个人中心
文章发布
退出
作者热门文章
- html - 出于某种原因,IE8 对我的 Sass 文件中继承的 html5 CSS 不友好?
- JMeter 在响应断言中使用 span 标签的问题
- html - 在 :hover and :active? 上具有不同效果的 CSS 动画
- html - 相对于居中的 html 内容固定的 CSS 重复背景?
24
4
我正在从用户创建 X-Auth-Token。但是,当我尝试从生成的 token 中检索用户时,它给了我一个异常
Warning: StandardWrapperValve[com.security.util.AppConfig]: Servlet.service() for servlet com.security.util.AppConfig threw exception
java.lang.IllegalStateException: com.fasterxml.jackson.databind.JsonMappingException: Can not construct instance of org.springframework.security.core.userdetails.UserDetails, problem: abstract types either need to be mapped to concrete types, have custom deserializer, or be instantiated with additional type information
at [Source: java.io.ByteArrayInputStream@7e618679; line: 1, column: 1]
at com.security.util.TokenHandler.fromJSON(TokenHandler.java:81)
at com.security.util.TokenHandler.parseUserFromToken(TokenHandler.java:55)
at com.security.util.TokenAuthenticationService.getAuthentication(TokenAuthenticationService.java:43)
at com.security.util.StatelessAuthenticationFilter.doFilter(StatelessAuthenticationFilter.java:34)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342)
at org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter.doFilter(AbstractAuthenticationProcessingFilter.java:199)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342)
at org.springframework.security.web.header.HeaderWriterFilter.doFilterInternal(HeaderWriterFilter.java:57)
at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342)
at org.springframework.security.web.FilterChainProxy.doFilterInternal(FilterChainProxy.java:192)
at org.springframework.security.web.FilterChainProxy.doFilter(FilterChainProxy.java:160)
at org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:343)
at org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:260)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:256)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:214)
at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:316)
at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:160)
at org.apache.catalina.core.StandardPipeline.doInvoke(StandardPipeline.java:734)
at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:673)
at com.sun.enterprise.web.WebPipeline.invoke(WebPipeline.java:99)
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:174)
at org.apache.catalina.connector.CoyoteAdapter.doService(CoyoteAdapter.java:416)
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:283)
at com.sun.enterprise.v3.services.impl.ContainerMapper$HttpHandlerCallable.call(ContainerMapper.java:459)
at com.sun.enterprise.v3.services.impl.ContainerMapper.service(ContainerMapper.java:167)
at org.glassfish.grizzly.http.server.HttpHandler.runService(HttpHandler.java:206)
at org.glassfish.grizzly.http.server.HttpHandler.doHandle(HttpHandler.java:180)
at org.glassfish.grizzly.http.server.HttpServerFilter.handleRead(HttpServerFilter.java:235)
at org.glassfish.grizzly.filterchain.ExecutorResolver$9.execute(ExecutorResolver.java:119)
at org.glassfish.grizzly.filterchain.DefaultFilterChain.executeFilter(DefaultFilterChain.java:283)
at org.glassfish.grizzly.filterchain.DefaultFilterChain.executeChainPart(DefaultFilterChain.java:200)
at org.glassfish.grizzly.filterchain.DefaultFilterChain.execute(DefaultFilterChain.java:132)
at org.glassfish.grizzly.filterchain.DefaultFilterChain.process(DefaultFilterChain.java:111)
at org.glassfish.grizzly.ProcessorExecutor.execute(ProcessorExecutor.java:77)
at org.glassfish.grizzly.nio.transport.TCPNIOTransport.fireIOEvent(TCPNIOTransport.java:536)
at org.glassfish.grizzly.strategies.AbstractIOStrategy.fireIOEvent(AbstractIOStrategy.java:112)
at org.glassfish.grizzly.strategies.WorkerThreadIOStrategy.run0(WorkerThreadIOStrategy.java:117)
at org.glassfish.grizzly.strategies.WorkerThreadIOStrategy.access$100(WorkerThreadIOStrategy.java:56)
at org.glassfish.grizzly.strategies.WorkerThreadIOStrategy$WorkerThreadRunnable.run(WorkerThreadIOStrategy.java:137)
at org.glassfish.grizzly.threadpool.AbstractThreadPool$Worker.doWork(AbstractThreadPool.java:591)
at org.glassfish.grizzly.threadpool.AbstractThreadPool$Worker.run(AbstractThreadPool.java:571)
at java.lang.Thread.run(Thread.java:745)
