Spring MVC – 上传文件被spring security 阻止
我正在尝试上传文件。 它适用于我,但如果我想使用上传文件它不起作用。 我收到了这个错误
HTTP Status 405 - Request method 'POST' not supported
但是,如果我在web.xml中对这些行进行注释,它可以工作
springSecurityFilterChain org.springframework.web.filter.DelegatingFilterProxy springSecurityFilterChain /*
我试图添加此配置,但它没有帮助
springMultipartFilter springMultipartFilter org.springframework.web.multipart.support.MultipartFilter springMultipartFilter /*
这是我的所有web.xml
contextConfigLocation /WEB-INF/spring/root-context.xml, /WEB-INF/spring-security.xml org.springframework.web.context.ContextLoaderListener appServlet org.springframework.web.servlet.DispatcherServlet contextConfigLocation /WEB-INF/spring/appServlet/servlet-context.xml 1 appServlet / encodingFilter org.springframework.web.filter.CharacterEncodingFilter encoding UTF-8 forceEncoding true encodingFilter / springMultipartFilter springMultipartFilter org.springframework.web.multipart.support.MultipartFilter springSecurityFilterChain org.springframework.web.filter.DelegatingFilterProxy springMultipartFilter /* springSecurityFilterChain /*
你知道哪里可能有问题吗? 我正在使用这些版本的弹簧和弹簧安全性:
4.0.4.RELEASE 3.2.3.RELEASE
调节器
@Controller public class FileUploadController { private static final Logger logger = LoggerFactory .getLogger(FileUploadController.class); @RequestMapping(value = "/uploadOneFile", method = RequestMethod.POST) public @ResponseBody String uploadFileHandler(@RequestParam("name") String name, @RequestParam("file") MultipartFile file) { if (!file.isEmpty()) { try { byte[] bytes = file.getBytes(); // Creating the directory to store file String rootPath = System.getProperty("catalina.home"); File dir = new File(rootPath + File.separator + "tmpFiles"); if (!dir.exists()) dir.mkdirs(); // Create the file on server File serverFile = new File(dir.getAbsolutePath() + File.separator + name); BufferedOutputStream stream = new BufferedOutputStream( new FileOutputStream(serverFile)); stream.write(bytes); stream.close(); logger.info("Server File Location=" + serverFile.getAbsolutePath()); return "You successfully uploaded file=" + name; } catch (Exception e) { return "You failed to upload " + name + " => " + e.getMessage(); } } else { return "You failed to upload " + name + " because the file was empty."; } } }
JSP
Upload File Request Page
Spring security-config
我解决了这个问题,我添加了?$ {_ csrf.parameterName} = $ {_ csrf.token}来结束我的表单操作
现在它有效!
更改以下内容
跟随
让我知道如果有效,如果没有,那么我会建议另一件事。