AE
также там можно и с помощью jpa specification запросы строить
Size: a a a
AE
AE
AE
WT
WT
WT
WT
AE
WT
AE
WT
WT
WT
AS
httpпри попытке получить wsdl:
.csrf().disable()
.authorizeRequests()
.antMatchers("/ws/**").hasRole("USER")
.and()
.httpBasic().authenticationEntryPoint(authEntryPoint)
.and()
.sessionManagement()
.sessionCreationPolicy(SessionCreationPolicy.STATELESS)
;
>curl --silent --verbose -u tom:123 http://localhost:18080/ws/info/info.wsdlПочему 403?
* Connected to localhost (::1) port 18080 (#0)
* Server auth using Basic with user 'tom'
> POST /ws/info HTTP/1.1
> Host: localhost:18080
> Authorization: Basic dG9tOjEyMw==
> User-Agent: curl/7.55.1
> Accept: */*
> content-type: text/xml;charset=utf-8
> Content-Length: 310
>
} [310 bytes data]
* upload completely sent off: 310 out of 310 bytes
< HTTP/1.1 403
< X-Content-Type-Options: nosniff
< X-XSS-Protection: 1; mode=block
< Cache-Control: no-cache, no-store, max-age=0, must-revalidate
< Pragma: no-cache
< Expires: 0
< X-Frame-Options: DENY
< Content-Type: application/json
< Transfer-Encoding: chunked
< Date: Sun, 21 Jun 2020 20:18:53 GMT
<
{ [115 bytes data]
* Connection #0 to host localhost left intact
{"timestamp":"2020-06-21T20:18:53.466+00:00","status":403,"error":"Forbidden","message":"","path":"/ws/info"}
2020-06-21 23:18:53.465 INFO 19544 --- [io-18080-exec-4] r.r.ws.WebAuthenticationEntryPoint : Authentication succeeded for tom, granted USER roleЕсли заменить
.antMatchers("/ws/**").hasRole("USER")
.anyRequest().authenticated()
PG
PG
AS
@Component
public class WebAuthenticationEntryPoint extends BasicAuthenticationEntryPoint {
private static final Logger log = LoggerFactory.getLogger(WebAuthenticationEntryPoint.class);
public WebAuthenticationEntryPoint() {
log.info("Constructed");
}
@Override
public void commence(HttpServletRequest request, HttpServletResponse response,
AuthenticationException authException) throws IOException {
super.commence(request, response, authException);
}
@Override
public void afterPropertiesSet() {
setRealmName("mydomain");
super.afterPropertiesSet();
}
}
AS
@Component
public class CustomAuthenticationProvider implements AuthenticationProvider {
private static final Logger log = LoggerFactory.getLogger(WebAuthenticationEntryPoint.class);
private static List<User> users = new ArrayList();
public CustomAuthenticationProvider() {
log.info("Constructed");
users.add(new User("tom", "123", "USER"));
}
@Override
public Authentication authenticate(Authentication authentication) throws AuthenticationException {
String name = authentication.getName();
Object credentials = authentication.getCredentials();
if (!(credentials instanceof String)) {
// Возращаем null, если мы не можем выполнить аутентификация
return null;
}
String password = credentials.toString();
Optional<User> userOptional = users.stream().filter(u -> u.match(name, password)).findFirst();
if (!userOptional.isPresent()) {
log.error("Authentication failed for {}", name);
throw new BadCredentialsException("Authentication failed for " + name);
}
String role = userOptional.get().role;
log.info("Authentication succeeded for {}, granted {} role", name, role);
return new UsernamePasswordAuthenticationToken(name, password,
Arrays.asList(new SimpleGrantedAuthority(role)));
}
@Override
public boolean supports(Class<?> authentication) {
log.info("supports(Class<?> authentication)");
return authentication.equals(UsernamePasswordAuthenticationToken.class);
}
private static class User {
private String name;
private String password;
private String role;
public User(String name, String password, String role) {
this.name = name;
this.password = password;
this.role = role;
}
public boolean match(String name, String password) {
return this.name.equals(name) && this.password.equals(password);
}
}
}
PG
PG