Caused by: com.fasterxml.jackson.databind.JsonMappingException: Can not construct instance of org.springframework.security.core.userdetails.UserDetails, problem: abstract types either need to be mapped to concrete types, have custom deserializer, or be instantiated with additional type information
at [Source: java.io.ByteArrayInputStream@7e618679; line: 1, column: 1]
at com.fasterxml.jackson.databind.JsonMappingException.from(JsonMappingException.java:148)
at com.fasterxml.jackson.databind.DeserializationContext.instantiationException(DeserializationContext.java:857)
at com.fasterxml.jackson.databind.deser.AbstractDeserializer.deserialize(AbstractDeserializer.java:139)
at com.fasterxml.jackson.databind.ObjectMapper._readMapAndClose(ObjectMapper.java:3562)
at com.fasterxml.jackson.databind.ObjectMapper.readValue(ObjectMapper.java:2648)
at com.security.util.TokenHandler.fromJSON(TokenHandler.java:79)
... 42 more
public String createTokenForUser(UserDetails user) {
byte[] userBytes = toJSON(user);
byte[] hash = createHmac(userBytes);
final StringBuilder sb = new StringBuilder(170);
sb.append(toBase64(userBytes));
sb.append(SEPARATOR);
sb.append(toBase64(hash));
return sb.toString();
}
public UserDetails parseUserFromToken(String token) {
final String[] parts = token.split(SEPARATOR_SPLITTER);
if (parts.length == 2 && parts[0].length() > 0 && parts[1].length() > 0) {
try {
final byte[] userBytes = fromBase64(parts[0]);
final byte[] hash = fromBase64(parts[1]);
boolean validHash = Arrays.equals(createHmac(userBytes), hash);
if (validHash) {
//NEXT LINE I GET AN EXCEPTION
final UserDetails user = fromJSON(userBytes);
return user;
}
} catch (IllegalArgumentException e) {
//log tempering attempt here
}
}
return null;
}
private UserDetails fromJSON(final byte[] userBytes) {
try {
return new ObjectMapper().readValue(new ByteArrayInputStream(userBytes), UserDetails.class);
} catch (IOException e) {
throw new IllegalStateException(e);
}
}
private byte[] toJSON(UserDetails user) {
try {
return new ObjectMapper().writeValueAsBytes(user);
} catch (JsonProcessingException e) {
throw new IllegalStateException(e);
}
}
private String toBase64(byte[] content) {
return DatatypeConverter.printBase64Binary(content);
}
private byte[] fromBase64(String content) {
return DatatypeConverter.parseBase64Binary(content);
}
// synchronized to guard internal hmac object
private synchronized byte[] createHmac(byte[] content) {
return hmac.doFinal(content);
}
EDIT # 1:
public class CustomUserDetails extends org.springframework.security.core.userdetails.User{
private User user;
public CustomUserDetails(String username, String password, Collection<? extends GrantedAuthority> authorities) {
super(username, password, authorities);
}
public CustomUserDetails(String username, String password, boolean enabled, boolean accountNonExpired, boolean credentialsNonExpired, boolean accountNonLocked, Collection<? extends GrantedAuthority> authorities) {
super(username, password, enabled, accountNonExpired, credentialsNonExpired, accountNonLocked, authorities);
}
public CustomUserDetails(User user, Collection<? extends GrantedAuthority> authorities) {
super(user.getUsername(), user.getPassword(), authorities);
this.user = user;
}
public CustomUserDetails(User user, boolean enabled, boolean accountNonExpired, boolean credentialsNonExpired, boolean accountNonLocked, Collection<? extends GrantedAuthority> authorities) {
super(user.getUsername(), user.getPassword(), enabled, accountNonExpired, credentialsNonExpired, accountNonLocked, authorities);
this.user = user;
}
public User getUser() {
return user;
}
}
private UserDetails fromJSON(final byte[] userBytes) {
try {
return new ObjectMapper().readValue(new ByteArrayInputStream(userBytes), CustomUserDetails.class);
} catch (IOException e) {
throw new IllegalStateException(e);
}
}
private byte[] toJSON(UserDetails user) {
try {
return new ObjectMapper().writeValueAsBytes( new CustomUserDetails(
user.getUsername(),
user.getPassword(), user.getAuthorities()));
} catch (JsonProcessingException e) {
throw new IllegalStateException(e);
}
}
Now the exception is a changed to :
Caused by: com.fasterxml.jackson.databind.JsonMappingException: No suitable constructor found for type [simple type, class com.security.CustomUserDetails]: can not instantiate from JSON object (missing default constructor or creator, or perhaps need to add/enable type information?)
