我有以下控制器:
@RestController
public class RestaurantController {
@Autowired
RestaurantService restaurantService;
@RequestMapping(value = "/restaurant/", method = RequestMethod.GET)
public ResponseEntity<List<Restaurant>> listAllRestaurants() {
System.out.println("Fetching all restaurants");
List<Restaurant> restaurants = restaurantService.findAllRestaurants();
if(restaurants.isEmpty()){
return new ResponseEntity<List<Restaurant>>(HttpStatus.NO_CONTENT);//You many decide to return HttpStatus.NOT_FOUND
}
return new ResponseEntity<List<Restaurant>>(restaurants, HttpStatus.OK);
}
@RequestMapping(value = "/restaurant/{id}", method = RequestMethod.PUT)
public ResponseEntity<Restaurant> updateRestaurant(@PathVariable("id") int id, @RequestBody Restaurant restaurant) {
System.out.println("Updating Restaurant " + id);
Restaurant currentRestaurant = restaurantService.findById(id);
if (currentRestaurant==null) {
System.out.println("Restaurant with id " + id + " not found");
return new ResponseEntity<Restaurant>(HttpStatus.NOT_FOUND);
}
currentRestaurant.setName(restaurant.getName());
currentRestaurant.setDescription(restaurant.getDescription());
currentRestaurant.setIcon(restaurant.getIcon());
restaurantService.updateRestaurant(currentRestaurant);
return new ResponseEntity<Restaurant>(currentRestaurant, HttpStatus.OK);
}
}
这是来自PostMan的电话 . 首先,我正在进行GET调用以获取所有餐厅,并且它工作正常
其次我试图更新对象,我收到以下错误 .
在Tomcat 8.0.32中,我收到以下日志:
13-Feb-2016 16:55:09.442警告[http-apr-8080-exec-9] org.springframework.web.servlet.PageNotFound.handleHttpRequestMethodNotSupported请求方法'PUT'不受支持
我不明白这是多么可能 . 这是我的依赖:
<properties>
<springframework.version>4.1.6.RELEASE</springframework.version>
<springsecurity.version>4.0.1.RELEASE</springsecurity.version>
<hibernate.version>4.3.6.Final</hibernate.version>
<mysql.connector.version>5.1.31</mysql.connector.version>
<jackson.version>2.6.3</jackson.version>
<joda-time.version>2.3</joda-time.version>
<testng.version>6.9.4</testng.version>
<mockito.version>1.10.19</mockito.version>
<h2.version>1.4.187</h2.version>
<dbunit.version>2.2</dbunit.version>
</properties>
<dependencies>
<!-- Spring -->
<dependency>
<groupId>org.springframework</groupId>
<artifactId>spring-core</artifactId>
<version>${springframework.version}</version>
</dependency>
<dependency>
<groupId>org.springframework</groupId>
<artifactId>spring-web</artifactId>
<version>${springframework.version}</version>
</dependency>
<dependency>
<groupId>org.springframework</groupId>
<artifactId>spring-webmvc</artifactId>
<version>${springframework.version}</version>
</dependency>
<dependency>
<groupId>org.springframework</groupId>
<artifactId>spring-tx</artifactId>
<version>${springframework.version}</version>
</dependency>
<dependency>
<groupId>org.springframework</groupId>
<artifactId>spring-orm</artifactId>
<version>${springframework.version}</version>
</dependency>
<!-- Hibernate -->
<dependency>
<groupId>org.hibernate</groupId>
<artifactId>hibernate-core</artifactId>
<version>${hibernate.version}</version>
</dependency>
<!-- jsr303 validation -->
<dependency>
<groupId>javax.validation</groupId>
<artifactId>validation-api</artifactId>
<version>1.1.0.Final</version>
</dependency>
<dependency>
<groupId>org.hibernate</groupId>
