servletapi.SecurityContextHolderAwareRequestFilter@5b22d8a1,
org.springframework.security.web.authentication.AnonymousAuthenticationFilter@4068102e,
org.springframework.security.web.session.SessionManagementFilter@67b100fe,
org.springframework.security.web.access.ExceptionTranslationFilter@704641e3,
org.springframework.security.web.access.intercept.FilterSecurityInterceptor@7efd28bd]
如何在使用cloudfoundry lib时处理身份验证或如何处理绕过过滤器链的安全性?
答案 0 :(得分:1)
解决方案:CF Java Client v2与v1具有不同的API,因此您在v2中找不到CloudCredentials。有关构建新客户端和提供凭据的示例,请参阅v2 README:https://github.com/cloudfoundry/cf-java-client#cloudfoundryclient-dopplerclient-uaaclient-builders同样,仅使用v2库,不要在同一个应用程序中使用任何v1库。
我不确定该错误的确切位置,但您在同一个应用程序中混合了不同的主要版本的CF Java客户端。这不太可能奏效。请参阅CF Java Client的项目页面,并仅使用所有2.x.x依赖项的org.cloudfoundry版本。所有org.cloudfoundry依赖项也应该在相同的版本上。
所以替换:
<dependency>
<groupId>org.cloudfoundry</groupId>
<artifactId>cloudfoundry-client-lib</artifactId>
<version>1.1.1</version>
</dependency>
<dependency>
<groupId>org.cloudfoundry</groupId>
<artifactId>cloudfoundry-client-reactor</artifactId>
<version>2.0.1.RELEASE</version>
</dependency>
<dependency>
<groupId>org.cloudfoundry</groupId>
<artifactId>cloudfoundry-operations</artifactId>
<version>2.20.0.RELEASE</version>
</dependency>
带
<dependency>
<groupId>org.cloudfoundry</groupId>
<artifactId>cloudfoundry-client-reactor</artifactId>
<version>2.20.0.RELEASE</version>
</dependency>
<dependency>
<groupId>org.cloudfoundry</groupId>
<artifactId>cloudfoundry-operations</artifactId>
<version>2.20.0.RELEASE</version>
</dependency>