- html - 出于某种原因,IE8 对我的 Sass 文件中继承的 html5 CSS 不友好?
- JMeter 在响应断言中使用 span 标签的问题
- html - 在 :hover and :active? 上具有不同效果的 CSS 动画
- html - 相对于居中的 html 内容固定的 CSS 重复背景?
我正在尝试运行 Dave Syer 编写的示例( https://github.com/spring-cloud-samples/authserver 和 https://github.com/spring-cloud-samples/sso ),而不使用 JWT 转换器(以及使用证书的签名过程)。
当我使用证书和 key 按原样运行该示例时,该示例工作正常。但当我删除所有证书和 key 内容时,我无法进行身份验证!
我修改了如下代码:
@Configuration
@ComponentScan
@EnableAutoConfiguration
@Controller
@SessionAttributes("authorizationRequest")
public class AuthserverApplication extends WebMvcConfigurerAdapter {
public static void main(String[] args) {
SpringApplication.run(AuthserverApplication.class, args);
}
@Override
public void addViewControllers(ViewControllerRegistry registry) {
registry.addViewController("/login").setViewName("login");
registry.addViewController("/oauth/confirm_access").setViewName("authorize");
}
@Configuration
@Order(ManagementServerProperties.ACCESS_OVERRIDE_ORDER)
protected static class LoginConfig extends WebSecurityConfigurerAdapter {
@Autowired
private AuthenticationManager authenticationManager;
@Override
protected void configure(HttpSecurity http) throws Exception {
http.formLogin().loginPage("/login").permitAll().and().authorizeRequests()
.anyRequest().authenticated();
}
@Override
protected void configure(AuthenticationManagerBuilder auth) throws Exception {
auth.parentAuthenticationManager(authenticationManager);
}
}
@Configuration
@EnableAuthorizationServer
protected static class OAuth2Config extends AuthorizationServerConfigurerAdapter {
@Autowired
private AuthenticationManager authenticationManager;
/*
@Bean
public JwtAccessTokenConverter jwtAccessTokenConverter() {
JwtAccessTokenConverter converter = new JwtAccessTokenConverter();
KeyPair keyPair = new KeyStoreKeyFactory(
new ClassPathResource("keystore.jks"), "foobar".toCharArray())
.getKeyPair("test");
converter.setKeyPair(keyPair);
return converter;
}
*/
@Override
public void configure(ClientDetailsServiceConfigurer clients) throws Exception {
clients.inMemory()
.withClient("acme")
.secret("acmesecret")
.authorizedGrantTypes("authorization_code", "refresh_token", "password")
.scopes("openid")
.autoApprove(true);
;
}
@Override
public void configure(AuthorizationServerEndpointsConfigurer endpoints)
throws Exception {
//endpoints.authenticationManager(authenticationManager).accessTokenConverter(jwtAccessTokenConverter());
endpoints.authenticationManager(authenticationManager);
}
@Override
public void configure(AuthorizationServerSecurityConfigurer oauthServer)
throws Exception {
oauthServer.tokenKeyAccess("permitAll()").checkTokenAccess("isAuthenticated()");
}
}
}
应用程序属性:
server.contextPath=/uaa
security.user.password=password
security.ignored=/css/**,/js/**,/favicon.ico,/webjars/**
logging.level.org.springframework.security=DEBUG
这是客户端代码:
@Configuration
@ComponentScan
@EnableAutoConfiguration
@RestController
@RequestMapping("/dashboard")
public class SsoApplication {
@RequestMapping("/message")
public Map<String, Object> dashboard() {
return Collections.<String, Object> singletonMap("message", "Yay!");
}
@RequestMapping("/user")
public Principal user(Principal user) {
return user;
}
public static void main(String[] args) {
SpringApplication.run(SsoApplication.class, args);
}
@Controller
public static class LoginErrors {
@RequestMapping("/dashboard/login")
public String dashboard() {
return "redirect:/#/";
}
}
@Component
@EnableOAuth2Sso
public static class LoginConfigurer extends WebSecurityConfigurerAdapter {
@Override
public void configure(HttpSecurity http) throws Exception {
http.antMatcher("/dashboard/**").authorizeRequests().anyRequest()
.authenticated().and().csrf()
.csrfTokenRepository(csrfTokenRepository()).and()
.addFilterAfter(csrfHeaderFilter(), CsrfFilter.class)
.logout().logoutUrl("/dashboard/logout").permitAll()
.logoutSuccessUrl("/");
}
private Filter csrfHeaderFilter() {
return new OncePerRequestFilter() {
@Override
protected void doFilterInternal(HttpServletRequest request,