<artifactId>hibernate-validator</artifactId>
<version>5.1.3.Final</version>
</dependency>
<!-- MySQL -->
<dependency>
<groupId>mysql</groupId>
<artifactId>mysql-connector-java</artifactId>
<version>${mysql.connector.version}</version>
</dependency>
<!-- Joda-Time -->
<dependency>
<groupId>joda-time</groupId>
<artifactId>joda-time</artifactId>
<version>${joda-time.version}</version>
</dependency>
<!-- To map JodaTime with database type -->
<dependency>
<groupId>org.jadira.usertype</groupId>
<artifactId>usertype.core</artifactId>
<version>3.0.0.CR1</version>
</dependency>
<!-- Spring Security -->
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-web</artifactId>
<version>${springsecurity.version}</version>
</dependency>
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-config</artifactId>
<version>${springsecurity.version}</version>
</dependency>
<!-- Servlet+JSP+JSTL -->
<dependency>
<groupId>javax.servlet</groupId>
<artifactId>javax.servlet-api</artifactId>
<version>3.1.0</version>
</dependency>
<dependency>
<groupId>javax.servlet.jsp</groupId>
<artifactId>javax.servlet.jsp-api</artifactId>
<version>2.3.1</version>
</dependency>
<dependency>
<groupId>javax.servlet</groupId>
<artifactId>jstl</artifactId>
<version>1.2</version>
</dependency>
<!-- Need this for json to/from object -->
<dependency>
<groupId>com.fasterxml.jackson.core</groupId>
<artifactId>jackson-core</artifactId>
<version>${jackson.version}</version>
</dependency>
<dependency>
<groupId>com.fasterxml.jackson.core</groupId>
<artifactId>jackson-databind</artifactId>
<version>${jackson.version}</version>
</dependency>
<!-- Testing dependencies -->
<dependency>
<groupId>org.springframework</groupId>
<artifactId>spring-test</artifactId>
<version>${springframework.version}</version>
<scope>test</scope>
</dependency>
<dependency>
<groupId>org.testng</groupId>
<artifactId>testng</artifactId>
<version>${testng.version}</version>
<scope>test</scope>
</dependency>
<dependency>
<groupId>org.mockito</groupId>
<artifactId>mockito-all</artifactId>
<version>${mockito.version}</version>
<scope>test</scope>
</dependency>
<dependency>
<groupId>com.h2database</groupId>
<artifactId>h2</artifactId>
<version>${h2.version}</version>
<scope>test</scope>
</dependency>
<dependency>
<groupId>dbunit</groupId>
<artifactId>dbunit</artifactId>
<version>${dbunit.version}</version>
<scope>test</scope>
</dependency>
</dependencies>
如果需要更多信息,请告诉我!谢谢 .
编辑1:
@Configuration
@EnableWebSecurity
public class SecurityConfiguration extends WebSecurityConfigurerAdapter {
@Autowired
public void configureGlobalSecurity(AuthenticationManagerBuilder auth) throws Exception {
auth.inMemoryAuthentication().withUser("bill").password("user").roles("USER");
auth.inMemoryAuthentication().withUser("admin").password("admin").roles("ADMIN");
auth.inMemoryAuthentication().withUser("dba").password("dba").roles("ADMIN","DBA");
}
@Override
protected void configure(HttpSecurity http) throws Exception {
http.authorizeRequests()
.antMatchers("/", "/home","/restaurant/**").permitAll()
.antMatchers("/list").access("hasRole('USER')")
.antMatchers("/list").access("hasRole('ADMIN')")
.antMatchers("/admin/**").access("hasRole('ADMIN')")
.antMatchers("/db/**").access("hasRole('ADMIN') and hasRole('DBA')")
