java - 无法使用 spring oauth 对 oauth2 服务器进行身份验证-6ren

java - 无法使用 spring oauth 对 oauth2 服务器进行身份验证

转载作者：行者123 更新时间：2023-11-30 08:01:51

我正在尝试运行 Dave Syer 编写的示例( https://github.com/spring-cloud-samples/authserver 和 https://github.com/spring-cloud-samples/sso )，而不使用 JWT 转换器(以及使用证书的签名过程)。

当我使用证书和 key 按原样运行该示例时，该示例工作正常。但当我删除所有证书和 key 内容时，我无法进行身份验证!

我修改了如下代码:

@Configuration
@ComponentScan
@EnableAutoConfiguration
@Controller
@SessionAttributes("authorizationRequest")
public class AuthserverApplication extends WebMvcConfigurerAdapter {

public static void main(String[] args) {
    SpringApplication.run(AuthserverApplication.class, args);
}

@Override
public void addViewControllers(ViewControllerRegistry registry) {
    registry.addViewController("/login").setViewName("login");
    registry.addViewController("/oauth/confirm_access").setViewName("authorize");
}

@Configuration
@Order(ManagementServerProperties.ACCESS_OVERRIDE_ORDER)
protected static class LoginConfig extends WebSecurityConfigurerAdapter {

    @Autowired
    private AuthenticationManager authenticationManager;

    @Override
    protected void configure(HttpSecurity http) throws Exception {
        http.formLogin().loginPage("/login").permitAll().and().authorizeRequests()
                .anyRequest().authenticated();
    }

    @Override
    protected void configure(AuthenticationManagerBuilder auth) throws Exception {
        auth.parentAuthenticationManager(authenticationManager);
    }
}

@Configuration
@EnableAuthorizationServer
protected static class OAuth2Config extends AuthorizationServerConfigurerAdapter {

    @Autowired
    private AuthenticationManager authenticationManager;

    /*
    @Bean
    public JwtAccessTokenConverter jwtAccessTokenConverter() {
        JwtAccessTokenConverter converter = new JwtAccessTokenConverter();
        KeyPair keyPair = new KeyStoreKeyFactory(
                new ClassPathResource("keystore.jks"), "foobar".toCharArray())
                .getKeyPair("test");
        converter.setKeyPair(keyPair);
        return converter;
    }
    */

    @Override
    public void configure(ClientDetailsServiceConfigurer clients) throws Exception {
        clients.inMemory()
                .withClient("acme")
                .secret("acmesecret")
                .authorizedGrantTypes("authorization_code", "refresh_token", "password")
                .scopes("openid")
                .autoApprove(true);
                ;
    }

    @Override
    public void configure(AuthorizationServerEndpointsConfigurer endpoints)
            throws Exception {
        //endpoints.authenticationManager(authenticationManager).accessTokenConverter(jwtAccessTokenConverter());
        endpoints.authenticationManager(authenticationManager);
    }

    @Override
    public void configure(AuthorizationServerSecurityConfigurer oauthServer)
            throws Exception {
        oauthServer.tokenKeyAccess("permitAll()").checkTokenAccess("isAuthenticated()");
    }
}
}

应用程序属性:

server.contextPath=/uaa
security.user.password=password
security.ignored=/css/**,/js/**,/favicon.ico,/webjars/**
logging.level.org.springframework.security=DEBUG

这是客户端代码:

@Configuration
@ComponentScan
@EnableAutoConfiguration
@RestController
@RequestMapping("/dashboard")
public class SsoApplication {

@RequestMapping("/message")
public Map<String, Object> dashboard() {
    return Collections.<String, Object> singletonMap("message", "Yay!");
}

@RequestMapping("/user")
public Principal user(Principal user) {
    return user;
}

public static void main(String[] args) {
    SpringApplication.run(SsoApplication.class, args);
}

@Controller
public static class LoginErrors {
    @RequestMapping("/dashboard/login")
    public String dashboard() {
        return "redirect:/#/";
    }
}

@Component
@EnableOAuth2Sso
public static class LoginConfigurer extends WebSecurityConfigurerAdapter {

    @Override
    public void configure(HttpSecurity http) throws Exception {
        http.antMatcher("/dashboard/**").authorizeRequests().anyRequest()
                .authenticated().and().csrf()
                .csrfTokenRepository(csrfTokenRepository()).and()
                .addFilterAfter(csrfHeaderFilter(), CsrfFilter.class)
                .logout().logoutUrl("/dashboard/logout").permitAll()
                .logoutSuccessUrl("/");
    }

    private Filter csrfHeaderFilter() {
        return new OncePerRequestFilter() {
            @Override
            protected void doFilterInternal(HttpServletRequest request,
                    HttpServletResponse response, FilterChain filterChain)
                    throws ServletException, IOException {
                CsrfToken csrf = (CsrfToken) request
                        .getAttribute(CsrfToken.class.getName());
                if (csrf != null) {
                    Cookie cookie = new Cookie("XSRF-TOKEN",
                            csrf.getToken());
                    cookie.setPath("/");
                    response.addCookie(cookie);
                }
                filterChain.doFilter(request, response);
            }
        };
    }

