如何使用@preauthorize检查用户是否具有任何角色
我遵循了文章, https://learn.microsoft.com/en-us/azure/developer/java/spring-framework/configure-configure-spring-spring-spring-spring-boot-starter-starter-starter-starter-starter-java-java-app-with-app-with-app-apzure -Active-Dilectory 并用Hasauthority创建了一个应用程序角色
,我可以验证一个角色。但是,我想允许用户是管理员或拥有贡献者许可的用户。我尝试使用多个角色的https://stackoverflow com.com/questions/questions/questions/questions/questions/questions/questions/questions/questions/questions/preauthorize 中。
// @PreAuthorize("hasAuthority('APPROLE_Admin')")
@PreAuthorize("hasRole('Admin')")
@GetMapping("/tutorials")
public ResponseEntity<List<Tutorial>> getAllTutorials(@RequestParam(required = false) String title) {
try {
List<Tutorial> tutorials = new ArrayList<Tutorial>();
但是它会引发以下错误
更新:24/05/2022
此代码正常工作
@PreAuthorize("hasAnyAuthority('APPROLE_Admin', 'APPROLE_Contributor')")
,但以下代码抛出了错误
//@PreAuthorize("hasRole('ROLE_Admin')")
//@PreAuthorize("hasAnyRole('Admin', 'Contributor')")
//@PreAuthorize("hasAnyRole('ROLE_Admin', 'ROLE_Contributor')")
logs:
[nio-8080-exec-5] o.s.web.servlet.DispatcherServlet : GET "/api/tutorials", parameters={}
[nio-8080-exec-5] s.w.s.m.m.a.RequestMappingHandlerMapping : Mapped to com.bezkoder.spring.mssql.controller.TutorialController#getAllTutorials(String)
[nio-8080-exec-5] o.s.web.servlet.DispatcherServlet : Failed to complete request: org.springframework.security.access.AccessDeniedException: Access is denied
[nio-8080-exec-5] o.s.web.servlet.DispatcherServlet : "ERROR" dispatch for GET "/error", parameters={}
[nio-8080-exec-5] s.w.s.m.m.a.RequestMappingHandlerMapping : Mapped to org.springframework.boot.autoconfigure.web.servlet.error.BasicErrorController#errorHtml(HttpServletRequest, HttpServletResponse)
[nio-8080-exec-5] o.s.w.s.v.ContentNegotiatingViewResolver : Selected 'text/html' given [text/html, text/html;q=0.8]
[nio-8080-exec-5] o.s.web.servlet.DispatcherServlet : Exiting from "ERROR" dispatch, status 403
I followed the article, https://learn.microsoft.com/en-us/azure/developer/java/spring-framework/configure-spring-boot-starter-java-app-with-azure-active-directory and created an App role
with hasAuthority, I could validate a single role. However, I want to allow the user who is either an Admin or has Contributor permission. I tried with hasRole annotation as suggested in Multiple roles using @PreAuthorize.
// @PreAuthorize("hasAuthority('APPROLE_Admin')")
@PreAuthorize("hasRole('Admin')")
@GetMapping("/tutorials")
public ResponseEntity<List<Tutorial>> getAllTutorials(@RequestParam(required = false) String title) {
try {
List<Tutorial> tutorials = new ArrayList<Tutorial>();
But it throws the following error
Update: 24/05/2022
This code is working
@PreAuthorize("hasAnyAuthority('APPROLE_Admin', 'APPROLE_Contributor')")
But the below code is throwing an error
//@PreAuthorize("hasRole('ROLE_Admin')")
//@PreAuthorize("hasAnyRole('Admin', 'Contributor')")
//@PreAuthorize("hasAnyRole('ROLE_Admin', 'ROLE_Contributor')")
Logs:
[nio-8080-exec-5] o.s.web.servlet.DispatcherServlet : GET "/api/tutorials", parameters={}
[nio-8080-exec-5] s.w.s.m.m.a.RequestMappingHandlerMapping : Mapped to com.bezkoder.spring.mssql.controller.TutorialController#getAllTutorials(String)
[nio-8080-exec-5] o.s.web.servlet.DispatcherServlet : Failed to complete request: org.springframework.security.access.AccessDeniedException: Access is denied
[nio-8080-exec-5] o.s.web.servlet.DispatcherServlet : "ERROR" dispatch for GET "/error", parameters={}
[nio-8080-exec-5] s.w.s.m.m.a.RequestMappingHandlerMapping : Mapped to org.springframework.boot.autoconfigure.web.servlet.error.BasicErrorController#errorHtml(HttpServletRequest, HttpServletResponse)
[nio-8080-exec-5] o.s.w.s.v.ContentNegotiatingViewResolver : Selected 'text/html' given [text/html, text/html;q=0.8]
[nio-8080-exec-5] o.s.web.servlet.DispatcherServlet : Exiting from "ERROR" dispatch, status 403
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论