0
我有我的彈簧安置下面的配置在這裏我想有我所有的網絡服務要經過基本身份驗證:越來越HTTP 403訪問被拒絕彈簧安置服務
彈簧sec.xml
<http auto-config="true" use-expressions="true">
<intercept-url pattern="/*" access="hasRole('ROLE_ADMIN')"/>
<http-basic/>
</http>
<!-- Authentication manager -->
<authentication-manager>
<authentication-provider>
<user-service>
<user name="admin" password="admin" authorities="ROLE_ADMIN"/>
<user name="rest" password="rest" authorities="ROLE_REST"/>
<user name="user" password="user" authorities="ROLE_USER"/>
</user-service>
</authentication-provider>
</authentication-manager>
對於我的客戶端代碼,我有以下幾點:
String encoding = Base64.getEncoder().encodeToString(("admin:admin").getBytes());
String authHeader = "Basic " + encoding;
System.out.println(authHeader);
HttpPost post = new HttpPost(uri);
post.setHeader("Content-Type", "application/octet-stream; boundary=\"---Content Boundary\"");
post.setHeader("Authorization", authHeader);
我所有的客戶端的執行越來越HTTP 40 3訪問被拒絕,但從代碼中,我已經使用配置的用戶名和密碼。我也從hasRole改爲hasAuthority,但無濟於事。請在此幫助。謝謝!
web.xml中:
<context-param>
<param-name>contextConfigLocation</param-name>
<param-value>/WEB-INF/spring/root-context.xml, /WEB-INF/spring/appServlet/spring-sec.xml</param-value>
</context-param>
<!-- Spring Security filter -->
<filter>
<filter-name>springSecurityFilterChain</filter-name>
<filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
</filter>
<filter-mapping>
<filter-name>springSecurityFilterChain</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
在這裏體會一些幫助,謝謝! –