最佳答案
您可以编写自己的解串器。将 JsonDeserialize 注释放在相关字段上。
public class LoginUser implements UserDetails {
....getters and setters...
@JsonDeserialize(using = CustomAuthorityDeserializer.class)
@Override
public Collection<? extends GrantedAuthority> getAuthorities() {
return this.mAuthorities;
}
}
public class CustomAuthorityDeserializer extends JsonDeserializer {
@Override
public Object deserialize(JsonParser jp, DeserializationContext ctxt) throws IOException {
ObjectMapper mapper = (ObjectMapper) jp.getCodec();
JsonNode jsonNode = mapper.readTree(jp);
List<GrantedAuthority> grantedAuthorities = new LinkedList<>();
Iterator<JsonNode> elements = jsonNode.elements();
while (elements.hasNext()) {
JsonNode next = elements.next();
JsonNode authority = next.get("authority");
grantedAuthorities.add(new SimpleGrantedAuthority(authority.asText()));
}
return grantedAuthorities;
}
}
关于java - Spring Security :Can not construct instance of org. springframework.security.core.userdetails.UserDetails,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/36168010/
24
4
0
我知道我的问题有点含糊,但我不知道如何描述它。我问过很多地方,但似乎没有人理解我为什么要这样做。但请耐心等待,我会解释为什么我想要这样的东西。 我使用 Liquid Templates 允许用户在我的
这个问题在这里已经有了答案: what is the difference between null != object and object!=null [duplicate] (2 个回答) 7年
当我在我的本地主机 Google App Engine 应用程序中将日志记录级别更改为 FINE 时,我开始在我的跟踪堆栈中看到这些: Apr 17, 2013 4:54:20 PM com.goog
Python 有内置函数 type : class type(object) With one argument, return the type of an object. The return v
我正在使用深度学习进行语义分割,我遇到了以下术语:语义分割、实例检测、对象检测 和对象分割. 它们有什么区别? 最佳答案 这些术语的某些用法对用户而言是主观的或依赖于上下文,但据我所知对这些术语的合理
我面临 -[NSConcreteMutableData release] 的问题:消息发送到已释放的实例,我也附上了我的示例代码。 - (IBAction)uploadImage { NSString
我试图显示模型中的单个实例(数据库行),其中多个实例共享多行的相同字段(列)值。为了澄清这一说法,我有以下情况: ID/Title/Slug/Modified 1 Car A 1s ag
我正在尝试使用mockito来模拟服务。然而,我没有找到一种方法来告诉mockito,给定一个类的实例返回给我相同的实例: 类似于: given(service.add(any(Individua
我知道如何从父类(super class)原型(prototype)创建子类原型(prototype)。但是,如果我已经有了父类(super class)对象的实例来创建子类对象怎么办? 在 JS 中
鉴于 Kotlin 1.1。对于某个类的 instance,instance::class.java 和 instance.javaClass 似乎几乎是等价的: val i = 0 println(
这个问题在这里已经有了答案: 8年前关闭。 Possible Duplicate: Find out the instance id from within an ec2 machine 我正在寻找从
为什么我的 Instantiate 函数没有创建 That 的“空白”实例? 我有以下最小类: classdef That < handle properties This = '' end
Session session = HibernateUtil.getSessionFactory().openSession(); Transaction tx = session.beginTra
考虑以下几点: public class A { public String name = "i am a A instance"; } public class B extends A {
我正在使用 Scalr 来扩展网站服务器。 在 Apache 服务器上,我安装了 Sakai,并为 Linux 机器创建了一个启动脚本。 问题是,如何确保MySQL实例在Apache服务器启动之前启动
Android Realm DB 允许使用 Realm.getInstance() 获取多个实例。这些中的最佳实践是什么? :1.创建单个实例(应用程序范围)并在任何地方使用它2. 在需要时获取一个新
我很难理解为什么修改实例 a 中的属性会修改实例 b 中的相同属性。 var A = function (){ }; A.prototype.data = { value : 0 }; var
我将 Weka 用作更长管道的一部分,因此,我无法承受将所有数据写入文件或数据库只是为了创建一个 Instances。目的。我可以即时做的是创建 Instance 的列表对象。 来自 this pag
class C: def func(self, a): print(a) c = C() print(c.__dict__) # {} c.func = c.func # c.func i
Angular Routing 文档提到了组件实例创建、组件实例激活和路由激活。 文档没有解释这些概念的区别,以及每次创建/激活发生的时间。 问题 实例创建和实例激活有什么区别? 实例激活和路由激活有
我是一名优秀的程序员,十分优秀!