HttpServletResponse response, FilterChain filterChain)
throws ServletException, IOException {
CsrfToken csrf = (CsrfToken) request
.getAttribute(CsrfToken.class.getName());
if (csrf != null) {
Cookie cookie = new Cookie("XSRF-TOKEN",
csrf.getToken());
cookie.setPath("/");
response.addCookie(cookie);
}
filterChain.doFilter(request, response);
}
};
}
private CsrfTokenRepository csrfTokenRepository() {
HttpSessionCsrfTokenRepository repository = new HttpSessionCsrfTokenRepository();
repository.setHeaderName("X-XSRF-TOKEN");
return repository;
}
}
}
application.yml:
debug:
server:
port: 9999
security:
user:
password: user
ignored: /,/favicon.ico,/index.html,/home.html,/dashboard.html,/js/**,/css/**,/webjars/**
sessions: ALWAYS
oauth2:
sso:
loginPath: /dashboard/login
management:
security:
role: HERO
logging:
level:
org.springframework.security: DEBUG
com.netflix.discovery: 'OFF'
---
spring:
profiles: default
security:
oauth2:
client:
accessTokenUri: http://localhost:8080/uaa/oauth/token
userAuthorizationUri: http://localhost:8080/uaa/oauth/authorize
clientId: acme
clientSecret: acmesecret
resource:
# jwt:
# keyValue: |
# -----BEGIN PUBLIC KEY-----
# MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnGp/Q5lh0P8nPL21oMMrt2RrkT9AW5jgYwLfSUnJVc9G6uR3cXRRDCjHqWU5WYwivcF180A6CWp/ireQFFBNowgc5XaA0kPpzEtgsA5YsNX7iSnUibB004iBTfU9hZ2Rbsc8cWqynT0RyN4TP1RYVSeVKvMQk4GT1r7JCEC+TNu1ELmbNwMQyzKjsfBXyIOCFU/E94ktvsTZUHF4Oq44DBylCDsS1k7/sfZC2G5EU7Oz0mhG8+Uz6MSEQHtoIi6mc8u64Rwi3Z3tscuWG2ShtsUFuNSAFNkY7LkLn+/hxLCu2bNISMaESa8dG22CIMuIeRLVcAmEWEWH5EEforTg+QIDAQAB
# -----END PUBLIC KEY-----
id: openid
# serviceId: ${PREFIX:}resource
userInfoUri: http://localhost:8080/uaa/oauth/user
preferTokenInfo: false
当我运行它时,我收到一个“Whitelabel 错误页面”,其中包含消息“无法从 token 获取用户详细信息。
Whitelabel Error Page
This application has no explicit mapping for /error, so you are seeing this as a fallback.
Tue Aug 04 09:48:49 CEST 2015
There was an unexpected error (type=Unauthorized, status=401).
Authentication Failed: Could not obtain user details from token
控制台日志位于此处:
2015-08-04 09:48:04.998 DEBUG 15152 --- [nio-9999-exec-1] o.s.s.w.u.matcher.AntPathRequestMatcher : Checking match of request : '/'; against '/' 2015-08-04 09:48:04.998 DEBUG 15152 --- [nio-9999-exec-1] o.s.security.web.FilterChainProxy : / has an empty filter list
>2015-08-04 09:48:05.855 DEBUG 15152 --- [nio-9999-exec-5] o.s.b.a.e.mvc.EndpointHandlerMapping : Looking up handler method for path /home.html
>2015-08-04 09:48:05.855 DEBUG 15152 --- [nio-9999-exec-5] o.s.b.a.e.mvc.EndpointHandlerMapping : Did not find handler method for [/home.html]
>2015-08-04 09:48:05.858 DEBUG 15152 --- [nio-9999-exec-2] o.s.security.web.FilterChainProxy : /dashboard/user at position 6 of 13 in additional filter chain; firing Filter: 'LogoutFilter'
>2015-08-04 09:48:05.858 DEBUG 15152 --- [nio-9999-exec-2] o.s.s.w.u.matcher.AntPathRequestMatcher : Request 'GET /dashboard/user' doesn't match 'POST /dashboard/logout
>2015-08-04 09:48:05.858 DEBUG 15152 --- [nio-9999-exec-2] o.s.security.web.FilterChainProxy : /dashboard/user at position 7 of 13 in additional filter chain; firing Filter: 'OAuth2ClientAuthenticationProcessingFilter'
>2015-08-04 09:48:05.858 DEBUG 15152 --- [nio-9999-exec-2] o.s.s.w.u.matcher.AntPathRequestMatcher : Checking match of request : '/dashboard/user'; against '/dashboard/login'
>2015-08-04 09:48:05.858 DEBUG 15152 --- [nio-9999-exec-2] o.s.security.web.FilterChainProxy : /dashboard/user at position 8 of 13 in additional filter chain; firing Filter: 'RequestCacheAwareFilter'
>2015-08-04 09:48:05.858 DEBUG 15152 --- [nio-9999-exec-2] o.s.security.web.FilterChainProxy : /dashboard/user at position 9 of 13 in additional filter chain; firing Filter: 'SecurityContextHolderAwareRequestFilter'
>2015-08-04 09:48:05.859 DEBUG 15152 --- [nio-9999-exec-2] o.s.security.web.FilterChainProxy : /dashboard/user at position 10 of 13 in additional filter chain; firing Filter: 'AnonymousAuthenticationFilter'