    private CsrfTokenRepository csrfTokenRepository() {
        HttpSessionCsrfTokenRepository repository = new HttpSessionCsrfTokenRepository();
        repository.setHeaderName("X-XSRF-TOKEN");
        return repository;
    }
}
}

application.yml:

debug:
server:
port: 9999

security:
user:
password: user
ignored: /,/favicon.ico,/index.html,/home.html,/dashboard.html,/js/**,/css/**,/webjars/**
sessions: ALWAYS
oauth2:
 sso:
  loginPath: /dashboard/login
management:
security:
 role: HERO

logging:
 level:
  org.springframework.security: DEBUG
  com.netflix.discovery: 'OFF'

---
spring:
 profiles: default
security:
 oauth2:
  client:
   accessTokenUri: http://localhost:8080/uaa/oauth/token
   userAuthorizationUri: http://localhost:8080/uaa/oauth/authorize
   clientId: acme
   clientSecret: acmesecret
  resource:
#      jwt:
#        keyValue: |
#          -----BEGIN PUBLIC KEY-----
#            MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnGp/Q5lh0P8nPL21oMMrt2RrkT9AW5jgYwLfSUnJVc9G6uR3cXRRDCjHqWU5WYwivcF180A6CWp/ireQFFBNowgc5XaA0kPpzEtgsA5YsNX7iSnUibB004iBTfU9hZ2Rbsc8cWqynT0RyN4TP1RYVSeVKvMQk4GT1r7JCEC+TNu1ELmbNwMQyzKjsfBXyIOCFU/E94ktvsTZUHF4Oq44DBylCDsS1k7/sfZC2G5EU7Oz0mhG8+Uz6MSEQHtoIi6mc8u64Rwi3Z3tscuWG2ShtsUFuNSAFNkY7LkLn+/hxLCu2bNISMaESa8dG22CIMuIeRLVcAmEWEWH5EEforTg+QIDAQAB
#          -----END PUBLIC KEY-----
   id: openid
#      serviceId: ${PREFIX:}resource
   userInfoUri: http://localhost:8080/uaa/oauth/user
   preferTokenInfo: false

当我运行它时，我收到一个“Whitelabel 错误页面”，其中包含消息“无法从 token 获取用户详细信息。

Whitelabel Error Page

This application has no explicit mapping for /error, so you are seeing this as a fallback.

Tue Aug 04 09:48:49 CEST 2015
There was an unexpected error (type=Unauthorized, status=401).
Authentication Failed: Could not obtain user details from token

控制台日志位于此处:

2015-08-04 09:48:04.998 DEBUG 15152 --- [nio-9999-exec-1] o.s.s.w.u.matcher.AntPathRequestMatcher : Checking match of request : '/'; against '/' 2015-08-04 09:48:04.998 DEBUG 15152 --- [nio-9999-exec-1] o.s.security.web.FilterChainProxy : / has an empty filter list

