如何在Mule上使用Spring Security http模式？

Question

即時通訊使用彈簧安全，但一些部分沒有得到保護，一些與我所實施的http路徑我的路徑，但它似乎沒有工作，甚至要通過該部分的代碼...

代碼完成到目前爲止：

<?xml version="1.0" encoding="UTF-8"?> 

<mule xmlns:servlet="http://www.mulesoft.org/schema/mule/servlet" 
xmlns:cxf="http://www.mulesoft.org/schema/mule/cxf" 
xmlns:vm="http://www.mulesoft.org/schema/mule/vm" 
xmlns:scripting="http://www.mulesoft.org/schema/mule/scripting" 
xmlns:core="http://www.mulesoft.org/schema/mule/core" xmlns:jdbc-ee="http://www.mulesoft.org/schema/mule/ee/jdbc" xmlns:ssl="http://www.mulesoft.org/schema/mule/ssl" xmlns:doc="http://www.mulesoft.org/schema/mule/documentation" xmlns:ee="http://www.mulesoft.org/schema/mule/ee/core" 
xmlns:mulexml="http://www.mulesoft.org/schema/mule/xml" xmlns:https="http://www.mulesoft.org/schema/mule/https" 
xmlns="http://www.mulesoft.org/schema/mule/core" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" 
xmlns:spring="http://www.springframework.org/schema/beans" xmlns:http="http://www.mulesoft.org/schema/mule/http" 
xmlns:pattern="http://www.mulesoft.org/schema/mule/pattern" 
xmlns:mule-ss="http://www.mulesoft.org/schema/mule/spring-security" 
xmlns:ss="http://www.springframework.org/schema/security" 
xsi:schemaLocation=" 
http://www.mulesoft.org/schema/mule/servlet http://www.mulesoft.org/schema/mule/servlet/current/mule-servlet.xsd 
http://www.mulesoft.org/schema/mule/cxf http://www.mulesoft.org/schema/mule/cxf/current/mule-cxf.xsd 
http://www.mulesoft.org/schema/mule/vm http://www.mulesoft.org/schema/mule/vm/current/mule-vm.xsd 
http://www.mulesoft.org/schema/mule/scripting http://www.mulesoft.org/schema/mule/scripting/current/mule-scripting.xsd http://www.mulesoft.org/schema/mule/core http://www.mulesoft.org/schema/mule/core/current/mule.xsd http://www.mulesoft.org/schema/mule/ee/jdbc http://www.mulesoft.org/schema/mule/ee/jdbc/current/mule-jdbc-ee.xsd 
http://www.mulesoft.org/schema/mule/pattern http://www.mulesoft.org/schema/mule/pattern/current/mule-pattern.xsd 
http://www.mulesoft.org/schema/mule/ee/core http://www.mulesoft.org/schema/mule/ee/core/current/mule-ee.xsd 
http://www.mulesoft.org/schema/mule/xml http://www.mulesoft.org/schema/mule/xml/current/mule-xml.xsd 
http://www.mulesoft.org/schema/mule/https http://www.mulesoft.org/schema/mule/https/current/mule-https.xsd 
http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-current.xsd 
http://www.mulesoft.org/schema/mule/core http://www.mulesoft.org/schema/mule/core/3.4/mule.xsd 
http://www.mulesoft.org/schema/mule/http http://www.mulesoft.org/schema/mule/http/3.4/mule-http.xsd 
http://www.mulesoft.org/schema/mule/pattern http://www.mulesoft.org/schema/mule/pattern/3.4/mule-pattern.xsd 
http://www.mulesoft.org/schema/mule/spring-security http://www.mulesoft.org/schema/mule/spring-security/3.4/mule-spring-security.xsd 
http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-3.1.xsd 
http://www.mulesoft.org/schema/mule/ssl http://www.mulesoft.org/schema/mule/ssl/current/mule-ssl.xsd" version="EE-3.4.0"> 

<mule-ss:security-manager> 
    <mule-ss:delegate-security-provider name="jdbc-provider" delegate-ref="authenticationManager"></mule-ss:delegate-security-provider> 
</mule-ss:security-manager> 

<spring:beans> 
    <spring:bean class="org.apache.cxf.interceptor.LoggingInInterceptor" id="loggingInInterceptor" /> 
    <spring:bean class="org.apache.cxf.interceptor.LoggingOutInterceptor" id="loggingOutInterceptor"/> 

    <spring:bean id="dataSource" class="org.springframework.jdbc.datasource.DriverManagerDataSource"> 
     <spring:property name="driverClassName" value="${database.driver}"/> 
     <spring:property name="url" value="${database.url}"/> 
     <spring:property name="username" value="${database.user}"/> 
     <spring:property name="password" value="${database.pass}"/> 
    </spring:bean> 

