问题:
无法获取Spring Security OAuth2登录以触发
谢璞
我正在编写一个RESTfulweb服务(Jersey运行在Tomcat),它需要验证用户的电子邮件地址,并可能访问他们的Google日历。计划是用户将被重定向通过oauth2登录到Google。
我的web服务已经受到Spring Security的保护。它与基本身份验证(即用户和密码的硬连线列表)配合得很好如果我试图访问任何受保护的资源,系统会提示我登录。
现在我正在尝试连接Spring Security OAuth2。我的理解是,如果我试图访问一个受保护的资源,我将得到一个重定向到谷歌。
然而,无论我怎么尝试,我似乎都无法让OAuth开火。没有记录控制台错误,并且资源受到保护(我得到的错误是“访问此资源需要完全身份验证(full authentication is required to access this resource)”)。
事情不对劲;可能是我的配置,我的理解,或者两者兼而有之。如有建议,将不胜感激。
web.xml(部分):
<servlet-mapping>
<servlet-name>Jersey REST Service</servlet-name>
<url-pattern>/V1/*</url-pattern>
</servlet-mapping>
<listener>
<listener-class>
org.springframework.web.context.ContextLoaderListener
</listener-class>
</listener>
<filter>
<filter-name>springSecurityFilterChain</filter-name>
<filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
</filter>
<context-param>
<param-name>contextConfigLocation</param-name>
<param-value>/WEB-INF/spring/spring-security.xml</param-value>
</context-param>
<filter-mapping>
<filter-name>springSecurityFilterChain</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<beans:beans xmlns="http://www.springframework.org/schema/security"
xmlns:beans="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:context="http://www.springframework.org/schema/context"
xmlns:oauth="http://www.springframework.org/schema/security/oauth2"
xsi:schemaLocation="http://www.springframework.org/schema/beans
http://www.springframework.org/schema/beans/spring-beans-3.2.xsd
http://www.springframework.org/schema/security
http://www.springframework.org/schema/security/spring-security-3.2.xsd
http://www.springframework.org/schema/security/oauth2
http://www.springframework.org/schema/security/spring-security-oauth2-2.0.xsd">
<debug />
<oauth:client id="oauth2ClientFilter" />
<oauth:resource id="googleOauth2Resource"
type="authorization_code"
client-id="hidden"
client-secret="hidden"
access-token-uri="https://accounts.google.com/o/oauth2/v3/token"
user-authorization-uri="https://accounts.google.com/o/oauth2/auth"
scope="email" />
<http xmlns="http://www.springframework.org/schema/security" entry-point-ref="oauthAuthenticationEntryPoint" create-session="stateless">
<intercept-url pattern="/V1/**" access="IS_AUTHENTICATED_FULLY" />
<intercept-url pattern="/**" access="IS_AUTHENTICATED_ANONYMOUSLY" />
<custom-filter ref="oauth2ClientFilter" after="EXCEPTION_TRANSLATION_FILTER" />
<access-denied-handler ref="oauthAccessDeniedHandler" />
</http>
<oauth:rest-template id="googleOauthRestTemplate"
resource="googleOauth2Resource" />
<beans:bean id="oauthAuthenticationEntryPoint"
class="org.springframework.security.oauth2.provider.error.OAuth2AuthenticationEntryPoint">
</beans:bean>
<beans:bean id="oauthAccessDeniedHandler"
class="org.springframework.security.oauth2.provider.error.OAuth2AccessDeniedHandler">
</beans:bean>
<authentication-manager>
</authentication-manager>
</beans:beans>
共有1个答案
麹飞航
您收到响应:“访问此资源需要Full authentication is required to access this resource”的原因是OAuth2AuthenticationEntryPoint需要访问令牌。
如果您是接受带有访问令牌的请求的资源服务器,则使用oauth2authenticationentrypoint。但在您的情况下,您的意图似乎是作为依赖方,依赖谷歌返回访问令牌,这样您就可以代表用户访问谷歌上的数据。
所以你必须要做的就是遵循你在GitHub上找到的演示应用程序一样的流程:
- 用户访问安全endpoint
/test - 用户尚未通过身份验证,因此他将被重定向到
/login,如loginurlauthenticationentrypoint中所配置的
- 对
/login的请求再次通过filterchain,并在OpenIdConnectUthEnticationFilter中被拦截,其中其配置的OAuth2RestTemplate尝试检索用户信息。这将抛出UserRedirectRequireDexception,因为OAuth2ClientContext还没有检索用户信息的访问令牌。 OAuth2ClientContextFilter捕获抛出的UserRedirectRequiredException并将用户重定向到Google的授权页。
