我有一个拥有spring-boot project的{{1}},但是在了解了反应式编程的好处之后,我决定切换到apache tomcat和Reactor Netty。
我遵循了这个tutorial并设法使其运行,不幸的是,每个请求现在都返回一个WebFlux和401。谷歌搜索后,我发现我需要更改403。我需要像Websecurity settings那样毁灭csrf,我做到了
http.csrf().disable()当我尝试从@EnableWebFluxSecurity
public class WebFluxSecurityConfig {
@Bean
public SecurityWebFilterChain springSecurityFilterChain(
ServerHttpSecurity http) {
http.csrf().disable()
.authorizeExchange()
.pathMatchers("/**").permitAll()
.and()
.httpBasic();
return http.build();
}
}
调用endpoint时,它仍然返回TestController和403。
401下面是我在日志中收到的消息
@RestController
@RequestMapping("/test")
public class TestController {
@RequestMapping(value = "/testmethod", method = RequestMethod.GET)
public Mono<ServerResponse> test() {
LOGGER.debug("test() method invoked");
return ServerResponse.status(HttpStatus.OK).body(fromObject("Call received!")).log();
}
}
如果我叫用户注册端点
17:02:17.961 [reactor-http-epoll-3] DEBUG org.springframework.web.server.adapter.HttpWebHandlerAdapter - [c9c29225] HTTP GET "/mytestapp/user/test"
17:02:17.992 [reactor-http-epoll-3] DEBUG org.springframework.security.web.server.util.matcher.MediaTypeServerWebExchangeMatcher - httpRequestMediaTypes=[*/*]
17:02:17.992 [reactor-http-epoll-3] DEBUG org.springframework.security.web.server.util.matcher.MediaTypeServerWebExchangeMatcher - Processing */*
17:02:17.992 [reactor-http-epoll-3] DEBUG org.springframework.security.web.server.util.matcher.MediaTypeServerWebExchangeMatcher - Ignoring
17:02:17.992 [reactor-http-epoll-3] DEBUG org.springframework.security.web.server.util.matcher.MediaTypeServerWebExchangeMatcher - Did not match any media types
17:02:17.992 [reactor-http-epoll-3] DEBUG org.springframework.security.web.server.util.matcher.MediaTypeServerWebExchangeMatcher - httpRequestMediaTypes=[*/*]
17:02:17.992 [reactor-http-epoll-3] DEBUG org.springframework.security.web.server.util.matcher.MediaTypeServerWebExchangeMatcher - Processing */*
17:02:17.992 [reactor-http-epoll-3] DEBUG org.springframework.security.web.server.util.matcher.MediaTypeServerWebExchangeMatcher - Ignoring
17:02:17.992 [reactor-http-epoll-3] DEBUG org.springframework.security.web.server.util.matcher.MediaTypeServerWebExchangeMatcher - Did not match any media types
17:02:17.993 [reactor-http-epoll-3] DEBUG org.springframework.web.server.adapter.HttpWebHandlerAdapter - [c9c29225] Completed 401 UNAUTHORIZED
但是即使这个返回了
@RequestMapping(value = "/registration/user", method = RequestMethod.POST)
@ResponseBody
public Mono<ServerResponse> registerUserAccount(@RequestBody UserDto userDto) {
final Mono<User> registeredUser = userService.registerNewUserAccount(passengerDto);
return registeredUser.flatMap(user -> ServerResponse.status(HttpStatus.OK).build())
.switchIfEmpty(Mono.defer(() -> ServerResponse.status(HttpStatus.INTERNAL_SERVER_ERROR).build()));
}
有人知道我该如何解决吗?
答案 0 :(得分:0)
我没错,您已经启用了安全性,如果它是spring-boot项目,那么它将查找身份验证对象。如果浏览器要求输入用户名/密码,请尝试在浏览器中访问服务URL,然后必须提供该URL才能访问服务。
此处的选项是从您访问它的位置(例如-邮递员)提供用户名/密码