I configured properly multi-part form in Spring MVC, but when I added Spring Security to my project I cannot upload file anymore. I have no idea, what can cause this, actually I tried every solution which I found in stackoverflow.
Spring MVC:
public class MvcConfig extends WebMvcConfigurerAdapter {
@Bean
public InternalResourceViewResolver viewResolver(){
InternalResourceViewResolver viewResolver = new InternalResourceViewResolver();
viewResolver.setViewClass(JstlView.class);
viewResolver.setPrefix("/WEB-INF/views/");
viewResolver.setSuffix(".jsp");
return viewResolver;
}
@Bean
public CommonsMultipartResolver filterMultipartResolver() {
CommonsMultipartResolver resolver = new CommonsMultipartResolver();
resolver.setDefaultEncoding("utf-8");
return resolver;
}
@Override
public void addResourceHandlers(final ResourceHandlerRegistry registry) {
registry.addResourceHandler("/resources/**").addResourceLocations("/resources/");
}
ServletInitializer:
public class ServletInitializer extends AbstractAnnotationConfigDispatcherServletInitializer {
@Override
protected Class<?>[] getServletConfigClasses() {
return new Class[]{MvcConfig.class};
}
@Override
protected String[] getServletMappings() {
return new String[]{"/"};
}
@Override
protected Class<?>[] getRootConfigClasses() {
return new Class[]{MessageSecurityWebApplicationInitializer.class, SecurityConfig.class};
}
Security configuration:
public class SecurityConfig extends WebSecurityConfigurerAdapter {
@Autowired
public void configureGlobal(AuthenticationManagerBuilder auth) throws Exception {
auth
.inMemoryAuthentication()
.withUser("user").password("password").roles("USER")
.and()
.withUser("admin").password("1234").roles("USER", "ADMIN");
}
@Override
public void configure(WebSecurity web) throws Exception {
web
.ignoring()
.antMatchers("/resources/**"); // #3
}
@Override
protected void configure(HttpSecurity http) throws Exception {
http
.authorizeRequests()
.antMatchers("/", "/login", "/getPhoto/{id}", "/deletePhoto/{id}").permitAll()
.antMatchers("/remove").hasRole("ADMIN")
.antMatchers("/add/**", "/upload/**").hasAnyRole("ADMIN", "USER")
.anyRequest().authenticated() // 7
.and()
.formLogin()
.loginPage("/login")
.successForwardUrl("/")
.usernameParameter("userLogin")
.passwordParameter("userPassword")
.failureForwardUrl("/login?error=true");
}
MessageSecurityWebApplicationInitializer
public class MessageSecurityWebApplicationInitializer
extends AbstractSecurityWebApplicationInitializer {
@Override
protected void beforeSpringSecurityFilterChain(ServletContext servletContext) {
insertFilters(servletContext, new MultipartFilter());
}
Upload mapping:
@RequestMapping(value = "/upload", method = RequestMethod.POST)
public String uploadWallpaper(@RequestParam("wallpaperFile") MultipartFile file,
@RequestParam("category") String category) {
Wallpaper wallpaper = new Wallpaper();
try {
wallpaper.setName(file.getOriginalFilename());
wallpaper.setData(file.getBytes());
wallpaper.setCategory(category);
serviceDAO.addObject(wallpaper);
return "redirect:/";
} catch (IOException e) {
return "add_wallpaper";
}
}
html form:
<spring:url value="/upload?${_csrf.parameterName}=${_csrf.token}" var="formURL"/>
<form method="post" enctype="multipart/form-data" action="/upload?${_csrf.parameterName}=${_csrf.token}">
...
Exception I still receiving:
org.springframework.web.multipart.MultipartException: Could not parse multipart servlet request; nested exception is java.lang.IllegalStateException: Unable to process parts as no multi-part configuration has been provided
org.springframework.web.multipart.support.StandardMultipartHttpServletRequest.parseRequest(StandardMultipartHttpServletRequest.java:111)
org.springframework.web.multipart.support.StandardMultipartHttpServletRequest.<init>(StandardMultipartHttpServletRequest.java:85)
org.springframework.web.multipart.support.StandardServletMultipartResolver.resolveMultipart(StandardServletMultipartResolver.java:76)
org.springframework.web.multipart.support.MultipartFilter.doFilterInternal(MultipartFilter.java:112)
org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107)
I used this config:
@Bean
public CommonsMultipartResolver multipartResolver(){
CommonsMultipartResolver commonsMultipartResolver = new CommonsMultipartResolver();
commonsMultipartResolver.setMaxInMemorySize(MEMORY_SIZE);
commonsMultipartResolver.setMaxUploadSize(UPLOAD_SIZE);
return commonsMultipartResolver;
}
In case I didn't create a class that extends of AbstractSecurityWebApplicationInitializer . Try not to use that class and set the above bean.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.