下面是调试日志,向您展示流程:
2016-09-11 02:32:34.361 DEBUG 41435 --- [nio-8080-exec-1] o.s.security.web.FilterChainProxy : /test at position 1 of 13 in additional filter chain; firing Filter: 'WebAsyncManagerIntegrationFilter'
2016-09-11 02:32:34.366 DEBUG 41435 --- [nio-8080-exec-1] o.s.security.web.FilterChainProxy : /test at position 2 of 13 in additional filter chain; firing Filter: 'SecurityContextPersistenceFilter'
2016-09-11 02:32:34.367 DEBUG 41435 --- [nio-8080-exec-1] w.c.HttpSessionSecurityContextRepository : No HttpSession currently exists
2016-09-11 02:32:34.367 DEBUG 41435 --- [nio-8080-exec-1] w.c.HttpSessionSecurityContextRepository : No SecurityContext was available from the HttpSession: null. A new one will be created.
2016-09-11 02:32:34.375 DEBUG 41435 --- [nio-8080-exec-1] o.s.security.web.FilterChainProxy : /test at position 3 of 13 in additional filter chain; firing Filter: 'HeaderWriterFilter'
2016-09-11 02:32:34.378 DEBUG 41435 --- [nio-8080-exec-1] o.s.s.w.header.writers.HstsHeaderWriter : Not injecting HSTS header since it did not match the requestMatcher org.springframework.security.web.header.writers.HstsHeaderWriter$SecureRequestMatcher@38511637
2016-09-11 02:32:34.379 DEBUG 41435 --- [nio-8080-exec-1] o.s.security.web.FilterChainProxy : /test at position 4 of 13 in additional filter chain; firing Filter: 'CsrfFilter'
2016-09-11 02:32:34.381 DEBUG 41435 --- [nio-8080-exec-1] o.s.security.web.FilterChainProxy : /test at position 5 of 13 in additional filter chain; firing Filter: 'LogoutFilter'
2016-09-11 02:32:34.382 DEBUG 41435 --- [nio-8080-exec-1] o.s.s.w.u.matcher.AntPathRequestMatcher : Request 'GET /test' doesn't match 'POST /logout
2016-09-11 02:32:34.382 DEBUG 41435 --- [nio-8080-exec-1] o.s.security.web.FilterChainProxy : /test at position 6 of 13 in additional filter chain; firing Filter: 'OAuth2ClientContextFilter'
2016-09-11 02:32:34.382 DEBUG 41435 --- [nio-8080-exec-1] o.s.security.web.FilterChainProxy : /test at position 7 of 13 in additional filter chain; firing Filter: 'OpenIDConnectAuthenticationFilter'
2016-09-11 02:32:34.383 DEBUG 41435 --- [nio-8080-exec-1] o.s.security.web.FilterChainProxy : /test at position 8 of 13 in additional filter chain; firing Filter: 'RequestCacheAwareFilter'
2016-09-11 02:32:34.383 DEBUG 41435 --- [nio-8080-exec-1] o.s.security.web.FilterChainProxy : /test at position 9 of 13 in additional filter chain; firing Filter: 'SecurityContextHolderAwareRequestFilter'
2016-09-11 02:32:34.385 DEBUG 41435 --- [nio-8080-exec-1] o.s.security.web.FilterChainProxy : /test at position 10 of 13 in additional filter chain; firing Filter: 'AnonymousAuthenticationFilter'
2016-09-11 02:32:34.396 DEBUG 41435 --- [nio-8080-exec-1] o.s.s.w.a.AnonymousAuthenticationFilter : Populated SecurityContextHolder with anonymous token: 'org.springframework.security.authentication.AnonymousAuthenticationToken@9055c2bc: Principal: anonymousUser; Credentials: [PROTECTED]; Authenticated: true; Details: org.springframework.security.web.authentication.WebAuthenticationDetails@b364: RemoteIpAddress: 0:0:0:0:0:0:0:1; SessionId: null; Granted Authorities: ROLE_ANONYMOUS'
2016-09-11 02:32:34.396 DEBUG 41435 --- [nio-8080-exec-1] o.s.security.web.FilterChainProxy : /test at position 11 of 13 in additional filter chain; firing Filter: 'SessionManagementFilter'
2016-09-11 02:32:34.405 DEBUG 41435 --- [nio-8080-exec-1] o.s.s.w.session.SessionManagementFilter : Requested session ID D2C2005BFB0AD21F3380BC0BE8326094 is invalid.