 >2015-08-04 09:48:05.855 DEBUG 15152 --- [nio-9999-exec-5] o.s.b.a.e.mvc.EndpointHandlerMapping     : Looking up handler method for path /home.html
 >2015-08-04 09:48:05.855 DEBUG 15152 --- [nio-9999-exec-5] o.s.b.a.e.mvc.EndpointHandlerMapping     : Did not find handler method for [/home.html]
 >2015-08-04 09:48:05.858 DEBUG 15152 --- [nio-9999-exec-2] o.s.security.web.FilterChainProxy        : /dashboard/user at position 6 of 13 in additional filter chain; firing Filter: 'LogoutFilter'
 >2015-08-04 09:48:05.858 DEBUG 15152 --- [nio-9999-exec-2] o.s.s.w.u.matcher.AntPathRequestMatcher  : Request 'GET /dashboard/user' doesn't match 'POST /dashboard/logout
 >2015-08-04 09:48:05.858 DEBUG 15152 --- [nio-9999-exec-2] o.s.security.web.FilterChainProxy        : /dashboard/user at position 7 of 13 in additional filter chain; firing Filter: 'OAuth2ClientAuthenticationProcessingFilter'
 >2015-08-04 09:48:05.858 DEBUG 15152 --- [nio-9999-exec-2] o.s.s.w.u.matcher.AntPathRequestMatcher  : Checking match of request : '/dashboard/user'; against '/dashboard/login'
 >2015-08-04 09:48:05.858 DEBUG 15152 --- [nio-9999-exec-2] o.s.security.web.FilterChainProxy        : /dashboard/user at position 8 of 13 in additional filter chain; firing Filter: 'RequestCacheAwareFilter'
 >2015-08-04 09:48:05.858 DEBUG 15152 --- [nio-9999-exec-2] o.s.security.web.FilterChainProxy        : /dashboard/user at position 9 of 13 in additional filter chain; firing Filter: 'SecurityContextHolderAwareRequestFilter'
 >2015-08-04 09:48:05.859 DEBUG 15152 --- [nio-9999-exec-2] o.s.security.web.FilterChainProxy        : /dashboard/user at position 10 of 13 in additional filter chain; firing Filter: 'AnonymousAuthenticationFilter'
 >2015-08-04 09:48:05.859 DEBUG 15152 --- [nio-9999-exec-2] o.s.s.w.a.AnonymousAuthenticationFilter  : Populated SecurityContextHolder with anonymous token: 'org.springframework.security.authentication.AnonymousAuthenticationToken@9056f12c: Principal: anonymousUser; Credentials: [PROTECTED]; Authenticated: true; Details: org.springframework.security.web.authentication.WebAuthenticationDetails@380f4: RemoteIpAddress: 0:0:0:0:0:0:0:1; SessionId: 727CB5F626A106EBEDF8C86823DA98BA; Granted Authorities: ROLE_ANONYMOUS'
 >2015-08-04 09:48:05.859 DEBUG 15152 --- [nio-9999-exec-2] o.s.security.web.FilterChainProxy        : /dashboard/user at position 11 of 13 in additional filter chain; firing Filter: 'SessionManagementFilter'
 >2015-08-04 09:48:05.859 DEBUG 15152 --- [nio-9999-exec-2] o.s.security.web.FilterChainProxy        : /dashboard/user at position 12 of 13 in additional filter chain; firing Filter: 'ExceptionTranslationFilter'
 >2015-08-04 09:48:05.859 DEBUG 15152 --- [nio-9999-exec-2] o.s.security.web.FilterChainProxy        : /dashboard/user at position 13 of 13 in additional filter chain; firing Filter: 'FilterSecurityInterceptor'
 >2015-08-04 09:48:05.859 DEBUG 15152 --- [nio-9999-exec-2] o.s.s.w.u.matcher.AntPathRequestMatcher  : Request 'GET /dashboard/user' doesn't match 'POST /dashboard/logout
 >2015-08-04 09:48:05.859 DEBUG 15152 --- [nio-9999-exec-2] o.s.s.w.a.i.FilterSecurityInterceptor    : Secure object: FilterInvocation: URL: /dashboard/user; Attributes: [authenticated]
 >2015-08-04 09:48:05.859 DEBUG 15152 --- [nio-9999-exec-2] o.s.s.w.a.i.FilterSecurityInterceptor    : Previously Authenticated: org.springframework.security.authentication.AnonymousAuthenticationToken@9056f12c: Principal: anonymousUser; Credentials: [PROTECTED]; Authenticated: true; Details: org.springframework.security.web.authentication.WebAuthenticationDetails@380f4: RemoteIpAddress: 0:0:0:0:0:0:0:1; SessionId: 727CB5F626A106EBEDF8C86823DA98BA; Granted Authorities: ROLE_ANONYMOUS
 >2015-08-04 09:48:05.859 DEBUG 15152 --- [nio-9999-exec-2] o.s.s.access.vote.AffirmativeBased       : Voter: org.springframework.security.web.access.expression.WebExpressionVoter@7f2b37fb, returned: -1
 >2015-08-04 09:48:05.861 DEBUG 15152 --- [nio-9999-exec-2] o.s.b.a.audit.listener.AuditListener     : AuditEvent [timestamp=Tue Aug 04 09:48:05 CEST 2015, principal=anonymousUser, type=AUTHORIZATION_FAILURE, data={type=org.springframework.security.access.AccessDeniedException, message=AccÃ¨s refusÃ©}]
 >2015-08-04 09:48:05.862 DEBUG 15152 --- [nio-9999-exec-2] o.s.s.w.a.ExceptionTranslationFilter     : Access is denied (user is anonymous); redirecting to authentication entry point

