- html - 出于某种原因,IE8 对我的 Sass 文件中继承的 html5 CSS 不友好?
- JMeter 在响应断言中使用 span 标签的问题
- html - 在 :hover and :active? 上具有不同效果的 CSS 动画
- html - 相对于居中的 html 内容固定的 CSS 重复背景?
我的最终目标是使用h2db-web-console在我的应用程序中,作为本地开发环境的一部分。
我收到错误:
Caused by: java.lang.IllegalArgumentException: This method cannot decide whether these patterns are Spring MVC patterns or not. If this endpoint is a Spring MVC endpoint, please use requestMatchers(MvcRequestMatcher); otherwise, please use requestMatchers(AntPathRequestMatcher).
This is because there is more than one mappable servlet in your servlet context: {org.h2.server.web.JakartaWebServlet=[/my-h2-console/*], org.springframework.web.servlet.DispatcherServlet=[/]}.
For each MvcRequestMatcher, call MvcRequestMatcher#setServletPath to indicate the servlet path.
虽然这听起来很有描述性,但它让我发疯,因为看起来我为 JakartaWebServlet=[/my-h2-console/*] 使用哪条路径并不重要,因为 DispatcherServlet=[ /] 简单地匹配所有内容。以“/”开头...这就是一切。
...please use requestMatchers(MvcRequestMatcher); otherwise, please use requestMatchers(AntPathRequestMatcher)...
嗯,这些在 Spring 3.x.x 中已被弃用 patchnotes所以我尝试使用 RequestMatcher(这应该自动与“授权”一起使用)。
安全配置
@Bean
@Order(GENERAL_SECURITY_CONFIGURATION_ORDER)
fun securityFilterChain(http: HttpSecurity): SecurityFilterChain {
http {
...
}
securityMatcher("/**")
headers { frameOptions { disable() } }
csrf { ignoringRequestMatchers("/my-h2-console/**") }
authorizeRequests {
authorize("/my-h2-console/**", permitAll)
authorize("/ping", permitAll)
authorize("/**", denyAll)
}
}
return http.build()
}
pom.xml
<dependency>
<groupId>com.h2database</groupId>
<artifactId>h2</artifactId>
<scope>runtime</scope> <!-- Should be "test", revert later -->
</dependency>
application.yml
spring:
h2:
console:
enabled: true
path: /my-h2-console
settings:
trace: false
web-allow-others: false
datasource:
url: jdbc:h2:mem:testdb
driverClassName: org.h2.Driver
username: sa
password:
jpa:
database-platform: org.hibernate.dialect.H2Dialect
sql:
init:
mode: embedded
schema-locations: classpath:sql/schema.testdb.local.sql
请记住,我对 spring-boot 还很陌生,所以请保持温柔。欢迎提供有关此主题的任何信息。 :)
我尝试过:
=> 仅关闭/打开
spring:
h2:
console:
enabled: true
似乎会带来任何改变。
最佳答案
此配置帮助我解决了 H2 问题:
@Configuration
public class SecurityConfig {
// My enpdoints start from /v1 so this pattern is ok for me
private static final String API_URL_PATTERN = "/v1/**";
@Bean
public SecurityFilterChain getSecurityFilterChain(HttpSecurity http,
HandlerMappingIntrospector introspector) throws Exception {
MvcRequestMatcher.Builder mvcMatcherBuilder = new MvcRequestMatcher.Builder(introspector);
http.csrf(csrfConfigurer ->
csrfConfigurer.ignoringRequestMatchers(mvcMatcherBuilder.pattern(API_URL_PATTERN),
PathRequest.toH2Console()));
http.headers(headersConfigurer ->
headersConfigurer.frameOptions(HeadersConfigurer.FrameOptionsConfig::sameOrigin));
http.authorizeHttpRequests(auth ->
auth
.requestMatchers(mvcMatcherBuilder.pattern(API_URL_PATTERN)).permitAll()
//This line is optional in .authenticated() case as .anyRequest().authenticated()
//would be applied for H2 path anyway
.requestMatchers(PathRequest.toH2Console()).authenticated()
.anyRequest().authenticated()
);
http.formLogin(Customizer.withDefaults());
http.httpBasic(Customizer.withDefaults());
return http.build();
}
}
更多 info .
更新了 H2 控制台的代码,以便在浏览器中正常工作。
此外,还可以使用 PathRequest.toH2Console()
代替 AntPathRequestMatcher.antMatcher("/h2-console/**")
关于spring-boot - Spring + H2DB-Web-控制台 : "This method cannot decide whether these patterns are Spring MVC patterns or not.",我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/77024398/
我是一名优秀的程序员,十分优秀!