springboot2的tomcatConfig的写法

最新推荐文章于 2024-10-18 13:54:31 发布

叮叮当当的心

最新推荐文章于 2024-10-18 13:54:31 发布

阅读量2.2k

点赞数 1

分类专栏：配置文章标签： springboot2 tomcatConfig

本文链接：https://blog.youkuaiyun.com/weixin_43197042/article/details/85060497

版权

配置专栏收录该内容

17 篇文章

订阅专栏

本文介绍从SpringBoot1.4升级到2.0后，Tomcat安全约束配置的变化。详细展示了如何在新版中设置HTTP方法的安全级别，确保应用的安全性。

摘要生成于 C知道，由 DeepSeek-R1 满血版支持，前往体验 >

springboot 1.4 使用的tomcatConfig中代码如下

 @Bean  
    public TomcatServletWebServerFactory servletContainer() {  
        TomcatEmbeddedServletContainerFactory tomcat = new TomcatEmbeddedServletContainerFactory() {// 1  
            protected void postProcessContext(Context context) {  
                SecurityConstraint securityConstraint = new SecurityConstraint();  
                securityConstraint.setUserConstraint("CONFIDENTIAL");  
                SecurityCollection collection = new SecurityCollection();  
                collection.addPattern("/*");  
                collection.addMethod("PUT");  
                collection.addMethod("DELETE");  
                collection.addMethod("CONNECT");  
                collection.addMethod("OPTIONS");  
                collection.addMethod("PATCH");  
                collection.addMethod("PROPFIND");  
                collection.addMethod("PROPPATCH");  
                collection.addMethod("MKCOL");
                collection.addMethod("COPY");  
                collection.addMethod("MOVE");  
                collection.addMethod("LOCK");  
                collection.addMethod("UNLOCK ");  
                collection.addMethod("TRACE");  
                collection.addMethod("HEAD");  
                securityConstraint.addCollection(collection);  
                context.addConstraint(securityConstraint);  
            }  
        };

升级springboot2之后，发现EmbeddedServletContainerFactory 没有了。然后发现是springboot2改写法了，改成如下写法，记录一下

   @Bean  
    public TomcatServletWebServerFactory servletContainer() {  
    	TomcatServletWebServerFactory  tomcat = new TomcatServletWebServerFactory () {// 1  
            protected void postProcessContext(Context context) {  
                SecurityConstraint securityConstraint = new SecurityConstraint();  
                securityConstraint.setUserConstraint("CONFIDENTIAL");  
                SecurityCollection collection = new SecurityCollection();  
                collection.addPattern("/*");  
                collection.addMethod("PUT");  
                collection.addMethod("DELETE");  
                collection.addMethod("CONNECT");  
                collection.addMethod("OPTIONS");  
                collection.addMethod("PATCH");  
                collection.addMethod("PROPFIND");  
                collection.addMethod("PROPPATCH");  
                collection.addMethod("MKCOL");
                collection.addMethod("COPY");  
                collection.addMethod("MOVE");  
                collection.addMethod("LOCK");  
                collection.addMethod("UNLOCK ");  
                collection.addMethod("TRACE");  
                collection.addMethod("HEAD");  
                securityConstraint.addCollection(collection);  
                context.addConstraint(securityConstraint);  
            }  
        };