>org.springframework.security.access.AccessDeniedException: AccÃ¨s refusÃ©
>at org.springframework.security.access.vote.AffirmativeBased.decide(AffirmativeBased.java:83)
>at org.springframework.security.access.intercept.AbstractSecurityInterceptor.beforeInvocation(AbstractSecurityInterceptor.java:232)
>at org.springframework.security.web.access.intercept.FilterSecurityInterceptor.invoke(FilterSecurityInterceptor.java:123)
>at org.springframework.security.web.access.intercept.FilterSecurityInterceptor.doFilter(FilterSecurityInterceptor.java:90)
>at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:330)
>at org.springframework.security.web.access.ExceptionTranslationFilter.doFilter(ExceptionTranslationFilter.java:114)
>at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:330)
>at org.springframework.security.web.session.SessionManagementFilter.doFilter(SessionManagementFilter.java:122)
>at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:330)
>at org.springframework.security.web.authentication.AnonymousAuthenticationFilter.doFilter(AnonymousAuthenticationFilter.java:111)
>at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:330)
>at org.springframework.security.web.servletapi.SecurityContextHolderAwareRequestFilter.doFilter(SecurityContextHolderAwareRequestFilter.java:168)
>at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:330)
>at org.springframework.security.web.savedrequest.RequestCacheAwareFilter.doFilter(RequestCacheAwareFilter.java:48)
>at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:330)
>at org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter.doFilter(AbstractAuthenticationProcessingFilter.java:205)
>at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:330)
>at org.springframework.security.web.authentication.logout.LogoutFilter.doFilter(LogoutFilter.java:120)
>at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:330)
>at demo.SsoApplication$LoginConfigurer$1.doFilterInternal(SsoApplication.java:91)
>at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107)
>at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:330)
>at org.springframework.security.web.csrf.CsrfFilter.doFilterInternal(CsrfFilter.java:96)
>at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107)
>at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:330)
>at org.springframework.security.web.header.HeaderWriterFilter.doFilterInternal(HeaderWriterFilter.java:64)
>at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107)
>at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:330)
>at org.springframework.security.web.context.SecurityContextPersistenceFilter.doFilter(SecurityContextPersistenceFilter.java:91)
>at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:330)
>at org.springframework.security.web.context.request.async.WebAsyncManagerIntegrationFilter.doFilterInternal(WebAsyncManagerIntegrationFilter.java:53)
>at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107)
>at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:330)
>at org.springframework.security.web.FilterChainProxy.doFilterInternal(FilterChainProxy.java:213)
>at org.springframework.security.web.FilterChainProxy.doFilter(FilterChainProxy.java:176)
>at org.springframework.security.oauth2.client.filter.OAuth2ClientContextFilter.doFilter(OAuth2ClientContextFilter.java:60)
>at org.springframework.web.filter.HiddenHttpMethodFilter.doFilterInternal(HiddenHttpMethodFilter.java:77)
>at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107)
>at org.springframework.web.filter.CharacterEncodingFilter.doFilterInternal(CharacterEncodingFilter.java:85)
>at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107)
>at org.springframework.boot.actuate.autoconfigure.MetricsFilter.doFilterInternal(MetricsFilter.java:69)
>at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107)
>at org.apache.coyote.http11.AbstractHttp11Processor.process(AbstractHttp11Processor.java:1091)
>at org.apache.coyote.AbstractProtocol$AbstractConnectionHandler.process(AbstractProtocol.java:668)
>at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1521)
>at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.run(NioEndpoint.java:1478)
>at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142)
>at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617)
>at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61)
>at java.lang.Thread.run(Thread.java:745)

