我与春天有安全和OAuth2用户在我试图让我的用户上传文件保护的@Controller:春季安全和多部分请求
@Controller
@RequestMapping(value = "/api/image")
public class ImageController {
@PreAuthorize("hasAuthority('ROLE_USER')")
@RequestMapping(value = "/upload", method = RequestMethod.PUT)
public @ResponseBody Account putImage(@RequestParam("title") String title, MultipartHttpServletRequest request, Principal principal){
// Some type of file processing...
System.out.println("-------------------------------------------");
System.out.println("Test upload: " + title);
System.out.println("Test upload: " + request.getFile("file").getOriginalFilename());
System.out.println("-------------------------------------------");
return ((Account) ((OAuth2Authentication) principal).getPrincipal());
}
}
当我尝试上传文件和标题,我得到以下例外。我将Content-Type标题设置为multipart/form-data。
java.lang.IllegalStateException: Current request is not of type [org.springframework.web.multipart.MultipartHttpServletRequest]: SecurityContextHolderAwareRequestWrapper[ FirewalledRequest[ [email protected]]]
at org.springframework.web.servlet.mvc.method.annotation.ServletRequestMethodArgumentResolver.resolveArgument(ServletRequestMethodArgumentResolver.java:84)
at org.springframework.web.method.support.HandlerMethodArgumentResolverComposite.resolveArgument(HandlerMethodArgumentResolverComposite.java:75)
at org.springframework.web.method.support.InvocableHandlerMethod.getMethodArgumentValues(InvocableHandlerMethod.java:156)
at org.springframework.web.method.support.InvocableHandlerMethod.invokeForRequest(InvocableHandlerMethod.java:117)
我如何在Spring Security后面上传文件?看起来这个请求永远不会变成MultiPartHttpServerRequest,所以它不起作用?
如果我改变我的方法签名采取@RequestParam MultipartFile,然后我得到这样一个例外:
DEBUG DefaultListableBeanFactory - Returning cached instance of singleton bean 'imageController'
DEBUG ExceptionHandlerExceptionResolver - Resolving exception from handler [public com.tinsel.server.model.Account com.tinsel.server.controller.ImageController.putImage(java.lang.String,org.springframework.web.multipart.MultipartFile,java.security.Principal)]: java.lang.IllegalArgumentException: Expected MultipartHttpServletRequest: is a MultipartResolver configured?
DEBUG ResponseStatusExceptionResolver - Resolving exception from handler [public com.tinsel.server.model.Account com.tinsel.server.controller.ImageController.putImage(java.lang.String,org.springframework.web.multipart.MultipartFile,java.security.Principal)]: java.lang.IllegalArgumentException: Expected MultipartHttpServletRequest: is a MultipartResolver configured?
DEBUG DefaultHandlerExceptionResolver - Resolving exception from handler [public com.tinsel.server.model.Account com.tinsel.server.controller.ImageController.putImage(java.lang.String,org.springframework.web.multipart.MultipartFile,java.security.Principal)]: java.lang.IllegalArgumentException: Expected MultipartHttpServletRequest: is a MultipartResolver configured?
DEBUG DispatcherServlet - Could not complete request
java.lang.IllegalArgumentException: Expected MultipartHttpServletRequest: is a MultipartResolver configured?
at org.springframework.util.Assert.notNull(Assert.java:112)
...但我有一个MultipartResolver在我的XML配置:
<bean id="multipartResolver" class="org.springframework.web.multipart.commons.CommonsMultipartResolver">
<property name="maxUploadSize" value="268435456"/> <!-- 256 megs -->
</bean>
我确实看到了this blog post about getting this working under Spring 3.0 - 但我试图保持更新,目前正在使用3.1。是否有更新的修复程序?
FILEUPLOAD-214已用WONTFIX解决。根据作者'PUT'不应该与'Multipart'一起使用 – beerbajay 2014-04-14 14:28:48
是的,最终我确实改用了POST而不是PUT。 – 2014-04-14 17:57:06
它已经在1.3版中修复了 – thomaux 2015-12-28 10:38:11