[英]Creating a @Scheduled task with ROLE_ADMIN permissions in Jhipster
我正在使用Jhipster 4.14.4
我正在尝试创建一个@scheduled任务,该任务将执行某些需要管理员权限的操作。
问题在于,默认情况下,在启动程序时,除非有人通过站点登录(或通过调用“ api / authenticate”)登录,否则在主线程的上下文中未设置身份验证。
我正在寻找一种将ADMIN_ROLE权限传递给我的@scheduled方法的安全方法,以便它可以执行必要的操作,但不会以任何我无法想到的方式“泄漏”给其他用户。
我还需要将此方法与可能在主线程的上下文中设置Authentication的任何用户登录隔离,因为那样便无法执行相关任务。
到目前为止,我所做的是如下修改AsyncConfiguration类:
实现了SchedulingConfigurer接口:
@Configuration @EnableAsync @EnableScheduling public class AsyncConfiguration implements AsyncConfigurer, SchedulingConfigurer 添加了一个新的bean“ scheduledTaskExecutor”(除了现有的默认“ taskExecutor”之外):
@Bean(name = "scheduledTaskExecutor") public Executor scheduledTaskExecutor() { ScheduledExecutorService delegateExecutor = Executors.newSingleThreadScheduledExecutor(); SecurityContext context = SecurityContextHolder.createEmptyContext(); Authentication authentication = new UsernamePasswordAuthenticationToken("{admin_username}","{admin_password}"); context.setAuthentication(authentication); return new DelegatingSecurityContextScheduledExecutorService(delegateExecutor, context); } 覆盖SchedulingConfigurer接口的ConfigureTasks()方法,并设置我创建的新调度程序:
@Override public void configureTasks(ScheduledTaskRegistrar taskRegistrar) { taskRegistrar.setScheduler(scheduledTaskExecutor()); } 发生的是,我收到一个错误, 需要完全身份验证 。
org.springframework.security.authentication.InsufficientAuthenticationException: Full authentication is required to access this resource
然后,我尝试注入AuthenticationManager并使用它来创建Authentication对象:
Authentication authentication = this.authenticationManager.authenticate(new UsernamePasswordAuthenticationToken("{admin_username}","{admin_password}"));
但是我得到的是:
***************************
APPLICATION FAILED TO START
***************************
Description:
Parameter 0 of method liquibase in
net.myCompany.myApp.config.DatabaseConfiguration required a bean of type
'org.springframework.core.task.TaskExecutor' that could not be found.
Action:
Consider defining a bean of type 'org.springframework.core.task.TaskExecutor' in your configuration.
Process finished with exit code 0
非常感谢您在这个问题上的帮助。
谢谢!
您需要先启用调度功能,然后再使用@EnableScheduling,将其添加到配置类文件中-
@EnableScheduling
公共类AsyncConfiguration实现AsyncConfigurer,SchedulingConfigurer
sec:authorize="hasRole('ROLE_ADMIN')" 角度
[英]sec:authorize="hasRole('ROLE_ADMIN')" in angular
Spring Security,访问权限=“ ROLE_ADMIN”与访问权限=“ hasAnyRole('ROLE_ADMIN')
[英]Spring Security , access=“ROLE_ADMIN” Vs access="hasAnyRole('ROLE_ADMIN')
Spring Security不能与“hasRole('ROLE_ADMIN')”或ROLE_ADMIN一起使用
[英]Spring Security does not work with “hasRole('ROLE_ADMIN')” or ROLE_ADMIN
如何在spring security taglib中不提及hasRole('ROLE_ADMIN')
[英]How to mention not of hasRole('ROLE_ADMIN') in spring security taglib
Spring Security 基于角色的身份验证 - 403 Forbidden 尽管用户具有 ROLE_ADMIN
[英]Spring Security role based authentication - 403 Forbidden although user has ROLE_ADMIN
@Secured({“ ROLE_USER”,“ ROLE_ADMIN”})的确切含义
[英]What does @Secured({ “ROLE_USER”, “ROLE_ADMIN” }) exactly means
Java Spring Security AccessDecisionManager:UnanimousBased无法解析表达式'ROLE_ADMIN,IS_AUTHENTICATED_FULLY'
[英]Java Spring Security AccessDecisionManager: UnanimousBased Failed to parse expression 'ROLE_ADMIN, IS_AUTHENTICATED_FULLY'
如何使用Spring Security在Spring xml中为一个特殊的URL一起定义ROLE_USER,ROLE_ADMIN IN?
[英]How to defined ROLE_USER,ROLE_ADMIN IN together for one spefic url in spring xml using spring security?
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.