 >2015-08-04 09:48:05.864 DEBUG 15152 --- [nio-9999-exec-2] o.s.s.w.util.matcher.AndRequestMatcher   : Trying to match using Ant [pattern='/**', GET]
 >2015-08-04 09:48:05.864 DEBUG 15152 --- [nio-9999-exec-2] o.s.s.w.u.matcher.AntPathRequestMatcher  : Request '/dashboard/user' matched by universal pattern '/**'
 >2015-08-04 09:48:05.864 DEBUG 15152 --- [nio-9999-exec-2] o.s.s.w.util.matcher.AndRequestMatcher   : Trying to match using NegatedRequestMatcher [requestMatcher=Ant [pattern='/**/favicon.ico']]
 >2015-08-04 09:48:05.864 DEBUG 15152 --- [nio-9999-exec-2] o.s.s.w.u.matcher.AntPathRequestMatcher  : Checking match of request : '/dashboard/user'; against '/**/favicon.ico'
o.s.s.w.a.ExceptionTranslationFilter     : Calling Authentication entry point.
w.c.HttpSessionSecurityContextRepository : No SecurityContext was available from the HttpSession: org.apache.catalina.session.StandardSessionFacade@7067a19. A new one will be created.
 >2015-08-04 09:48:06.108 DEBUG 15152 --- [nio-9999-exec-9] o.s.security.web.FilterChainProxy        : /dashboard/login at position 3 of 13 in additional filter chain; firing Filter: 'HeaderWriterFilter'
 >2015-08-04 09:48:06.108 DEBUG 15152 --- [nio-9999-exec-9] o.s.security.web.FilterChainProxy        : /dashboard/login at position 5 of 13 in additional filter chain; firing Filter: ''
 >2015-08-04 09:48:06.108 DEBUG 15152 --- [nio-9999-exec-9] o.s.security.web.FilterChainProxy        : /dashboard/login at position 6 of 13 in additional filter chain; firing Filter: 'LogoutFilter'
 >2015-08-04 09:48:06.108 DEBUG 15152 --- [nio-9999-exec-9] o.s.s.w.u.matcher.AntPathRequestMatcher  : Request 'GET /dashboard/login' doesn't match 'POST /dashboard/logout
 >2015-08-04 09:48:06.109 DEBUG 15152 --- [nio-9999-exec-9] o.s.security.web.FilterChainProxy        : /dashboard/login at position 7 of 13 in additional filter chain; firing Filter: 'OAuth2ClientAuthenticationProcessingFilter'
 >2015-08-04 09:48:06.109 DEBUG 15152 --- [nio-9999-exec-9] o.s.s.w.u.matcher.AntPathRequestMatcher  : Checking match of request : '/dashboard/login'; against '/dashboard/login'
 >2015-08-04 09:48:06.109 DEBUG 15152 --- [nio-9999-exec-9] uth2ClientAuthenticationProcessingFilter : Request is to process authentication
 >2015-08-04 09:48:06.110 DEBUG 15152 --- [nio-9999-exec-9] w.c.HttpSessionSecurityContextRepository : SecurityContext is empty or contents are anonymous - context will not be stored in HttpSession.
 >2015-08-04 09:48:06.110 DEBUG 15152 --- [nio-9999-exec-9] s.s.w.c.SecurityContextPersistenceFilter : SecurityContextHolder now cleared, as request processing completed
 >2015-08-04 09:48:06.110 DEBUG 15152 --- [nio-9999-exec-9] o.s.s.web.DefaultRedirectStrategy        : Redirecting to 'http://localhost:8080/uaa/oauth/authorize?client_id=acme&redirect_uri=http://localhost:9999/dashboard/login&response_type=code&state=Q5u4sk'
 >2015-08-04 09:48:27.258 DEBUG 15152 --- [io-9999-exec-10] o.s.security.web.FilterChainProxy        : /dashboard/login at position 1 of 13 in additional filter chain; firing Filter: 'WebAsyncManagerIntegrationFilter'
 >2015-08-04 09:48:27.258 DEBUG 15152 --- [io-9999-exec-10] o.s.security.web.FilterChainProxy        : /dashboard/login at position 2 of 13 in additional filter chain; firing Filter: 'SecurityContextPersistenceFilter'
 >2015-08-04 09:48:27.258 DEBUG 15152 --- [io-9999-exec-10] w.c.HttpSessionSecurityContextRepository : HttpSession returned null object for SPRING_SECURITY_CONTEXT
 >2015-08-04 09:48:27.258 DEBUG 15152 --- [io-9999-exec-10] w.c.HttpSessionSecurityContextRepository : No SecurityContext was available from the HttpSession: org.apache.catalina.session.StandardSessionFacade@7067a19. A new one will be created.
 >2015-08-04 09:48:27.258 DEBUG 15152 --- [io-9999-exec-10] o.s.security.web.FilterChainProxy        : /dashboard/login at position 3 of 13 in additional filter chain; firing Filter: 'HeaderWriterFilter'
