Наконец-то у меня сработало следующее решение:
pom.xml:
<!-- https://mvnrepository.com/artifact/org.springframework.security/spring-security-config -->
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-config</artifactId>
</dependency>
<!-- https://mvnrepository.com/artifact/org.springframework.security/spring-security-web -->
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-web</artifactId>
<version>4.2.4.RELEASE</version>
</dependency>
SecurityConfig.java
package com.Application;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
@Configuration
public class SecurityConfig extends WebSecurityConfigurerAdapter{
/*
* Method allow to access any resource without any authentication
*/
@Override
protected void configure(HttpSecurity http) throws Exception {
http.authorizeRequests().anyRequest().permitAll();
}
}
UrlFilter.java
package com.component;
import java.io.IOException;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import org.slf4j.LoggerFactory;
import org.slf4j.Logger;
import org.springframework.stereotype.Component;
import com.daimler.datalayer.apistreamintegration.exception.BadRequest;
@Component
public class UrlFilter implements Filter {
private static final Logger LOGGER = LoggerFactory.getLogger(UrlFilter.class);
@Override
public void init(FilterConfig filterChain) throws ServletException {
}
/*
* filter call to check if any double forward slash(//) present in URI before invoking Controller class
*/
@Override
public void doFilter(ServletRequest request, ServletResponse response, FilterChain filterChain)
throws IOException, ServletException {
LOGGER.info("Filtering the url");
if (!(request instanceof HttpServletRequest)) {
return;
}
String requestURI = ((HttpServletRequest) request).getRequestURI();
boolean isInvalidUrl = requestURI.contains("//");
if (isInvalidUrl) {
throw new BadRequest("The request was rejected because the URL was not normalized.");
}
filterChain.doFilter(request, response);
}
@Override
public void destroy() {
}
}
BadRequest.java
package com.exception;
import org.springframework.http.HttpStatus;
import org.springframework.web.bind.annotation.ResponseStatus;
@ResponseStatus(value = HttpStatus.BAD_REQUEST)
public class BadRequest extends RuntimeException {
private static final long serialVersionUID = 1L;
public BadRequest(String message) {
super(message);
}
public BadRequest(String message, Throwable cause) {
super(message, cause);
}
}