    <ss:http auto-config="true" use-expressions="true" request-matcher="regex"> 
     <ss:intercept-url pattern="^/services/.*\.WSDL$" access="permitAll"/> 
     <ss:intercept-url pattern="^/services/${webservice.idp.in.pessoas.path}" access="hasRole('ROLE_IDP')" /> 
     <ss:intercept-url pattern="^/services/${webservice.idp.in.setor.path}" access="hasRole('ROLE_IDP')" > 
    </ss:http> 

    <ss:authentication-manager alias="authenticationManager" > 
     <ss:authentication-provider> 
      <ss:jdbc-user-service data-source-ref="dataSource" 
       users-by-username-query=" 
       select username, password, enabled 
       from users where username=?" 

      authorities-by-username-query=" 
       select u.username, ur.authority from users u, authorities ur 
       where u.id = ur.user_id and u.username =? "/> 
     </ss:authentication-provider> 
    </ss:authentication-manager> 
</spring:beans> 

<https:connector name="httpsConnector" doc:name="HTTP\HTTPS"> 
    <https:tls-key-store path="${mule.home}/conf/keystore.jks" keyPassword="ciasc.123" storePassword="ciasc.123"></https:tls-key-store> 
</https:connector> 

<scripting:transformer name="noopLoggingTransformer"> 
    <scripting:script engine="groovy"> 
     def props = [:] 
     props['User-Agent'] = message.getProperty('User-Agent', org.mule.api.transport.PropertyScope.INBOUND) 
     props['MULE_REMOTE_CLIENT_ADDRESS'] = message.getProperty('MULE_REMOTE_CLIENT_ADDRESS', org.mule.api.transport.PropertyScope.INBOUND) 
     props['http.request'] = message.getProperty('http.request', org.mule.api.transport.PropertyScope.INBOUND) 
     muleContext.client.dispatch('vm://log-request.in', payload, props) 
     message   
    </scripting:script> 
</scripting:transformer> 

<pattern:web-service-proxy name="Logradouros2" transformer-refs="noopLoggingTransformer" wsdlFile="AutenticacaoServico.wsdl"> 
    <http:inbound-endpoint address="${serverName}/services/Logradouros/AutenticacaoServico" exchange-pattern="request-response"> 
     <http:basic-security-filter realm="mule-realm"/> 
    </http:inbound-endpoint> 
    <http:outbound-endpoint address="${targetServer}/servicos/v2/AutenticacaoServico.svc" exchange-pattern="request-response" /> 
</pattern:web-service-proxy> 

<jdbc-ee:postgresql-data-source name="WSA" user="${database.user}" password="${database.pass}" url="${database.url}" transactionIsolation="UNSPECIFIED" doc:name="PostgreSQL Data Source"> 
</jdbc-ee:postgresql-data-source> 

<jdbc-ee:connector name="jdbcConnector" dataSource-ref="WSA" validateConnections="false" transactionPerMessage="true" queryTimeout="10" pollingFrequency="10000" doc:name="JDBC"> 
    <jdbc-ee:query key="wsadb" value="insert into inbound_messages (payload, timestamp, agent, ip_from, endpoint, soap_operation) values ('', now(), #[groovy: return message.getInboundProperty('user-agent').toString()], #[groovy: return message.getInboundProperty('MULE_REMOTE_CLIENT_ADDRESS').toString()], #[groovy: return message.getInboundProperty('http.request').toString()], '');"></jdbc-ee:query> 
</jdbc-ee:connector> 

<flow name="log-request" doc:name="log-request"> 
    <vm:inbound-endpoint path="log-request.in" /> 
    <logger message="#[groovy: return message.getInboundProperty('user-agent').toString()], #[groovy: return message.getInboundProperty('MULE_REMOTE_CLIENT_ADDRESS').toString()], #[groovy: return message.getInboundProperty('http.request').toString()]" level="INFO" doc:name="Logger"/> 
    <jdbc-ee:outbound-endpoint exchange-pattern="one-way" queryKey="wsadb" responseTimeout="10000" queryTimeout="-1" connector-ref="jdbcConnector" doc:name="Persist raw message" /> 
</flow> 

</mule> 

要做什麼訪問呢？ 我打算這樣做是訪問沒有登錄要求的wsdl文件，以及方法...

Answer 1

由於您使用的是Mule的入站HTTP端點，因此您所使用的大多數Spring Security都是無用的。例如intercept-url沒有做任何事情。

我建議你看看org.mule.transport.http.filters.HttpBasicAuthenticationFilter的源代碼，並用你自己的代碼擴展它，以免放棄WSDL請求的安全性。

然後用您自己的版本替換<http:basic-security-filter realm="mule-realm"/>。