>2015-08-04 09:48:05.859 DEBUG 15152 --- [nio-9999-exec-2] o.s.s.w.a.AnonymousAuthenticationFilter : Populated SecurityContextHolder with anonymous token: 'org.springframework.security.authentication.AnonymousAuthenticationToken@9056f12c: Principal: anonymousUser; Credentials: [PROTECTED]; Authenticated: true; Details: org.springframework.security.web.authentication.WebAuthenticationDetails@380f4: RemoteIpAddress: 0:0:0:0:0:0:0:1; SessionId: 727CB5F626A106EBEDF8C86823DA98BA; Granted Authorities: ROLE_ANONYMOUS'
>2015-08-04 09:48:05.859 DEBUG 15152 --- [nio-9999-exec-2] o.s.security.web.FilterChainProxy : /dashboard/user at position 11 of 13 in additional filter chain; firing Filter: 'SessionManagementFilter'
>2015-08-04 09:48:05.859 DEBUG 15152 --- [nio-9999-exec-2] o.s.security.web.FilterChainProxy : /dashboard/user at position 12 of 13 in additional filter chain; firing Filter: 'ExceptionTranslationFilter'
>2015-08-04 09:48:05.859 DEBUG 15152 --- [nio-9999-exec-2] o.s.security.web.FilterChainProxy : /dashboard/user at position 13 of 13 in additional filter chain; firing Filter: 'FilterSecurityInterceptor'
>2015-08-04 09:48:05.859 DEBUG 15152 --- [nio-9999-exec-2] o.s.s.w.u.matcher.AntPathRequestMatcher : Request 'GET /dashboard/user' doesn't match 'POST /dashboard/logout
>2015-08-04 09:48:05.859 DEBUG 15152 --- [nio-9999-exec-2] o.s.s.w.a.i.FilterSecurityInterceptor : Secure object: FilterInvocation: URL: /dashboard/user; Attributes: [authenticated]
>2015-08-04 09:48:05.859 DEBUG 15152 --- [nio-9999-exec-2] o.s.s.w.a.i.FilterSecurityInterceptor : Previously Authenticated: org.springframework.security.authentication.AnonymousAuthenticationToken@9056f12c: Principal: anonymousUser; Credentials: [PROTECTED]; Authenticated: true; Details: org.springframework.security.web.authentication.WebAuthenticationDetails@380f4: RemoteIpAddress: 0:0:0:0:0:0:0:1; SessionId: 727CB5F626A106EBEDF8C86823DA98BA; Granted Authorities: ROLE_ANONYMOUS
>2015-08-04 09:48:05.859 DEBUG 15152 --- [nio-9999-exec-2] o.s.s.access.vote.AffirmativeBased : Voter: org.springframework.security.web.access.expression.WebExpressionVoter@7f2b37fb, returned: -1
>2015-08-04 09:48:05.861 DEBUG 15152 --- [nio-9999-exec-2] o.s.b.a.audit.listener.AuditListener : AuditEvent [timestamp=Tue Aug 04 09:48:05 CEST 2015, principal=anonymousUser, type=AUTHORIZATION_FAILURE, data={type=org.springframework.security.access.AccessDeniedException, message=Accès refusé}]
>2015-08-04 09:48:05.862 DEBUG 15152 --- [nio-9999-exec-2] o.s.s.w.a.ExceptionTranslationFilter : Access is denied (user is anonymous); redirecting to authentication entry point
>org.springframework.security.access.AccessDeniedException: Accès refusé
>at org.springframework.security.access.vote.AffirmativeBased.decide(AffirmativeBased.java:83)
>at org.springframework.security.access.intercept.AbstractSecurityInterceptor.beforeInvocation(AbstractSecurityInterceptor.java:232)
>at org.springframework.security.web.access.intercept.FilterSecurityInterceptor.invoke(FilterSecurityInterceptor.java:123)
>at org.springframework.security.web.access.intercept.FilterSecurityInterceptor.doFilter(FilterSecurityInterceptor.java:90)
>at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:330)
>at org.springframework.security.web.access.ExceptionTranslationFilter.doFilter(ExceptionTranslationFilter.java:114)
>at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:330)
>at org.springframework.security.web.session.SessionManagementFilter.doFilter(SessionManagementFilter.java:122)
>at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:330)
>at org.springframework.security.web.authentication.AnonymousAuthenticationFilter.doFilter(AnonymousAuthenticationFilter.java:111)
>at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:330)
>at org.springframework.security.web.servletapi.SecurityContextHolderAwareRequestFilter.doFilter(SecurityContextHolderAwareRequestFilter.java:168)
>at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:330)
