我在我的项目中使用 Spring MVC,在将用户请求映射到 URI 时,我无法绕过它。由于 url 被拦截,我收到 403 错误。但我能够通过浏览器访问它。
Updated
我删除了 security.xml 中的拦截,当我尝试点击时,出现以下错误。
不支持请求方法“POST”
http://49.205.88.200:5080/Batasariservice/groupview.htm
username : userx@bat
password : 123456
Updated:
我的休息控制器:
@RestController
public class AuthenticateDeviceRestWS {
@Autowired
ManageDeviceWSBusiness manageDeviceWSBusiness;
@RequestMapping(value = "authAndRegDevice.htm", method = RequestMethod.POST)
public @ResponseBody String authenticateAndRegisterDevice(
@RequestBody String notificationJsonRequest)
throws BatasariWSException {
WSDeviceAuthenticateRequest wsDeviceAuthenticateRequest = (WSDeviceAuthenticateRequest) UserAccessManagementUtil
.convertToJava(notificationJsonRequest,
WSDeviceAuthenticateRequest.class);
WSDeviceAuthenticateResponse wsDeviceAuthenticateResponse = manageDeviceWSBusiness
.authAndRegisterDevice(wsDeviceAuthenticateRequest);
return UserAccessManagementUtil
.convertToJson(wsDeviceAuthenticateResponse);
}
}
UpdatedJava 主类,即,经过测试
public class AuthURLConnection {
static String URL = "http://localhost:5080/Batasariservice/authAndRegDevice.htm";
public static void main(String[] args) {
// TODO Auto-generated method stub
String json = "{ " + "\"deviceID\":\"Test\", "
+ "\"deviceName\":\"Test Device\", "
+ "\"phoneNumber\":\"testnumber\", "
+ "\"companyIdentifier\":\"bat\", "
+ "\"userIdentifier\":\"Test\", " + "\"addtionalInfo\":\"\""
+ "}";
wsRequest(json);
}
private static void wsRequest(String jsonInput) {
try {
URL targetUrl = new URL(URL);
HttpURLConnection httpConnection = (HttpURLConnection) targetUrl
.openConnection();
httpConnection.setDoOutput(true);
httpConnection.setRequestMethod("POST");
httpConnection.setRequestProperty("Content-Type",
"application/json");
OutputStream outputStream = httpConnection.getOutputStream();
outputStream.write(jsonInput.getBytes());
outputStream.flush();
if (httpConnection.getResponseCode() != 200) {
throw new RuntimeException("Failed : HTTP error code : "
+ httpConnection.getResponseCode() + ":"
+ httpConnection.getResponseMessage());
}
BufferedReader responseBuffer = new BufferedReader(
new InputStreamReader(httpConnection.getInputStream()));
String output;
StringBuffer sb = new StringBuffer();
while ((output = responseBuffer.readLine()) != null) {
sb.append(output);
}
httpConnection.disconnect();
} catch (MalformedURLException e) {
e.printStackTrace();
} catch (IOException e) {
e.printStackTrace();
}
}
}
Updated我的 spring-security.xml 文件
<http auto-config="true" use-expressions="true">
<intercept-url pattern="/userLogin*" access="permitAll" />
<intercept-url pattern="/authAndRegDevice.htm" access="permitAll" />
<intercept-url pattern="/css/**" access="permitAll" />
<intercept-url pattern="/**" access="hasRole('DefaultRole')" />
<!-- access denied page -->
<access-denied-handler error-page="/403" />
<form-login login-page="/userLogin.htm" default-target-url="/groupview.htm"
authentication-failure-url="/userLogin.htm?error" username-parameter="username"
password-parameter="password" authentication-success-handler-ref="authSuccessHandler" />
<csrf />
</http>
<beans:bean id="authSuccessHandler"
class="com.pathfinder.filter.AuthenticationSuccessHandlerImpl" />
<beans:bean id="encoder"
class="org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder"/>
<authentication-manager>
<authentication-provider>
<password-encoder ref="encoder" />
<jdbc-user-service data-source-ref="dataSource"
users-by-username-query="select username,password, status from users where username=?"
authorities-by-username-query="select username, 'DefaultRole' as role from userrolesview where username =? " />
</authentication-provider>
</authentication-manager>