如何解决Spring安全配置错误:请求匹配器类型不正确?

html5 问答

我有这个 Spring 安全配置:

<?xml version="1.0" encoding="UTF-8" ?>
<beans xmlns="http://www.springframework.org/schema/beans"
       xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
       xmlns:oauth="http://www.springframework.org/schema/security/oauth2"
       xsi:schemaLocation="http://www.springframework.org/schema/security/oauth2 http://www.springframework.org/schema/security/spring-security-oauth2-2.0.xsd
  http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-3.2.xsd
  http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-4.1.xsd ">

    <http pattern="/api/swagger-ui.html" security="none" xmlns="http://www.springframework.org/schema/security"/>
    <http pattern="/api/webjars/**" security="none" xmlns="http://www.springframework.org/schema/security"/>
    <http pattern="/api/swagger-resources/**" security="none" xmlns="http://www.springframework.org/schema/security"/>
    <http pattern="/api/v2/api-docs" security="none" xmlns="http://www.springframework.org/schema/security"/>

   <http pattern="/api/**" create-session="never" entry-point-ref="oauthAuthenticationEntryPoint"
         access-decision-manager-ref="accessDecisionManager" xmlns="http://www.springframework.org/schema/security">
     <anonymous enabled="false"/>
        <intercept-url pattern="/api/**" access="IS_AUTHENTICATED_FULLY"/>
        <custom-filter ref="resourceServerFilter" before="PRE_AUTH_FILTER"/>
        <access-denied-handler ref="oauthAccessDeniedHandler"/>
    </http>

    <bean
          xmlns="http://www.springframework.org/schema/beans">
        <constructor-arg>
            <list>
                <bean/>
                <bean/>
            </list>
        </constructor-arg>
    </bean>

    <bean
         >
        <property name="realmName" value="sample"/>
    </bean>

    <bean
         />


    <oauth:resource-server resource-id="sample" token-services-ref="remoteTokenServices"/>

    <bean>
        <property name="checkTokenEndpointUrl" value="${oauth.check.token.url}"/>
        <property name="clientId" value="${oauth.client:crdb}"/>
        <property name="clientSecret" value="${oauth.secret:secret}"/>
    </bean>

    <authentication-manager alias="authenticationManager" xmlns="http://www.springframework.org/schema/security">
    </authentication-manager>


    <oauth:expression-handler/>
    <oauth:web-expression-handler/>
</beans>

Fortify 返回给我 Spring security misconfiguration: wrong request matcher type on line 9, 10, 11, 15. 有人可以告诉我如何解决这个问题吗?好像有一些路径问题,但我对fortify不太熟悉,所以我不知道如何解决这个问题。

以上是如何解决Spring安全配置错误:请求匹配器类型不正确?的全部内容。
THE END
分享
二维码
< <上一篇
下一篇>>