2023年3月7日 23:23:17go评论118阅读模式

英文:

Custom AuthorizationManager<MethodInvocation> does not trigger the `check` method

问题

根据这个 Spring Security 文档，我添加了一个自定义的 AuthorizationManager<MethodInvocation>。

在这个 bean 被触发时：

@Bean
@Role(BeanDefinition.ROLE_INFRASTRUCTURE)
public Advisor customAuthorize() {
    JdkRegexpMethodPointcut pattern = new JdkRegexpMethodPointcut();
    pattern.setPattern("xxx.*");

    AuthorizationManager&lt;MethodInvocation&gt; rule = new CustomAuthorizationManager();
    AuthorizationManagerBeforeMethodInterceptor interceptor = new AuthorizationManagerBeforeMethodInterceptor(pattern, rule);
    interceptor.setOrder(AuthorizationInterceptorsOrder.PRE_AUTHORIZE.getOrder() - 1);
    return interceptor;
}

下面的 check 方法根本不触发 UnsupportedOperationException：

public class CustomAuthorizationManager implements AuthorizationManager&lt;MethodInvocation&gt; {
    @Override
    public AuthorizationDecision check(Supplier&lt;Authentication&gt; authentication, MethodInvocation object) {
        throw new UnsupportedOperationException("未实现的方法 &#39;check&#39;");
    }
}

您有什么建议，我在这里漏掉了什么吗？

英文:

According to
this documentation of spring security I added a custom AuthorizationManager<MethodInvocation>

While the bean got triggered

@Bean
@Role(BeanDefinition.ROLE_INFRASTRUCTURE)
public Advisor customAuthorize() {
	JdkRegexpMethodPointcut pattern = new JdkRegexpMethodPointcut();
	pattern.setPattern(&quot;xxx.*&quot;);

	AuthorizationManager&lt;MethodInvocation&gt; rule = new CustomAuthorizationManager();
	AuthorizationManagerBeforeMethodInterceptor interceptor = new AuthorizationManagerBeforeMethodInterceptor(pattern, rule);
	interceptor.setOrder(AuthorizationInterceptorsOrder.PRE_AUTHORIZE.getOrder() - 1);
	return interceptor;
}

Below check method does not trigger the UnsupportedOperationException at all.

public class CustomAuthorizationManager implements AuthorizationManager&lt;MethodInvocation&gt; {
    @Override
    public AuthorizationDecision check(Supplier&lt;Authentication&gt; authentication, MethodInvocation object) {
        throw new UnsupportedOperationException(&quot;Unimplemented method &#39;check&#39;&quot;);
    }
}

Any advice what I am missing here?

答案1

得分: 0

这是由于JdkRegexpMethodPointcut表达式造成的。它没有匹配到Controllers命名空间。在我的情况下，我不得不将它设置为以下内容：

pattern.setPattern("de.domain.subdomain.Controller.*");

英文:

Its because of the JdkRegexpMethodPointcut expression. This did not match the Controllers namespace. In my case I had to set it the following

pattern.setPattern(&quot;de.domain.subdomain.Controller.*&quot;);

通过集体智慧和协作来改善编程学习和解决问题的方式。致力于成为全球开发者共同参与的知识库，让每个人都能够通过互相帮助和分享经验来进步。

自定义的 AuthorizationManager<MethodInvocation> 不会触发 `check` 方法。

问题

答案1

Which event is the right event to listen to cache the data for my application?

Spring Data JPA规范在嵌套集合中搜索属性。

比较器首先按照字符串进行排序匹配，其余部分使用默认排序顺序。

选择所有嵌套实体中的几个：SPRING JPA

What's the correct way to type hint an empty list as a literal in python?

如何在Highcharts Gantt中更改本地化的星期名称

如何在同一个流中使用多个过滤器和映射函数？

如何使用Map/Set来将代码优化到O(n)？

.NET MAUI Android在GitHub Actions上构建失败，错误代码为1。

如何在Playwright视觉比较中屏蔽多个定位器？

在C++中，可以使用可变模板参数来检索类型的内部类型。

selenium.common.exceptions.StaleElementReferenceException: Message: stale element reference: stale element not found

Creating and opening a URL to log in to Website via Basic Auth with Robot Framework/Selenium (Python)

AG Grid 在上下文菜单中以大文本形式打开

发表评论