>at org.springframework.security.web.savedrequest.RequestCacheAwareFilter.doFilter(RequestCacheAwareFilter.java:48)
>at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:330)
>at org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter.doFilter(AbstractAuthenticationProcessingFilter.java:205)
>at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:330)
>at org.springframework.security.web.authentication.logout.LogoutFilter.doFilter(LogoutFilter.java:120)
>at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:330)
>at demo.SsoApplication$LoginConfigurer$1.doFilterInternal(SsoApplication.java:91)
>at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107)
>at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:330)
>at org.springframework.security.web.csrf.CsrfFilter.doFilterInternal(CsrfFilter.java:96)
>at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107)
>at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:330)
>at org.springframework.security.web.header.HeaderWriterFilter.doFilterInternal(HeaderWriterFilter.java:64)
>at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107)
>at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:330)
>at org.springframework.security.web.context.SecurityContextPersistenceFilter.doFilter(SecurityContextPersistenceFilter.java:91)
>at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:330)
>at org.springframework.security.web.context.request.async.WebAsyncManagerIntegrationFilter.doFilterInternal(WebAsyncManagerIntegrationFilter.java:53)
>at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107)
>at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:330)
>at org.springframework.security.web.FilterChainProxy.doFilterInternal(FilterChainProxy.java:213)
>at org.springframework.security.web.FilterChainProxy.doFilter(FilterChainProxy.java:176)
>at org.springframework.security.oauth2.client.filter.OAuth2ClientContextFilter.doFilter(OAuth2ClientContextFilter.java:60)
>at org.springframework.web.filter.HiddenHttpMethodFilter.doFilterInternal(HiddenHttpMethodFilter.java:77)
>at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107)
>at org.springframework.web.filter.CharacterEncodingFilter.doFilterInternal(CharacterEncodingFilter.java:85)
>at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107)
>at org.springframework.boot.actuate.autoconfigure.MetricsFilter.doFilterInternal(MetricsFilter.java:69)
>at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107)
>at org.apache.coyote.http11.AbstractHttp11Processor.process(AbstractHttp11Processor.java:1091)
>at org.apache.coyote.AbstractProtocol$AbstractConnectionHandler.process(AbstractProtocol.java:668)
>at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1521)
>at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.run(NioEndpoint.java:1478)
>at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142)
>at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617)
>at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61)
>at java.lang.Thread.run(Thread.java:745)
>2015-08-04 09:48:05.864 DEBUG 15152 --- [nio-9999-exec-2] o.s.s.w.util.matcher.AndRequestMatcher : Trying to match using Ant [pattern='/**', GET]
>2015-08-04 09:48:05.864 DEBUG 15152 --- [nio-9999-exec-2] o.s.s.w.u.matcher.AntPathRequestMatcher : Request '/dashboard/user' matched by universal pattern '/**'
>2015-08-04 09:48:05.864 DEBUG 15152 --- [nio-9999-exec-2] o.s.s.w.util.matcher.AndRequestMatcher : Trying to match using NegatedRequestMatcher [requestMatcher=Ant [pattern='/**/favicon.ico']]
>2015-08-04 09:48:05.864 DEBUG 15152 --- [nio-9999-exec-2] o.s.s.w.u.matcher.AntPathRequestMatcher : Checking match of request : '/dashboard/user'; against '/**/favicon.ico'
o.s.s.w.a.ExceptionTranslationFilter : Calling Authentication entry point.
w.c.HttpSessionSecurityContextRepository : No SecurityContext was available from the HttpSession: org.apache.catalina.session.StandardSessionFacade@7067a19. A new one will be created.
