Hi Peter, i have the same issue, but i am not using SecurityConfig.java file , so what is the alternate
Senthilchettyin ( 2016-12-20 12:06:54 +0800 )edit-
FEATURED COMPONENTS
First time here? Check out the FAQ!
Hi all,
I'm using ZK 7.0.3 with Spring Security 3.2.7 on a Ubuntu Server with Java SDK 7 and Tomcat 8
Everything works fine, but I encounter a problem with ZK's file upload.
When uploading a file, the upload process gets 'stucked' when the process bar reaches 100%. From this time on, nothing happens.
My ZUL file
<zk>
<div id="theParentDiv" apply="${myController}" vflex="1">
<vlayout>
<groupbox title="File upload" >
<button id="fileUpload" upload="true" label="Upload"
image="somepic.png"/>
</groupbox>
</vlayout>
</div>
</zk>
My Controller
@Controller
@Scope("session")
public class MyController extends SelectorComposer<Component> {
@Wire
Button fileUpload;
@AfterCompose
public void afterCompose(@ContextParam(ContextType.VIEW) Component view) {
Selectors.wireComponents(view, this, false);
}
public void doAfterCompose(Component comp) throws Exception {
super.doAfterCompose(comp);
// ...
}
// ...
@Listen("onUpload=#fileUpload")
public void upload(UploadEvent event){
logger.info("upload event"); // NEVER REACHED
final Media media = event.getMedia();
if(media.isBinary()) {
// complain
return;
}
// process it
}
}
When I look into the temp directory of my tomcat application on the server, I do see the uploaded file:
drwxrwxrwx 2 root root 4096 Jun 17 15:42 .
drwxr-sr-x 9 root staff 4096 Jun 17 15:15 ..
-rw------- 1 root root 8 Jun 17 15:42 imageio3741336634515839675.tmp
-rw-r--r-- 1 root root 1042112 Jun 17 15:42 upload_dea8c8ae_78f4_41a2_9481_b67144e339cf_00000000.tmp
I don't have a clue why the file upload gets stucked. Could the file permissions be the problem (Tomcat was started via 'sudo'; so I guess it is OK)?
The problem seems to be very similar to the one decribed here (no solution so far):
forum.zkoss.org/question/81047/uploadevent-is-not-triggering-after-file-upload/ (sorry, not enough karma for posting a link)
Just to mention: beside the above code I also tried a version with
<button id="fileUpload" label="Upload" />
and
@Listen("onClick=#fileUpload")
public void justUpload() {
Fileupload.get();
}
@Listen("onUpload=#theParentDiv")
public void onceUploaded(UpdateEvent event) {
// NEVER REACHED
final Media media = event.getMedia();
//
}
but I ran into the same issue.
Does anybody know a solution to this problem?
Kind regards, Peter
add this to your http configuration :
http.headers().addHeaderWriter(new XFrameOptionsHeaderWriter(XFrameOptionsMode.SAMEORIGIN));
Thank you alexprawira,
this solved the issue!
Regards, Peter
Edit: For ZK 7 with Spring Security 4.x the solution above does not work. Instead, add
http.headers().frameOptions().sameOrigin();
to your SecurityConfig.java file
Hi Peter, i have the same issue, but i am not using SecurityConfig.java file , so what is the alternate
Senthilchettyin ( 2016-12-20 12:06:54 +0800 )editWhoa it totally works ;)
Hello Darksu,
thank you very much for your help. Attached you can view my spring security settings.
Regards, Peter
web.xml (excerpt)
<context-param>
<param-name>contextConfigLocation</param-name>
<param-value>
/WEB-INF/applicationContext.xml
/WEB-INF/applicationContext-security.xml
</param-value>
</context-param>
<listener>
<listener-class>org.springframework.web.context.ContextLoaderListener</listener-class>
</listener>
<listener>
<listener-class>org.springframework.web.context.request.RequestContextListener</listener-class>
</listener>
applicationContext.xml
<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="...">
<context:annotation-config />
<context:component-scan base-package="my.base.package.for.services" />
</beans>
applicationContext-security.xml
<?xml version="1.0" encoding="UTF-8"?>
<beans:beans xmlns="...">
<global-method-security secured-annotations="enabled" />
</beans:beans>
Spring Security Config
@EnableWebSecurity
@Configuration
public class SecurityConfig extends WebSecurityConfigurerAdapter {
@Override
protected void configure(HttpSecurity http) throws Exception {
http.csrf().disable();
http.authorizeRequests()
.antMatchers("/login.zul").permitAll()
.antMatchers("/css/**", "/images/**").permitAll()
.antMatchers("widgets/**").access("hasAnyRole('USER', 'ADMIN', 'SUPERUSER')")
.antMatchers("/index.zul").access("hasAnyRole('USER', 'ADMIN', 'SUPERUSER')")
.antMatchers("/j_spring_security_check").anonymous()
.and()
.formLogin()
.permitAll()
.usernameParameter("username")
.passwordParameter("password")
.defaultSuccessUrl("/index.zul", true)
.loginPage("/login.zul")
.loginProcessingUrl("/j_spring_security_check")
.failureUrl("/login.zul?error=1")
.and()
.rememberMe()
.and()
.logout().logoutSuccessUrl("/login.zul").logoutUrl(
"/j_spring_security_logout").invalidateHttpSession(true).permitAll();
http.sessionManagement().sessionFixation().none();
}
}
Spring security initalizer
public class SpringSecurityInitializer extends AbstractSecurityWebApplicationInitializer {
// I also tried this, but without success
/*
@Override
protected void beforeSpringSecurityFilterChain(ServletContext servletContext) {
insertFilters(servletContext, new MultipartFilter());
}
*/
}
Hello Darksu,
thanks for you reply. I tried the code you suggested and again I ran into the same issue. So I think it's a Spring security issue (or at least a spring security config issue). I'll try to find a solution there ...
Regards, Peter
Hello Peda,
First of all could you please use the code that is included at the following forum post? (It will work for all file types)
http://forum.zkoss.org/question/97558/fileupload-not-working/?answer=97561#post-id-97561
If it still does not work, i suspect it may be related with Spring security.
Best Regards,
Darksu
Asked: 2015-06-17 15:22:54 +0800
Seen: 133 times
Last updated: Feb 12 '20
ZK 7.0.3 doAfterCompose is not called for GenericForwardComposer
Power of ZK Calender With Charts 2 and Other Components
ZK7 atlantic theme: vlayout/hlayout spacing
Structuring zul-code without includes?
css zk 7.0.3 with ie9 not work
Change listbox MVVM template with Java or how to let user change column order