rest - Spring security filter blocking restful api calls -

-

i have web application using spring 4. i'm using spring security here. in mean time need open restful api no security. issue till security filter enabled rest rest post calls 405 method not allowed response(still works). in mean time server log says

.11:27:13.058 [http-bio-8080-exec-5] warn  o.s.web.servlet.pagenotfound - request method 'post' not supported

when comment security filter web.xml post works fine. tried adding following line security xml didn't help.

<intercept-url pattern="/rest**" access="permitall" />

my web.xml , security filter , end when commented post start working.

<web-app xmlns="http://java.sun.com/xml/ns/javaee" xmlns:xsi="http://www.w3.org/2001/xmlschema-instance"      xsi:schemalocation="http://java.sun.com/xml/ns/javaee       http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd"      version="2.5">  <display-name>counter web application</display-name>  <servlet>     <servlet-name>mvc-dispatcher</servlet-name>     <servlet-class>         org.springframework.web.servlet.dispatcherservlet     </servlet-class>     <load-on-startup>1</load-on-startup> </servlet>  <servlet-mapping>     <servlet-name>mvc-dispatcher</servlet-name>     <url-pattern>/</url-pattern> </servlet-mapping>  <listener>     <listener-class>         org.springframework.web.context.contextloaderlistener     </listener-class> </listener>  <!-- loads spring security config file --> <context-param>     <param-name>contextconfiglocation</param-name>     <param-value>         /web-inf/application-security.xml,         /web-inf/application-database.xml     </param-value> </context-param>   <!--spring security --> <filter>     <filter-name>springsecurityfilterchain</filter-name>     <filter-class>org.springframework.web.filter.delegatingfilterproxy</filter-class> </filter>  <filter-mapping>     <filter-name>springsecurityfilterchain</filter-name>     <url-pattern>/*</url-pattern> </filter-mapping>

my application-security.xml

<beans:beans xmlns="http://www.springframework.org/schema/security"          xmlns:beans="http://www.springframework.org/schema/beans"          xmlns:security="http://www.springframework.org/schema/security"          xmlns:xsi="http://www.w3.org/2001/xmlschema-instance"          xsi:schemalocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-3.0.xsd http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-3.2.xsd http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-3.2.xsd">  <security:http security="none" pattern="**/resources/**"/>  <!-- enable use-expressions --> <http auto-config="true" use-expressions="true">      <intercept-url pattern="/admin**" access="hasrole('role_admin')" />      <intercept-url pattern="/rest**" access="permitall" />      <!-- access denied page -->     <access-denied-handler error-page="/access-denied" />      <form-login             login-page="/login"             default-target-url="/admin/dashboard"             authentication-failure-url="/login?error"             username-parameter="username"             password-parameter="password" />     <logout logout-success-url="/login?logout"  />     <!-- enable csrf protection -->     <csrf/> </http>  <!-- select users , user_roles database --> <authentication-manager>      <authentication-provider>         <password-encoder ref="encoder" />         <jdbc-user-service data-source-ref="datasource"                            users-by-username-query="select username,password, enabled users username=?"                            authorities-by-username-query="select username, role user_roles username =?" />     </authentication-provider>  </authentication-manager>  <beans:bean id="encoder" class="org.springframework.security.crypto.bcrypt.bcryptpasswordencoder">     <beans:constructor-arg name="strength" value="10" /> </beans:bean>

my rest controller. have other controllers well. have dummy date here. tying things working first.

    @restcontroller     @requestmapping("/rest/orders")     public class orderrestcontroller {      @autowired     private fooditemservice fooditemservice;      @requestmapping(value = "", method = requestmethod.post)     public order addorder(order orderdto) {         return orderdto;     }      @requestmapping(value = "", method = requestmethod.get)     public order getorder() {         fooditem fooditem = fooditemservice.findone(1, boolean.true);         order orderdto = new order();         orderdto.setroomid(23);         orderitem orderitem = new orderitem();         orderitem.setfooditem(fooditem);         orderitem.setamount(4);         list<orderitem> orderitems = new linkedlist<orderitem>();         orderitems.add(orderitem);         orderdto.setorderitemlist(orderitems);         return orderdto;     }

issue csrf being enabled. should further research of disabling csrf , security moment disabling solution.


Comments

Post a Comment

Popular posts from this blog

java - Could not locate OpenAL library -

-
i writing game using slick2d library, uses lwjgl. lwjgl version 2.9.3. using netbeans 8. i tried adding sounds game, example music track on main menu. problem is, exception when run game, despite game still compiling , running except sound of course: sat mar 21 01:23:57 edt 2015 error:could not locate openal library. org.lwjgl.lwjglexception: not locate openal library. @ org.lwjgl.openal.al.create(al.java:156) @ org.lwjgl.openal.al.create(al.java:156) @ org.lwjgl.openal.al.create(al.java:102) @ org.lwjgl.openal.al.create(al.java:206) @ org.newdawn.slick.openal.soundstore$1.run(soundstore.java:295) @ java.security.accesscontroller.doprivileged(native method) @ org.newdawn.slick.openal.soundstore.init(soundstore.java:292) @ org.newdawn.slick.music.<init>(music.java:156) @ org.newdawn.slick.music.<init>(music.java:75) @ view.mainmenu.init(mainmenu.java:58) i didn't include rest of error states error happens in game code. the...
Read more

c++ - Delete matches in OpenCV (Keypoints and descriptors) -

-
i want check scene image against 2 train images. that, detect features , compute descriptors of both training images. before detecting, computing , matching scene image, delete matches of train1 , train2. because these matches won't facilitate matching of scene image train1 , train2. so, match train1 train2 , vector of matches trainidx , queryidx. how can delete these matches in keypoints-vector , descriptor matrix of train1 , train2? best regards, dwi i have done below: std::vector<cv::keypoint> keypoints[2]; cv::mat descriptor[2]; std::vector< cv::dmatch > matches; /* write code generate keypoints, descriptors , matches here... keypoint[0] -> train image 1 keypoints keypoint[1] -> train image 2 keypoints descriptor[0] -> train image 1 descriptors descriptor[1] -> train image 2 descriptors matches -> matched between train image 1 , 2 */ // logic keep unmatched keypoints , corresponding descriptor...
Read more

sorting - opencl Bitonic sort with 64 bits keys -

-
i used nvidia sdk bitonic sort , works great me. 32 bits (uint) need ulong keys. have typically 2^14 keys @ time , power of 2. searched on not find kernel designed ulong. i tried modified nvidia sdk bitonic sort using ulong keys not work. kernel not crash after de call clenqueuendrangekernel got error : cl_invalid_command_queue can tell me how modify bitonic sort or radixsort, or can sort ulong keys? i running nvidia quadro 4000 opencl 1.1 cuda 6.5.20 full_profile used original nvidia sdk bitonicsort.cl i used"ulong" keys , value input , ouput instead of "uint" thanks helping i made work-around suit need. used 30 bits of key , 18 high bits of value sorting. changed comparators (2 lines): '#define mask 0xffffc000 // suit need from this: if( (*keya > *keyb) == dir ) this: if(((*keya > *keyb)||((*keya == *keyb)&&((*vala & mask)> (*valb & mask)))) == dir ) it works fine. but, still, it's work-a...
Read more