.and().formLogin().loginPage("/login")
.usernameParameter("ssoId").passwordParameter("password")
.and().csrf()
.and().exceptionHandling().accessDeniedPage("/Access_Denied");
}
}
编辑2:
2016-02-14 12:30:56 DEBUG FilterChainProxy:324 - / restaurant / 1位于第1位的12位额外的过滤链;触发过滤器:'WebAsyncManagerIntegrationFilter'2016-02-14 12:30:56 DEBUG FilterChainProxy:324 - / restaurant / 1,位于第2位,共12个附加过滤链;过滤:'SecurityContextPersistenceFilter'2016-02-14 12:30:56 DEBUG HttpSessionSecurityContextRepository:159 - 当前不存在HttpSession 2016-02-14 12:30:56 DEBUG HttpSessionSecurityContextRepository:101 - HttpSession中没有可用的SecurityContext:null . 将创建一个新的 . 2016-02-14 12:30:56 DEBUG FilterChainProxy:324 - / restaurant / 1位于第3位,共12个额外的过滤链;触发过滤器:'HeaderWriterFilter'2016-02-14 12:30:56 DEBUG HstsHeaderWriter:128 - 没有注入HSTS头,因为它与requestMatcher org.springframework.security.web.header.writers.HstsHeaderWriter $ SecureRequestMatcher@3ded3d8a 2016不匹配-02-14 12:30:56 DEBUG FilterChainProxy:324 - / restaurant / 1,位于第4位,共12个额外的过滤链;触发过滤器:'CsrfFilter'2016-02-14 12:30:56 DEBUG CsrfFilter:106 - 为http:// localhost:8080 / SpringSecurityCusotmLoginFormAnnotationExample / restaurant / 1找到无效的CSRF令牌2016-02-14 12:30:56 DEBUG DispatcherServlet:861 - 名为'dispatcher'的DispatcherServlet处理[/ SpringSecurityCusotmLoginFormAnnotationExample / Access_Denied]的PUT请求2016-02-14 12:30:56 DEBUG RequestMappingHandlerMapping:294 - 查找路径/ Access_Denied的处理程序方法2016-02-14 12: 30:56 DEBUG ExceptionHandlerExceptionResolver:134 - 解析来自handler [null]的异常:org.springframework.web.HttpRequestMethodNotSupportedException:不支持请求方法'PUT'2016-02-14 12:30:56 DEBUG ResponseStatusExceptionResolver:134 - 解析处理程序中的异常[null]:org.springframework.web.HttpRequestMethodNotSupportedException:不支持请求方法'PUT'2016-02-14 12:30:56 DEBUG DefaultHandlerExceptionResolver:134 - 解析来自handler [null]的异常:org.spring framework.web.HttpRequestMethodNotSupportedException:不支持请求方法'PUT'2016-02-14 12:30:56 WARN PageNotFound:198 - 不支持请求方法'PUT'2016-02-14 12:30:56 DEBUG HttpSessionSecurityContextRepository:337 - SecurityContext为空或内容为匿名 - 上下文不会存储在HttpSession中 . 2016-02-14 12:30:56 DEBUG DispatcherServlet:1034 - Null ModelAndView返回DispatcherServlet,名称为'dispatcher':假设HandlerAdapter已完成请求处理2016-02-14 12:30:56 DEBUG DispatcherServlet:996 - 已成功完成请求2016 -02-14 12:30:56 DEBUG DefaultListableBeanFactory:248 - 返回单例bean的缓存实例'delegatingApplicationListener'2016-02-14 12:30:56 DEBUG HttpSessionSecurityContextRepository:337 - SecurityContext为空或内容为匿名 - 上下文不会是存储在HttpSession中 . 2016-02-14 12:30:56 DEBUG SecurityContextPersistenceFilter:105 - SecurityContextHolder现已清除,请求处理完成
5 回答
尝试将
org.springframework.web的日志记录级别调高为DEBUG. 这将让您深入了解Spring如何处理请求 . 希望它会给你(或我们)一些关于如何修复它的线索 .如果您使用的是Spring Boot,只需将此行添加到application.properties文件中:
看到其他日志后进行编辑:
'PUT'不支持的消息有点误导 . 真正的问题出现在此之前 . 您没有有效的CSRF令牌 . 你是如何提交请求的?看起来您正在使用PostMan工具(但我不熟悉此工具),而不是直接从网页提交表单 . 可能有某种方式您可以使用该工具将令牌添加到您的请求中 . 没有工具它是否有用 - 直接从网页提交表单?
我有同样的错误,但对我来说,这是因为我已经将ID作为url参数进行了遗漏 . 我省略了它,因为ID存在于JSON主体中 .
当我改变... /餐厅到餐厅/ 1时,错误就消失了 .
而不是发送请求
/restaurant/1/,发送到/restaurant/1默认情况下,在
WebMvcAutoConfiguration中,未配置HttpPutFormContentFilter,因此出现问题 .它固定在 Spring 季启动
[1.3.0)版本并且工作正常 . 因此,您可以尝试更新spring-boot版本或手动配置此过滤器以使其工作正常 .Issue reference .
Another Stackoverlow reference
希望能帮助到你 .
如果你不需要csrf,你可以这样做 .
}