本文介紹了從HttpServletRequest中獲取目標控制器的處理方法,對大家解決問題具有一定的參考價值,需要的朋友們下面隨著小編來一起學習吧!
問題描述
我已經設置了Spring安全性來對進入應用程序的請求進行身份驗證和授權。我已按如下方式設置配置:
public class OAuth2ServerConfiguration extends ResourceServerConfigurerAdapter {
@Override
public void configure(ResourceServerSecurityConfigurer resources) {
// ...set up token store here
resources.authenticationEntryPoint(new AuthenticationEntryPoint() {
@Override
public void commence(HttpServletRequest request, HttpServletResponse response, AuthenticationException authException) throws IOException, ServletException {
//QUESTION
// How do I get the destination controller that this request was going to go to?
// Really, I'd like to get some information about the annotations that were on the destination controller.
response.setStatus(401);
}
});
}
我想獲取有關此請求要發送到的目標控制器的一些信息。在這種情況下,控制器實際上不會受到攻擊,因為Spring Security在響應到達控制器之前啟動并拋出響應。
有什么建議嗎?
謝謝!
推薦答案
假定OAuth2ServerConfiguration是一個Spring托管Bean,這應該適用于您。
...
@Autowired
private List<HandlerMapping> handlerMappings;
for (HandlerMapping handlerMapping : handlerMappings) {
HandlerExecutionChain handlerExecutionChain = handlerMapping.getHandler(request);
if (handlerExecutionChain != null) {
// handlerExecutionChain.getHandler() is your handler for this request
}
}
如果無法自動生成HandlerMap列表,請自動生成ApplicationContext并按如下方式進行調整。
for (HandlerMapping handlerMapping : applicationContext.getBeansOfType(HandlerMapping.class).values()) {
HandlerExecutionChain handlerExecutionChain = handlerMapping.getHandler(request);
if (handlerExecutionChain != null) {
// handlerExecutionChain.getHandler() is your handler for this request
}
}
這篇關于從HttpServletRequest中獲取目標控制器的文章就介紹到這了,希望我們推薦的答案對大家有所幫助,
