英文:
Custom AuthorizationManager<MethodInvocation> does not trigger the `check` method
问题
根据 这个 Spring Security 文档,我添加了一个自定义的 AuthorizationManager<MethodInvocation>。
在这个 bean 被触发时:
@Bean
@Role(BeanDefinition.ROLE_INFRASTRUCTURE)
public Advisor customAuthorize() {
JdkRegexpMethodPointcut pattern = new JdkRegexpMethodPointcut();
pattern.setPattern("xxx.*");
AuthorizationManager<MethodInvocation> rule = new CustomAuthorizationManager();
AuthorizationManagerBeforeMethodInterceptor interceptor = new AuthorizationManagerBeforeMethodInterceptor(pattern, rule);
interceptor.setOrder(AuthorizationInterceptorsOrder.PRE_AUTHORIZE.getOrder() - 1);
return interceptor;
}
下面的 check 方法根本不触发 UnsupportedOperationException:
public class CustomAuthorizationManager implements AuthorizationManager<MethodInvocation> {
@Override
public AuthorizationDecision check(Supplier<Authentication> authentication, MethodInvocation object) {
throw new UnsupportedOperationException("未实现的方法 'check'");
}
}
您有什么建议,我在这里漏掉了什么吗?
英文:
According to
this documentation of spring security I added a custom AuthorizationManager<MethodInvocation>
While the bean got triggered
@Bean
@Role(BeanDefinition.ROLE_INFRASTRUCTURE)
public Advisor customAuthorize() {
JdkRegexpMethodPointcut pattern = new JdkRegexpMethodPointcut();
pattern.setPattern("xxx.*");
AuthorizationManager<MethodInvocation> rule = new CustomAuthorizationManager();
AuthorizationManagerBeforeMethodInterceptor interceptor = new AuthorizationManagerBeforeMethodInterceptor(pattern, rule);
interceptor.setOrder(AuthorizationInterceptorsOrder.PRE_AUTHORIZE.getOrder() - 1);
return interceptor;
}
Below check method does not trigger the UnsupportedOperationException at all.
public class CustomAuthorizationManager implements AuthorizationManager<MethodInvocation> {
@Override
public AuthorizationDecision check(Supplier<Authentication> authentication, MethodInvocation object) {
throw new UnsupportedOperationException("Unimplemented method 'check'");
}
}
Any advice what I am missing here?
答案1
得分: 0
这是由于JdkRegexpMethodPointcut表达式造成的。它没有匹配到Controllers命名空间。在我的情况下,我不得不将它设置为以下内容:
pattern.setPattern("de.domain.subdomain.Controller.*");
英文:
Its because of the JdkRegexpMethodPointcut expression. This did not match the Controllers namespace. In my case I had to set it the following
pattern.setPattern("de.domain.subdomain.Controller.*");
通过集体智慧和协作来改善编程学习和解决问题的方式。致力于成为全球开发者共同参与的知识库,让每个人都能够通过互相帮助和分享经验来进步。
评论