>2015-08-04 09:48:06.108 DEBUG 15152 --- [nio-9999-exec-9] o.s.security.web.FilterChainProxy : /dashboard/login at position 3 of 13 in additional filter chain; firing Filter: 'HeaderWriterFilter'
>2015-08-04 09:48:06.108 DEBUG 15152 --- [nio-9999-exec-9] o.s.security.web.FilterChainProxy : /dashboard/login at position 5 of 13 in additional filter chain; firing Filter: ''
>2015-08-04 09:48:06.108 DEBUG 15152 --- [nio-9999-exec-9] o.s.security.web.FilterChainProxy : /dashboard/login at position 6 of 13 in additional filter chain; firing Filter: 'LogoutFilter'
>2015-08-04 09:48:06.108 DEBUG 15152 --- [nio-9999-exec-9] o.s.s.w.u.matcher.AntPathRequestMatcher : Request 'GET /dashboard/login' doesn't match 'POST /dashboard/logout
>2015-08-04 09:48:06.109 DEBUG 15152 --- [nio-9999-exec-9] o.s.security.web.FilterChainProxy : /dashboard/login at position 7 of 13 in additional filter chain; firing Filter: 'OAuth2ClientAuthenticationProcessingFilter'
>2015-08-04 09:48:06.109 DEBUG 15152 --- [nio-9999-exec-9] o.s.s.w.u.matcher.AntPathRequestMatcher : Checking match of request : '/dashboard/login'; against '/dashboard/login'
>2015-08-04 09:48:06.109 DEBUG 15152 --- [nio-9999-exec-9] uth2ClientAuthenticationProcessingFilter : Request is to process authentication
>2015-08-04 09:48:06.110 DEBUG 15152 --- [nio-9999-exec-9] w.c.HttpSessionSecurityContextRepository : SecurityContext is empty or contents are anonymous - context will not be stored in HttpSession.
>2015-08-04 09:48:06.110 DEBUG 15152 --- [nio-9999-exec-9] s.s.w.c.SecurityContextPersistenceFilter : SecurityContextHolder now cleared, as request processing completed
>2015-08-04 09:48:06.110 DEBUG 15152 --- [nio-9999-exec-9] o.s.s.web.DefaultRedirectStrategy : Redirecting to 'http://localhost:8080/uaa/oauth/authorize?client_id=acme&redirect_uri=http://localhost:9999/dashboard/login&response_type=code&state=Q5u4sk'
>2015-08-04 09:48:27.258 DEBUG 15152 --- [io-9999-exec-10] o.s.security.web.FilterChainProxy : /dashboard/login at position 1 of 13 in additional filter chain; firing Filter: 'WebAsyncManagerIntegrationFilter'
>2015-08-04 09:48:27.258 DEBUG 15152 --- [io-9999-exec-10] o.s.security.web.FilterChainProxy : /dashboard/login at position 2 of 13 in additional filter chain; firing Filter: 'SecurityContextPersistenceFilter'
>2015-08-04 09:48:27.258 DEBUG 15152 --- [io-9999-exec-10] w.c.HttpSessionSecurityContextRepository : HttpSession returned null object for SPRING_SECURITY_CONTEXT
>2015-08-04 09:48:27.258 DEBUG 15152 --- [io-9999-exec-10] w.c.HttpSessionSecurityContextRepository : No SecurityContext was available from the HttpSession: org.apache.catalina.session.StandardSessionFacade@7067a19. A new one will be created.
