[英]Creating a @Scheduled task with ROLE_ADMIN permissions in Jhipster
I'm using Jhipster 4.14.4 我正在使用Jhipster 4.14.4
I'm trying to create a @scheduled task that will perform certain actions that require admin permissions. 我正在尝试创建一个@scheduled任务,该任务将执行某些需要管理员权限的操作。
The problem is that by default, when the program is launched, there's no authentication set in the context of the main thread unless someone logs in through the site (or by calling "api/authenticate"). 问题在于,默认情况下,在启动程序时,除非有人通过站点登录(或通过调用“ api / authenticate”)登录,否则在主线程的上下文中未设置身份验证。
I'm looking for a secure way to pass ADMIN_ROLE authority to my @scheduled method so it can perform the necessary actions but it will not "leak" in any way I can't think of to other users. 我正在寻找一种将ADMIN_ROLE权限传递给我的@scheduled方法的安全方法,以便它可以执行必要的操作,但不会以任何我无法想到的方式“泄漏”给其他用户。
I also need this method to be secluded from any user login that might happen to set the Authentication in the context of the main thread, because then it wouldn't be able to perform the relevant task. 我还需要将此方法与可能在主线程的上下文中设置Authentication的任何用户登录隔离,因为那样便无法执行相关任务。
What I've done so far is modify AsyncConfiguration class as follows: 到目前为止,我所做的是如下修改AsyncConfiguration类:
implemented SchedulingConfigurer interface: 实现了SchedulingConfigurer接口:
@Configuration @EnableAsync @EnableScheduling public class AsyncConfiguration implements AsyncConfigurer, SchedulingConfigurer
Addedd a new bean "scheduledTaskExecutor" (aside from the existing default "taskExecutor"): 添加了一个新的bean“ scheduledTaskExecutor”(除了现有的默认“ taskExecutor”之外):
@Bean(name = "scheduledTaskExecutor") public Executor scheduledTaskExecutor() { ScheduledExecutorService delegateExecutor = Executors.newSingleThreadScheduledExecutor(); SecurityContext context = SecurityContextHolder.createEmptyContext(); Authentication authentication = new UsernamePasswordAuthenticationToken("{admin_username}","{admin_password}"); context.setAuthentication(authentication); return new DelegatingSecurityContextScheduledExecutorService(delegateExecutor, context); }
Overriden the ConfigureTasks() method of the SchedulingConfigurer interface and set the new scheduler I've created: 覆盖SchedulingConfigurer接口的ConfigureTasks()方法,并设置我创建的新调度程序:
@Override public void configureTasks(ScheduledTaskRegistrar taskRegistrar) { taskRegistrar.setScheduler(scheduledTaskExecutor()); }
What happens is that I'm getting an error that full authentication is needed . 发生的是,我收到一个错误, 需要完全身份验证 。
org.springframework.security.authentication.InsufficientAuthenticationException: Full authentication is required to access this resource
Then I tried Injecting AuthenticationManager and use it to create the Authentication object: 然后,我尝试注入AuthenticationManager并使用它来创建Authentication对象:
Authentication authentication = this.authenticationManager.authenticate(new UsernamePasswordAuthenticationToken("{admin_username}","{admin_password}"));
But what I got was: 但是我得到的是:
***************************
APPLICATION FAILED TO START
***************************
Description:
Parameter 0 of method liquibase in
net.myCompany.myApp.config.DatabaseConfiguration required a bean of type
'org.springframework.core.task.TaskExecutor' that could not be found.
Action:
Consider defining a bean of type 'org.springframework.core.task.TaskExecutor' in your configuration.
Process finished with exit code 0
I would very appreciate you help on this subject. 非常感谢您在这个问题上的帮助。
Thanks! 谢谢!
You need to enable scheduling before using by @EnableScheduling, SO add this to your configuration class file- 您需要先启用调度功能,然后再使用@EnableScheduling,将其添加到配置类文件中-
@EnableScheduling @EnableScheduling
public class AsyncConfiguration implements AsyncConfigurer, SchedulingConfigurer 公共类AsyncConfiguration实现AsyncConfigurer,SchedulingConfigurer
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.