 >2015-08-04 09:48:27.258 DEBUG 15152 --- [io-9999-exec-10] o.s.s.w.header.writers.HstsHeaderWriter  : Not injecting HSTS header since it did not match the requestMatcher org.springframework.security.web.header.writers.HstsHeaderWriter$SecureRequestMatcher@13e431af
 >2015-08-04 09:48:27.258 DEBUG 15152 --- [io-9999-exec-10] o.s.security.web.FilterChainProxy        : /dashboard/login at position 4 of 13 in additional filter chain; firing Filter: 'CsrfFilter'
 >2015-08-04 09:48:27.258 DEBUG 15152 --- [io-9999-exec-10] o.s.security.web.FilterChainProxy        : /dashboard/login at position 5 of 13 in additional filter chain; firing Filter: ''
 >2015-08-04 09:48:27.258 DEBUG 15152 --- [io-9999-exec-10] o.s.security.web.FilterChainProxy        : /dashboard/login at position 6 of 13 in additional filter chain; firing Filter: 'LogoutFilter'
 >2015-08-04 09:48:27.258 DEBUG 15152 --- [io-9999-exec-10] o.s.s.w.u.matcher.AntPathRequestMatcher  : Request 'GET /dashboard/login' doesn't match 'POST /dashboard/logout
 >2015-08-04 09:48:27.258 DEBUG 15152 --- [io-9999-exec-10] o.s.security.web.FilterChainProxy        : /dashboard/login at position 7 of 13 in additional filter chain; firing Filter: 'OAuth2ClientAuthenticationProcessingFilter'
 >2015-08-04 09:48:27.258 DEBUG 15152 --- [io-9999-exec-10] o.s.s.w.u.matcher.AntPathRequestMatcher  : Checking match of request : '/dashboard/login'; against '/dashboard/login'
 >2015-08-04 09:48:27.258 DEBUG 15152 --- [io-9999-exec-10] uth2ClientAuthenticationProcessingFilter : Request is to process authentication
 >2015-08-04 09:48:27.260 DEBUG 15152 --- [io-9999-exec-10] w.c.HttpSessionSecurityContextRepository : SecurityContext is empty or contents are anonymous - context will not be stored in HttpSession.
 >2015-08-04 09:48:27.261 DEBUG 15152 --- [io-9999-exec-10] s.s.w.c.SecurityContextPersistenceFilter : SecurityContextHolder now cleared, as request processing completed
 >2015-08-04 09:48:27.261 DEBUG 15152 --- [io-9999-exec-10] o.s.s.web.DefaultRedirectStrategy        : Redirecting to 'http://localhost:8080/uaa/oauth/authorize?client_id=acme&redirect_uri=http://localhost:9999/dashboard/login&response_type=code&state=QT2drI'
 >2015-08-04 09:48:49.878 DEBUG 15152 --- [nio-9999-exec-7] o.s.security.web.FilterChainProxy        : /dashboard/login?code=oAbBeG&state=QT2drI at position 1 of 13 in additional filter chain; firing Filter: 'WebAsyncManagerIntegrationFilter'
 >2015-08-04 09:48:49.878 DEBUG 15152 --- [nio-9999-exec-7] o.s.security.web.FilterChainProxy        : /dashboard/login?code=oAbBeG&state=QT2drI at position 2 of 13 in additional filter chain; firing Filter: 'SecurityContextPersistenceFilter'
 >2015-08-04 09:48:49.878 DEBUG 15152 --- [nio-9999-exec-7] w.c.HttpSessionSecurityContextRepository : HttpSession returned null object for SPRING_SECURITY_CONTEXT
 >2015-08-04 09:48:49.878 DEBUG 15152 --- [nio-9999-exec-7] w.c.HttpSessionSecurityContextRepository : No SecurityContext was available from the HttpSession: org.apache.catalina.session.StandardSessionFacade@7067a19. A new one will be created.
 >2015-08-04 09:48:49.878 DEBUG 15152 --- [nio-9999-exec-7] o.s.security.web.FilterChainProxy        : /dashboard/login?code=oAbBeG&state=QT2drI at position 3 of 13 in additional filter chain; firing Filter: 'HeaderWriterFilter'
 >2015-08-04 09:48:49.878 DEBUG 15152 --- [nio-9999-exec-7] o.s.s.w.header.writers.HstsHeaderWriter  : Not injecting HSTS header since it did not match the requestMatcher org.springframework.security.web.header.writers.HstsHeaderWriter$SecureRequestMatcher@13e431af
 >2015-08-04 09:48:49.878 DEBUG 15152 --- [nio-9999-exec-7] o.s.security.web.FilterChainProxy        : /dashboard/login?code=oAbBeG&state=QT2drI at position 4 of 13 in additional filter chain; firing Filter: 'CsrfFilter'
 >2015-08-04 09:48:49.878 DEBUG 15152 --- [nio-9999-exec-7] o.s.security.web.FilterChainProxy        : /dashboard/login?code=oAbBeG&state=QT2drI at position 5 of 13 in additional filter chain; firing Filter: ''