>2015-08-04 09:48:27.258 DEBUG 15152 --- [io-9999-exec-10] o.s.security.web.FilterChainProxy : /dashboard/login at position 3 of 13 in additional filter chain; firing Filter: 'HeaderWriterFilter'
>2015-08-04 09:48:27.258 DEBUG 15152 --- [io-9999-exec-10] o.s.s.w.header.writers.HstsHeaderWriter : Not injecting HSTS header since it did not match the requestMatcher org.springframework.security.web.header.writers.HstsHeaderWriter$SecureRequestMatcher@13e431af
>2015-08-04 09:48:27.258 DEBUG 15152 --- [io-9999-exec-10] o.s.security.web.FilterChainProxy : /dashboard/login at position 4 of 13 in additional filter chain; firing Filter: 'CsrfFilter'
>2015-08-04 09:48:27.258 DEBUG 15152 --- [io-9999-exec-10] o.s.security.web.FilterChainProxy : /dashboard/login at position 5 of 13 in additional filter chain; firing Filter: ''
>2015-08-04 09:48:27.258 DEBUG 15152 --- [io-9999-exec-10] o.s.security.web.FilterChainProxy : /dashboard/login at position 6 of 13 in additional filter chain; firing Filter: 'LogoutFilter'
>2015-08-04 09:48:27.258 DEBUG 15152 --- [io-9999-exec-10] o.s.s.w.u.matcher.AntPathRequestMatcher : Request 'GET /dashboard/login' doesn't match 'POST /dashboard/logout
>2015-08-04 09:48:27.258 DEBUG 15152 --- [io-9999-exec-10] o.s.security.web.FilterChainProxy : /dashboard/login at position 7 of 13 in additional filter chain; firing Filter: 'OAuth2ClientAuthenticationProcessingFilter'
>2015-08-04 09:48:27.258 DEBUG 15152 --- [io-9999-exec-10] o.s.s.w.u.matcher.AntPathRequestMatcher : Checking match of request : '/dashboard/login'; against '/dashboard/login'
>2015-08-04 09:48:27.258 DEBUG 15152 --- [io-9999-exec-10] uth2ClientAuthenticationProcessingFilter : Request is to process authentication
>2015-08-04 09:48:27.260 DEBUG 15152 --- [io-9999-exec-10] w.c.HttpSessionSecurityContextRepository : SecurityContext is empty or contents are anonymous - context will not be stored in HttpSession.
>2015-08-04 09:48:27.261 DEBUG 15152 --- [io-9999-exec-10] s.s.w.c.SecurityContextPersistenceFilter : SecurityContextHolder now cleared, as request processing completed
>2015-08-04 09:48:27.261 DEBUG 15152 --- [io-9999-exec-10] o.s.s.web.DefaultRedirectStrategy : Redirecting to 'http://localhost:8080/uaa/oauth/authorize?client_id=acme&redirect_uri=http://localhost:9999/dashboard/login&response_type=code&state=QT2drI'
>2015-08-04 09:48:49.878 DEBUG 15152 --- [nio-9999-exec-7] o.s.security.web.FilterChainProxy : /dashboard/login?code=oAbBeG&state=QT2drI at position 1 of 13 in additional filter chain; firing Filter: 'WebAsyncManagerIntegrationFilter'
>2015-08-04 09:48:49.878 DEBUG 15152 --- [nio-9999-exec-7] o.s.security.web.FilterChainProxy : /dashboard/login?code=oAbBeG&state=QT2drI at position 2 of 13 in additional filter chain; firing Filter: 'SecurityContextPersistenceFilter'
>2015-08-04 09:48:49.878 DEBUG 15152 --- [nio-9999-exec-7] w.c.HttpSessionSecurityContextRepository : HttpSession returned null object for SPRING_SECURITY_CONTEXT
>2015-08-04 09:48:49.878 DEBUG 15152 --- [nio-9999-exec-7] w.c.HttpSessionSecurityContextRepository : No SecurityContext was available from the HttpSession: org.apache.catalina.session.StandardSessionFacade@7067a19. A new one will be created.
>2015-08-04 09:48:49.878 DEBUG 15152 --- [nio-9999-exec-7] o.s.security.web.FilterChainProxy : /dashboard/login?code=oAbBeG&state=QT2drI at position 3 of 13 in additional filter chain; firing Filter: 'HeaderWriterFilter'
>2015-08-04 09:48:49.878 DEBUG 15152 --- [nio-9999-exec-7] o.s.s.w.header.writers.HstsHeaderWriter : Not injecting HSTS header since it did not match the requestMatcher org.springframework.security.web.header.writers.HstsHeaderWriter$SecureRequestMatcher@13e431af
>2015-08-04 09:48:49.878 DEBUG 15152 --- [nio-9999-exec-7] o.s.security.web.FilterChainProxy : /dashboard/login?code=oAbBeG&state=QT2drI at position 4 of 13 in additional filter chain; firing Filter: 'CsrfFilter'
>2015-08-04 09:48:49.878 DEBUG 15152 --- [nio-9999-exec-7] o.s.security.web.FilterChainProxy : /dashboard/login?code=oAbBeG&state=QT2drI at position 5 of 13 in additional filter chain; firing Filter: ''
