解决安全漏扫问题

src/main/java/com/yizhi/xxl/job/executor/XxlJobExecutorApplication.java

 package com.yizhi.xxl.job.executor;
 
+import com.yizhi.core.application.security.config.SpringSecurityConfig;
 import org.springframework.boot.SpringApplication;
 import org.springframework.boot.autoconfigure.SpringBootApplication;
 import org.springframework.boot.autoconfigure.amqp.RabbitAutoConfiguration;
 import org.springframework.boot.autoconfigure.jdbc.DataSourceAutoConfiguration;
 import org.springframework.cloud.openfeign.EnableFeignClients;
+import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.ComponentScan;
+import org.springframework.context.annotation.DependsOn;
 
 /**
  * @author xuxueli 2018-10-28 00:38:13
@@ -18,5 +21,9 @@ public class XxlJobExecutorApplication {
     public static void main(String[] args) {
         SpringApplication.run(XxlJobExecutorApplication.class, args);
     }
+    @Bean
 
+    public SpringSecurityConfig springSecurityConfig(){
+        return new SpringSecurityConfig();
+    }
 }
\ No newline at end of file

src/main/java/com/yizhi/xxl/job/executor/core/config/XxlJobConfig.java

 package com.yizhi.xxl.job.executor.core.config;
 
 import com.xxl.job.core.executor.impl.XxlJobSpringExecutor;
+import com.yizhi.xxl.job.executor.filter.DisableTraceFilter;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 import org.springframework.beans.factory.annotation.Value;
+import org.springframework.boot.web.servlet.FilterRegistrationBean;
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
 
@@ -74,5 +76,14 @@ public class XxlJobConfig {
      *          String ip_ = inetUtils.findFirstNonLoopbackHostInfo().getIpAddress();
      */
 
+    @Bean
+    public FilterRegistrationBean<DisableTraceFilter> disableTraceFilter() {
+        FilterRegistrationBean<DisableTraceFilter> registrationBean = new FilterRegistrationBean<>();
+        registrationBean.setFilter(new DisableTraceFilter());
+        registrationBean.addUrlPatterns("/*");
+        registrationBean.setName("disableTraceFilter");
+        registrationBean.setOrder(1);
+        return registrationBean;
+    }
 
 }
\ No newline at end of file

src/main/java/com/yizhi/xxl/job/executor/filter/DisableTraceFilter.java

+package com.yizhi.xxl.job.executor.filter;
+
+import javax.servlet.*;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+import java.io.IOException;
+
+public class DisableTraceFilter implements Filter {
+ 
+    @Override
+    public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain)
+            throws IOException, ServletException {
+        if (request instanceof HttpServletRequest) {
+            HttpServletRequest httpRequest = (HttpServletRequest) request;
+            if ("TRACE".equalsIgnoreCase(httpRequest.getMethod())||"TRACK".equalsIgnoreCase(httpRequest.getMethod())) {
+                HttpServletResponse httpResponse = (HttpServletResponse) response;
+                httpResponse.sendError(HttpServletResponse.SC_METHOD_NOT_ALLOWED);
+                return;
+            }
+        }
+        chain.doFilter(request, response);
+    }
+}
\ No newline at end of file

src/main/resources/bootstrap.properties

 spring.application.name=cloud-xxl-job-executor
-server.port=80
+server.port=35098
 ACTIVE=${spring.profiles.active}
 spring.profiles.active=prod
 # nacos
@@ -8,3 +8,4 @@ spring.cloud.nacos.config.namespace=${spring.profiles.active}
 spring.cloud.nacos.config.prefix=${spring.application.name}
 spring.cloud.nacos.config.file-extension=properties
 spring.cloud.nacos.config.server-addr=10.23.1.183:8848
+spring.servlet.http.trace-enabled=false
\ No newline at end of file