Spring Security未检测到多部分配置
[英]Spring Security doesn't detect multi-part configuration
问题描述
I configured properly multi-part form in Spring MVC, but when I added Spring Security to my project I cannot upload file anymore. 
我在Spring MVC中正确配置了多部分表单,但是当我将Spring Security添加到项目中时,我无法再上传文件。 I have no idea, what can cause this, actually I tried every solution which I found in stackoverflow. 我不知道是什么原因造成的,实际上我尝试了在stackoverflow中找到的每个解决方案。
Spring MVC: 春季MVC:
public class MvcConfig extends WebMvcConfigurerAdapter {
@Bean
public InternalResourceViewResolver viewResolver(){
InternalResourceViewResolver viewResolver = new InternalResourceViewResolver();
viewResolver.setViewClass(JstlView.class);
viewResolver.setPrefix("/WEB-INF/views/");
viewResolver.setSuffix(".jsp");
return viewResolver;
}
@Bean
public CommonsMultipartResolver filterMultipartResolver() {
CommonsMultipartResolver resolver = new CommonsMultipartResolver();
resolver.setDefaultEncoding("utf-8");
return resolver;
}
@Override
public void addResourceHandlers(final ResourceHandlerRegistry registry) {
registry.addResourceHandler("/resources/**").addResourceLocations("/resources/");
}
ServletInitializer: ServletInitializer:
public class ServletInitializer extends AbstractAnnotationConfigDispatcherServletInitializer {
@Override
protected Class<?>[] getServletConfigClasses() {
return new Class[]{MvcConfig.class};
}
@Override
protected String[] getServletMappings() {
return new String[]{"/"};
}
@Override
protected Class<?>[] getRootConfigClasses() {
return new Class[]{MessageSecurityWebApplicationInitializer.class, SecurityConfig.class};
}
Security configuration: 安全配置:
public class SecurityConfig extends WebSecurityConfigurerAdapter {
@Autowired
public void configureGlobal(AuthenticationManagerBuilder auth) throws Exception {
auth
.inMemoryAuthentication()
.withUser("user").password("password").roles("USER")
.and()
.withUser("admin").password("1234").roles("USER", "ADMIN");
}
@Override
public void configure(WebSecurity web) throws Exception {
web
.ignoring()
.antMatchers("/resources/**"); // #3
}
@Override
protected void configure(HttpSecurity http) throws Exception {
http
.authorizeRequests()
.antMatchers("/", "/login", "/getPhoto/{id}", "/deletePhoto/{id}").permitAll()
.antMatchers("/remove").hasRole("ADMIN")
.antMatchers("/add/**", "/upload/**").hasAnyRole("ADMIN", "USER")
.anyRequest().authenticated() // 7
.and()
.formLogin()
.loginPage("/login")
.successForwardUrl("/")
.usernameParameter("userLogin")
.passwordParameter("userPassword")
.failureForwardUrl("/login?error=true");
}
MessageSecurityWebApplicationInitializer MessageSecurityWebApplicationInitializer
public class MessageSecurityWebApplicationInitializer
extends AbstractSecurityWebApplicationInitializer {
@Override
protected void beforeSpringSecurityFilterChain(ServletContext servletContext) {
insertFilters(servletContext, new MultipartFilter());
}
Upload mapping: 上传映射:
@RequestMapping(value = "/upload", method = RequestMethod.POST)
public String uploadWallpaper(@RequestParam("wallpaperFile") MultipartFile file,
@RequestParam("category") String category) {
Wallpaper wallpaper = new Wallpaper();
try {
wallpaper.setName(file.getOriginalFilename());
wallpaper.setData(file.getBytes());
wallpaper.setCategory(category);
serviceDAO.addObject(wallpaper);
return "redirect:/";
} catch (IOException e) {
return "add_wallpaper";
}
}
html form: html形式:
<spring:url value="/upload?${_csrf.parameterName}=${_csrf.token}" var="formURL"/>
<form method="post" enctype="multipart/form-data" action="/upload?${_csrf.parameterName}=${_csrf.token}">
...
Exception I still receiving: 我仍然收到的例外:
org.springframework.web.multipart.MultipartException: Could not parse multipart servlet request; nested exception is java.lang.IllegalStateException: Unable to process parts as no multi-part configuration has been provided
org.springframework.web.multipart.support.StandardMultipartHttpServletRequest.parseRequest(StandardMultipartHttpServletRequest.java:111)
org.springframework.web.multipart.support.StandardMultipartHttpServletRequest.<init>(StandardMultipartHttpServletRequest.java:85)
org.springframework.web.multipart.support.StandardServletMultipartResolver.resolveMultipart(StandardServletMultipartResolver.java:76)
org.springframework.web.multipart.support.MultipartFilter.doFilterInternal(MultipartFilter.java:112)
org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107)
1 个解决方案
解决方案1
0 已采纳 2016-07-14 11:59:56
I used this config: 我使用了这个配置:
@Bean
public CommonsMultipartResolver multipartResolver(){
CommonsMultipartResolver commonsMultipartResolver = new CommonsMultipartResolver();
commonsMultipartResolver.setMaxInMemorySize(MEMORY_SIZE);
commonsMultipartResolver.setMaxUploadSize(UPLOAD_SIZE);
return commonsMultipartResolver;
}
In case I didn't create a class that extends of AbstractSecurityWebApplicationInitializer . 如果我没有创建扩展AbstractSecurityWebApplicationInitializer的类。 Try not to use that class and set the above bean. 尽量不要使用该类并设置上述bean。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.
相关问题
带有Spring Boot的Jersey多部分配置 - Jersey multi-part configuration with Spring Boot
Spring WebClient 多部分文件上传 - Spring WebClient multi-part file upload
Spring MVC文件上传:由于未提供多部分配置,因此无法处理部分 - Spring MVC file upload: Unable to process parts as no multi-part configuration has been provided
由于未提供多部件配置,因此无法处理部件 - Unable to process parts as no multi-part configuration has been provided
Spring Boot 2.x 报告 java.lang.IllegalStateException:无法处理部件,因为未提供多部件配置 - Spring Boot 2.x reports java.lang.IllegalStateException: Unable to process parts as no multi-part configuration has been provided
多部分请求 - Multi-Part Request
泽西2多部分 - Jersey 2 multi-part
不应该满足多部分循环条件 - Multi-part loop-condition satisfied when it shouldn't be
多部分表格不起作用 - Multi-part form not working
测试时似乎没有应用 spring-security 的配置 - Configuration of spring-security doesn't seem to be applied while testing
相关标签