>2015-08-04 09:48:49.879 DEBUG 15152 --- [nio-9999-exec-7] o.s.security.web.FilterChainProxy : /dashboard/login?code=oAbBeG&state=QT2drI at position 6 of 13 in additional filter chain; firing Filter: 'LogoutFilter'
>2015-08-04 09:48:49.879 DEBUG 15152 --- [nio-9999-exec-7] o.s.s.w.u.matcher.AntPathRequestMatcher : Request 'GET /dashboard/login' doesn't match 'POST /dashboard/logout
>2015-08-04 09:48:49.879 DEBUG 15152 --- [nio-9999-exec-7] o.s.security.web.FilterChainProxy : /dashboard/login?code=oAbBeG&state=QT2drI at position 7 of 13 in additional filter chain; firing Filter: 'OAuth2ClientAuthenticationProcessingFilter'
>2015-08-04 09:48:49.879 DEBUG 15152 --- [nio-9999-exec-7] o.s.s.w.u.matcher.AntPathRequestMatcher : Checking match of request : '/dashboard/login'; against '/dashboard/login'
>2015-08-04 09:48:49.879 DEBUG 15152 --- [nio-9999-exec-7] uth2ClientAuthenticationProcessingFilter : Request is to process authentication
>2015-08-04 09:48:49.880 DEBUG 15152 --- [nio-9999-exec-7] g.c.AuthorizationCodeAccessTokenProvider : Retrieving token from http://localhost:8080/uaa/oauth/token
>2015-08-04 09:48:49.881 DEBUG 15152 --- [nio-9999-exec-7] g.c.AuthorizationCodeAccessTokenProvider : Encoding and sending form: {grant_type=[authorization_code], code=[oAbBeG], redirect_uri=[http://localhost:9999/dashboard/login]}
>2015-08-04 09:48:49.906 INFO 15152 --- [nio-9999-exec-7] o.s.b.a.s.o.r.UserInfoTokenServices : Getting user info from: http://localhost:8080/uaa/oauth/user
>2015-08-04 09:48:49.927 DEBUG 15152 --- [nio-9999-exec-7] o.s.s.oauth2.client.OAuth2RestTemplate : Created GET request for "http://localhost:8080/uaa/oauth/user"
>2015-08-04 09:48:49.928 DEBUG 15152 --- [nio-9999-exec-7] o.s.s.oauth2.client.OAuth2RestTemplate : Setting request Accept header to [application/json, application/*+json]
>2015-08-04 09:48:49.952 DEBUG 15152 --- [nio-9999-exec-7] o.s.s.oauth2.client.OAuth2RestTemplate : GET request for "http://localhost:8080/uaa/oauth/user" resulted in 200 (OK)
>2015-08-04 09:48:49.953 INFO 15152 --- [nio-9999-exec-7] o.s.b.a.s.o.r.UserInfoTokenServices : Could not fetch user details: class org.springframework.web.client.RestClientException, Could not extract response: no suitable HttpMessageConverter found for response type [interface java.util.Map] and content type [text/html;charset=UTF-8]
>2015-08-04 09:48:49.953 DEBUG 15152 --- [nio-9999-exec-7] o.s.b.a.s.o.r.UserInfoTokenServices : userinfo returned error: Could not fetch user details
>2015-08-04 09:48:49.953 DEBUG 15152 --- [nio-9999-exec-7] uth2ClientAuthenticationProcessingFilter : Authentication request failed: org.springframework.security.authentication.BadCredentialsException: Could not obtain user details from token
>2015-08-04 09:48:49.953 DEBUG 15152 --- [nio-9999-exec-7] uth2ClientAuthenticationProcessingFilter : Updated SecurityContextHolder to contain null Authentication
>2015-08-04 09:48:49.953 DEBUG 15152 --- [nio-9999-exec-7] uth2ClientAuthenticationProcessingFilter : Delegating to authentication failure handler org.springframework.security.web.authentication.SimpleUrlAuthenticationFailureHandler@44cb6589
>2015-08-04 09:48:49.953 DEBUG 15152 --- [nio-9999-exec-7] .a.SimpleUrlAuthenticationFailureHandler : No failure URL set, sending 401 Unauthorized error
>2015-08-04 09:48:49.953 DEBUG 15152 --- [nio-9999-exec-7] w.c.HttpSessionSecurityContextRepository : SecurityContext is empty or contents are anonymous - context will not be stored in HttpSession.
>2015-08-04 09:48:49.953 DEBUG 15152 --- [nio-9999-exec-7] s.s.w.c.SecurityContextPersistenceFilter : SecurityContextHolder now cleared, as request processing completed
>2015-08-04 09:48:49.954 DEBUG 15152 --- [nio-9999-exec-7] o.s.b.a.e.mvc.EndpointHandlerMapping : Looking up handler method for path /error
>2015-08-04 09:48:49.954 DEBUG 15152 --- [nio-9999-exec-7] o.s.b.a.e.mvc.EndpointHandlerMapping : Did not find handler method for [/error]
有什么提示我做错了什么吗?