 >2015-08-04 09:48:49.879 DEBUG 15152 --- [nio-9999-exec-7] o.s.security.web.FilterChainProxy        : /dashboard/login?code=oAbBeG&state=QT2drI at position 6 of 13 in additional filter chain; firing Filter: 'LogoutFilter'
 >2015-08-04 09:48:49.879 DEBUG 15152 --- [nio-9999-exec-7] o.s.s.w.u.matcher.AntPathRequestMatcher  : Request 'GET /dashboard/login' doesn't match 'POST /dashboard/logout
 >2015-08-04 09:48:49.879 DEBUG 15152 --- [nio-9999-exec-7] o.s.security.web.FilterChainProxy        : /dashboard/login?code=oAbBeG&state=QT2drI at position 7 of 13 in additional filter chain; firing Filter: 'OAuth2ClientAuthenticationProcessingFilter'
 >2015-08-04 09:48:49.879 DEBUG 15152 --- [nio-9999-exec-7] o.s.s.w.u.matcher.AntPathRequestMatcher  : Checking match of request : '/dashboard/login'; against '/dashboard/login'
 >2015-08-04 09:48:49.879 DEBUG 15152 --- [nio-9999-exec-7] uth2ClientAuthenticationProcessingFilter : Request is to process authentication
 >2015-08-04 09:48:49.880 DEBUG 15152 --- [nio-9999-exec-7] g.c.AuthorizationCodeAccessTokenProvider : Retrieving token from http://localhost:8080/uaa/oauth/token
 >2015-08-04 09:48:49.881 DEBUG 15152 --- [nio-9999-exec-7] g.c.AuthorizationCodeAccessTokenProvider : Encoding and sending form: {grant_type=[authorization_code], code=[oAbBeG], redirect_uri=[http://localhost:9999/dashboard/login]}
 >2015-08-04 09:48:49.906  INFO 15152 --- [nio-9999-exec-7] o.s.b.a.s.o.r.UserInfoTokenServices      : Getting user info from: http://localhost:8080/uaa/oauth/user
 >2015-08-04 09:48:49.927 DEBUG 15152 --- [nio-9999-exec-7] o.s.s.oauth2.client.OAuth2RestTemplate   : Created GET request for "http://localhost:8080/uaa/oauth/user"
 >2015-08-04 09:48:49.928 DEBUG 15152 --- [nio-9999-exec-7] o.s.s.oauth2.client.OAuth2RestTemplate   : Setting request Accept header to [application/json, application/*+json]
 >2015-08-04 09:48:49.952 DEBUG 15152 --- [nio-9999-exec-7] o.s.s.oauth2.client.OAuth2RestTemplate   : GET request for "http://localhost:8080/uaa/oauth/user" resulted in 200 (OK)
 >2015-08-04 09:48:49.953  INFO 15152 --- [nio-9999-exec-7] o.s.b.a.s.o.r.UserInfoTokenServices      : Could not fetch user details: class org.springframework.web.client.RestClientException, Could not extract response: no suitable HttpMessageConverter found for response type [interface java.util.Map] and content type [text/html;charset=UTF-8]
 >2015-08-04 09:48:49.953 DEBUG 15152 --- [nio-9999-exec-7] o.s.b.a.s.o.r.UserInfoTokenServices      : userinfo returned error: Could not fetch user details
 >2015-08-04 09:48:49.953 DEBUG 15152 --- [nio-9999-exec-7] uth2ClientAuthenticationProcessingFilter : Authentication request failed: org.springframework.security.authentication.BadCredentialsException: Could not obtain user details from token
 >2015-08-04 09:48:49.953 DEBUG 15152 --- [nio-9999-exec-7] uth2ClientAuthenticationProcessingFilter : Updated SecurityContextHolder to contain null Authentication
 >2015-08-04 09:48:49.953 DEBUG 15152 --- [nio-9999-exec-7] uth2ClientAuthenticationProcessingFilter : Delegating to authentication failure handler org.springframework.security.web.authentication.SimpleUrlAuthenticationFailureHandler@44cb6589
 >2015-08-04 09:48:49.953 DEBUG 15152 --- [nio-9999-exec-7] .a.SimpleUrlAuthenticationFailureHandler : No failure URL set, sending 401 Unauthorized error
 >2015-08-04 09:48:49.953 DEBUG 15152 --- [nio-9999-exec-7] w.c.HttpSessionSecurityContextRepository : SecurityContext is empty or contents are anonymous - context will not be stored in HttpSession.
 >2015-08-04 09:48:49.953 DEBUG 15152 --- [nio-9999-exec-7] s.s.w.c.SecurityContextPersistenceFilter : SecurityContextHolder now cleared, as request processing completed
 >2015-08-04 09:48:49.954 DEBUG 15152 --- [nio-9999-exec-7] o.s.b.a.e.mvc.EndpointHandlerMapping     : Looking up handler method for path /error
 >2015-08-04 09:48:49.954 DEBUG 15152 --- [nio-9999-exec-7] o.s.b.a.e.mvc.EndpointHandlerMapping     : Did not find handler method for [/error]

