我正在客户端站点上使用JavaFX和Spring4编写信使,在服务器站点上编写Spring4.我用spring-security 3.2保护了服务器.现在我的问题:我在客户端上有一个登录页面,将登录信息发送到spring-security并接收JSESSIONID cookie.这工作正常,但当我尝试用我的请求发送JSESSIONID时,我变成了一个
org.springframework.web.client.RestClientException: Could not extract response: no suitable HttpMessageConverter found for response type [class org.messenger.rest.JSONConversationResult] and content type [text/html;charset=UTF-8]
服务器Inizializer
public class SpringMvcInitializer extends
AbstractAnnotationConfigDispatcherServletInitializer {
@Override
protected Class>[] getRootConfigClasses() {
return new Class[] {ApplicationConfig.class};
}
@Override
protected Class>[] getServletConfigClasses() {
return new Class[] {WebConfig.class};
}
@Override
protected String[] getServletMappings() {
return new String[] {"/"};
}
}
Server SecurityInizializer
public class SpringSecurityInitializer extends
AbstractSecurityWebApplicationInitializer {
}
Server SecurityConfig
@Configuration
@EnableWebSecurity
public class SecurityConfig extends WebSecurityConfigurerAdapter {
@Autowired
private DriverManagerDataSource dataSource;
@Override
protected void configure(AuthenticationManagerBuilder auth) throws Exception {
String authQuery = "select userid,authority from user where userid = ?";
String userQuery = "select userid,pw,enabled from user where userid = ?";
auth.jdbcAuthentication().dataSource(dataSource)
.passwordEncoder(passwordEncoder())
.usersByUsernameQuery(userQuery)
.authoritiesByUsernameQuery(authQuery);
}
@Override
protected void configure(HttpSecurity http) throws Exception {
http
.authorizeRequests()
.antMatchers("/register").permitAll()
.antMatchers("/getconvs","/getcontacts").hasRole("USER")
.and()
.formLogin()
.and()
.csrf().disable();
}
@Bean
public AuthenticationEntryPoint authenticationEntryPoint() {
return new de.daschner.messenger.security.AuthenticationEntryPoint();
}
@Bean
public SuccessHandler successHandler() {
return new SuccessHandler();
}
@Bean
public SimpleUrlAuthenticationFailureHandler failureHandler() {
return new SimpleUrlAuthenticationFailureHandler();
}
@Bean
public AuthenticationManager authenticationManager() throws Exception {
return super.authenticationManager();
}
@Bean
public PasswordEncoder passwordEncoder() {
return new BCryptPasswordEncoder(11);
}
}
安全“页面”的服务器请求映射
@RequestMapping(value="/getconvs",method={RequestMethod.GET},produces={MediaType.APPLICATION_JSON_VALUE})
public @ResponseBody JSONConversationResult getConvsList(HttpServletRequest request,@RequestParam(value="uid") String uid){
JSONConversationResult ret = new JSONConversationResult();
Map
Map
客户端发送带有请求的JSESSIONID
ResponseEntity
我希望你能帮助我.
编辑:
好的我发现问题不在于JSESSIONID没有正确发送.但我的登录不正确,我的查询从数据库中获取用户.
正确的登录帖子
ClientHttpResponse response = restTemplate.execute(
"http://localhost:8080/messenger-webapp/login",new RequestCallback() {
@Override
public void doWithRequest(ClientHttpRequest request) throws IOException {
request.getBody().write(("username=" + user + "&password=" + pw).getBytes());
}
},new ResponseExtractor
正确的查询
String authQuery = "select u.userid,r.role_name from user u,role r,user_role a where u.dbid = a.user_id and r.dbid = a.role_id and u.userid = ?";
我希望这会有助于其他人.如果有人有其他选择,请告诉我.
最佳答案
好的我发现问题不在于JSESSIONID没有正确发送.但我的登录不正确,请告诉我.