提前致谢
最佳答案
日志显示您的用户信息端点存在问题。对“http://localhost:8080/uaa/oauth/user ”的 GET 请求成功,但返回 HTML(应该是 JSON)。
关于java - 无法使用 spring oauth 对 oauth2 服务器进行身份验证,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/31804191/
我在网上搜索但没有找到任何合适的文章解释如何使用 javascript 使用 WCF 服务,尤其是 WebScriptEndpoint。 任何人都可以对此给出任何指导吗? 谢谢 最佳答案 这是一篇关于
我正在编写一个将运行 Linux 命令的 C 程序,例如: cat/etc/passwd | grep 列表 |剪切-c 1-5 我没有任何结果 *这里 parent 等待第一个 child (chi
所以我正在尝试处理文件上传,然后将该文件作为二进制文件存储到数据库中。在我存储它之后,我尝试在给定的 URL 上提供文件。我似乎找不到适合这里的方法。我需要使用数据库,因为我使用 Google 应用引
我正在尝试制作一个宏,将下面的公式添加到单元格中,然后将其拖到整个列中并在 H 列中复制相同的公式 我想在 F 和 H 列中输入公式的数据 Range("F1").formula = "=IF(ISE
问题类似于this one ,但我想使用 OperatorPrecedenceParser 解析带有函数应用程序的表达式在 FParsec . 这是我的 AST: type Expression =
我想通过使用 sequelize 和 node.js 将这个查询更改为代码取决于在哪里 select COUNT(gender) as genderCount from customers where
我正在使用GNU bash,版本5.0.3(1)-发行版(x86_64-pc-linux-gnu),我想知道为什么简单的赋值语句会出现语法错误: #/bin/bash var1=/tmp
这里,为什么我的代码在 IE 中不起作用。我的代码适用于所有浏览器。没有问题。但是当我在 IE 上运行我的项目时,它发现错误。 而且我的 jquery 类和 insertadjacentHTMl 也不
我正在尝试更改标签的innerHTML。我无权访问该表单,因此无法编辑 HTML。标签具有的唯一标识符是“for”属性。 这是输入和标签的结构:
我有一个页面,我可以在其中返回用户帖子,可以使用一些 jquery 代码对这些帖子进行即时评论,在发布新评论后,我在帖子下插入新评论以及删除 按钮。问题是 Delete 按钮在新插入的元素上不起作用,
我有一个大约有 20 列的“管道分隔”文件。我只想使用 sha1sum 散列第一列,它是一个数字,如帐号,并按原样返回其余列。 使用 awk 或 sed 执行此操作的最佳方法是什么? Accounti
我需要将以下内容插入到我的表中...我的用户表有五列 id、用户名、密码、名称、条目。 (我还没有提交任何东西到条目中,我稍后会使用 php 来做)但由于某种原因我不断收到这个错误:#1054 - U
所以我试图有一个输入字段,我可以在其中输入任何字符,但然后将输入的值小写,删除任何非字母数字字符,留下“。”而不是空格。 例如,如果我输入: 地球的 70% 是水,-!*#$^^ & 30% 土地 输
我正在尝试做一些我认为非常简单的事情,但出于某种原因我没有得到想要的结果?我是 javascript 的新手,但对 java 有经验,所以我相信我没有使用某种正确的规则。 这是一个获取输入值、检查选择
我想使用 angularjs 从 mysql 数据库加载数据。 这就是应用程序的工作原理;用户登录,他们的用户名存储在 cookie 中。该用户名显示在主页上 我想获取这个值并通过 angularjs
我正在使用 autoLayout,我想在 UITableViewCell 上放置一个 UIlabel,它应该始终位于单元格的右侧和右侧的中心。 这就是我想要实现的目标 所以在这里你可以看到我正在谈论的
我需要与 MySql 等效的 elasticsearch 查询。我的 sql 查询: SELECT DISTINCT t.product_id AS id FROM tbl_sup_price t
我正在实现代码以使用 JSON。 func setup() { if let flickrURL = NSURL(string: "https://api.flickr.com/
我尝试使用for循环声明变量,然后测试cols和rols是否相同。如果是,它将运行递归函数。但是,我在 javascript 中执行 do 时遇到问题。有人可以帮忙吗? 现在,在比较 col.1 和
我举了一个我正在处理的问题的简短示例。 HTML代码: 1 2 3 CSS 代码: .BB a:hover{ color: #000; } .BB > li:after {
我是一名优秀的程序员,十分优秀!