Spring secutity and Multipart

Question

I have services that're secured with token like in following example: https://stackoverflow.com/a/10864088/278279

Problem is when i added file uploading, filter can't find token in request(I think cause is that request have multipart type)

I am using CommonsMultipartResolver

<bean id="multipartResolver" class="org.springframework.web.multipart.commons.CommonsMultipartResolver">
    <property name="maxUploadSize" value="100000000"/>
</bean>

and simple spring controller to receive file @RequestParam("pic") MultipartFile pic

To resolve problem I modified, token retrieval if request have multipart type:

if(request.getContentType().contains("multipart/form-data")){ 
  List<FileItem> items = new ServletFileUpload(new  DiskFileItemFactory()).parseRequest((HttpServletRequest) request);
    for (FileItem item : items) {
               if (item.isFormField() &&  item.getFieldName().equals("token")) {
                return  item.getString();
               }
       }
    }

Finally after this modification authentication works, but in controller MultipartFile not sending more, so it throws exception that no parameter in request. How can i resolve this problem to be able to receive files with token authentication ?

Answer 1

I think you need to add the MultipartFilter. How to do this varies on which style of configuration you're using. In our case, we've added these lines to our WebApplicationInitializer.onStartup() method:

    FilterRegistration.Dynamic multipartFilter = servletContext.addFilter("multipartFilter", new MultipartFilter());
    multipartFilter.addMappingForUrlPatterns(EnumSet.of(DispatcherType.REQUEST), false, "/*");