有什么提示我做错了什么吗？

提前致谢

最佳答案

日志显示您的用户信息端点存在问题。对“http://localhost:8080/uaa/oauth/user ”的 GET 请求成功，但返回 HTML(应该是 JSON)。

关于java - 无法使用 spring oauth 对 oauth2 服务器进行身份验证，我们在Stack Overflow上找到一个类似的问题： https://stackoverflow.com/questions/31804191/

文章推荐： java - 比较字符集的 equals 函数是哪个变量？

文章推荐： java - JsessionId 欺骗 - Jboss 7

文章推荐： java - Netbeans 8.0.1 找不到 shiro.ini

文章推荐： java - Intellij IDEA 复制包 + Spring 应用程序配置的类名

javascript - 使用 WebScriptEndpoint 使用 javascript 使用 WCF 服务
我在网上搜索但没有找到任何合适的文章解释如何使用 javascript 使用 WCF 服务，尤其是 WebScriptEndpoint。任何人都可以对此给出任何指导吗？谢谢最佳答案这是一篇关于
c - 没有结果!!使用 fork() 使用 dup2 使用 2 个管道运行 execlp()
我正在编写一个将运行 Linux 命令的 C 程序，例如: cat/etc/passwd | grep 列表 |剪切-c 1-5 我没有任何结果 *这里 parent 等待第一个 child (chi
python - 处理文件上传，使用 Pillow 调整大小，使用 SQLAlchemy 存储，使用 Flask 提供文件
所以我正在尝试处理文件上传，然后将该文件作为二进制文件存储到数据库中。在我存储它之后，我尝试在给定的 URL 上提供文件。我似乎找不到适合这里的方法。我需要使用数据库，因为我使用 Google 应用引
excel - 使用 IF 使用 VBA 在单元格中添加公式的问题
我正在尝试制作一个宏，将下面的公式添加到单元格中，然后将其拖到整个列中并在 H 列中复制相同的公式我想在 F 和 H 列中输入公式的数据 Range("F1").formula = "=IF(ISE
使用 OperatorPrecedenceParser 使用 FParsec 解析函数应用程序？
问题类似于this one ，但我想使用 OperatorPrecedenceParser 解析带有函数应用程序的表达式在 FParsec . 这是我的 AST: type Expression =
sql - 使用 sequelize 使用 where 查询编码计数
我想通过使用 sequelize 和 node.js 将这个查询更改为代码取决于在哪里 select COUNT(gender) as genderCount from customers where
bash - 使用 “let”分配Bash失败，使用 “/”
我正在使用GNU bash，版本5.0.3(1)-发行版(x86_64-pc-linux-gnu)，我想知道为什么简单的赋值语句会出现语法错误: #/bin/bash var1=/tmp
javascript - 使用 JavaScript 使用 FOR OF 数组循环时出现错误？
这里，为什么我的代码在 IE 中不起作用。我的代码适用于所有浏览器。没有问题。但是当我在 IE 上运行我的项目时，它发现错误。而且我的 jquery 类和 insertadjacentHTMl 也不
javascript - 使用 javascript 使用 for 属性更改表单标签内容
我正在尝试更改标签的innerHTML。我无权访问该表单，因此无法编辑 HTML。标签具有的唯一标识符是“for”属性。这是输入和标签的结构:
javascript - 使用 jquery 使用 .on() 将事件附加到页面上的动态插入按钮
我有一个页面，我可以在其中返回用户帖子，可以使用一些 jquery 代码对这些帖子进行即时评论，在发布新评论后，我在帖子下插入新评论以及删除按钮。问题是 Delete 按钮在新插入的元素上不起作用，
使用 awk 使用 sha1sum 进行散列
我有一个大约有 20 列的“管道分隔”文件。我只想使用 sha1sum 散列第一列，它是一个数字，如帐号，并按原样返回其余列。使用 awk 或 sed 执行此操作的最佳方法是什么？ Accounti
mysql - 使用 insert into 使用 mysql
我需要将以下内容插入到我的表中...我的用户表有五列 id、用户名、密码、名称、条目。 (我还没有提交任何东西到条目中，我稍后会使用 php 来做)但由于某种原因我不断收到这个错误:#1054 - U
jquery - 将输入字段值修剪为仅字母数字字符/使用 .使用 jQuery
所以我试图有一个输入字段，我可以在其中输入任何字符，但然后将输入的值小写，删除任何非字母数字字符，留下“。”而不是空格。例如，如果我输入: 地球的 70% 是水，-!*#$^^ & 30% 土地输
javascript - 使用 .innerHTML 使用 DOM
我正在尝试做一些我认为非常简单的事情，但出于某种原因我没有得到想要的结果？我是 javascript 的新手，但对 java 有经验，所以我相信我没有使用某种正确的规则。这是一个获取输入值、检查选择
php - 使用 angularjs 使用 where 子句从数据库获取数据
我想使用 angularjs 从 mysql 数据库加载数据。这就是应用程序的工作原理；用户登录，他们的用户名存储在 cookie 中。该用户名显示在主页上我想获取这个值并通过 angularjs
ios - 使用 UITableViewCell 使用 AutoLayout
我正在使用 autoLayout，我想在 UITableViewCell 上放置一个 UIlabel，它应该始终位于单元格的右侧和右侧的中心。这就是我想要实现的目标所以在这里你可以看到我正在谈论的
mysql - 使用 ElasticSearch 使用 or 和运算符搜索多个字段
我需要与 MySql 等效的 elasticsearch 查询。我的 sql 查询: SELECT DISTINCT t.product_id AS id FROM tbl_sup_price t
ios - 使用 Swift 使用 JSON
我正在实现代码以使用 JSON。 func setup() { if let flickrURL = NSURL(string: "https://api.flickr.com/
javascript - 使用 JavaScript 使用 for 循环声明变量
我尝试使用for循环声明变量，然后测试cols和rols是否相同。如果是，它将运行递归函数。但是，我在 javascript 中执行 do 时遇到问题。有人可以帮忙吗？现在，在比较 col.1 和
jquery - 使用 :after 使用 jquery 更改样式
我举了一个我正在处理的问题的简短示例。 HTML代码: 1 2 3 CSS 代码: .BB a:hover{ color: #000; } .BB > li:after {

行者123

个人简介

我是一名优秀的程序员,十分优秀！

作者热门文章

滴滴打车优惠券免费领取

全站热门文章

首页

博学

6Ren·AI

商城

java - 无法使用 spring oauth 对 oauth2 服务器进行身份验证