2016-09-11 02:32:34.405 DEBUG 41435 --- [nio-8080-exec-1] o.s.security.web.FilterChainProxy : /test at position 12 of 13 in additional filter chain; firing Filter: 'ExceptionTranslationFilter'
2016-09-11 02:32:34.406 DEBUG 41435 --- [nio-8080-exec-1] o.s.security.web.FilterChainProxy : /test at position 13 of 13 in additional filter chain; firing Filter: 'FilterSecurityInterceptor'
2016-09-11 02:32:34.407 DEBUG 41435 --- [nio-8080-exec-1] o.s.s.w.u.matcher.AntPathRequestMatcher : Checking match of request : '/test'; against '/'
2016-09-11 02:32:34.415 DEBUG 41435 --- [nio-8080-exec-1] o.s.s.w.u.matcher.AntPathRequestMatcher : Checking match of request : '/test'; against '/test'
2016-09-11 02:32:34.421 DEBUG 41435 --- [nio-8080-exec-1] o.s.s.w.a.i.FilterSecurityInterceptor : Secure object: FilterInvocation: URL: /test; Attributes: [authenticated]
2016-09-11 02:32:34.422 DEBUG 41435 --- [nio-8080-exec-1] o.s.s.w.a.i.FilterSecurityInterceptor : Previously Authenticated: org.springframework.security.authentication.AnonymousAuthenticationToken@9055c2bc: Principal: anonymousUser; Credentials: [PROTECTED]; Authenticated: true; Details: org.springframework.security.web.authentication.WebAuthenticationDetails@b364: RemoteIpAddress: 0:0:0:0:0:0:0:1; SessionId: null; Granted Authorities: ROLE_ANONYMOUS
2016-09-11 02:32:34.650 DEBUG 41435 --- [nio-8080-exec-1] o.s.s.access.vote.AffirmativeBased : Voter: org.springframework.security.web.access.expression.WebExpressionVoter@3f726a43, returned: -1
2016-09-11 02:32:34.676 DEBUG 41435 --- [nio-8080-exec-1] o.s.s.w.a.ExceptionTranslationFilter : Access is denied (user is anonymous); redirecting to authentication entry point
org.springframework.security.access.AccessDeniedException: Access is denied
at org.springframework.security.access.vote.AffirmativeBased.decide(AffirmativeBased.java:83)
at org.springframework.security.access.intercept.AbstractSecurityInterceptor.beforeInvocation(AbstractSecurityInterceptor.java:206)
at org.springframework.security.web.access.intercept.FilterSecurityInterceptor.invoke(FilterSecurityInterceptor.java:115)
at org.springframework.security.web.access.intercept.FilterSecurityInterceptor.doFilter(FilterSecurityInterceptor.java:84)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342)
at org.springframework.security.web.access.ExceptionTranslationFilter.doFilter(ExceptionTranslationFilter.java:113)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342)
at org.springframework.security.web.session.SessionManagementFilter.doFilter(SessionManagementFilter.java:103)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342)
at org.springframework.security.web.authentication.AnonymousAuthenticationFilter.doFilter(AnonymousAuthenticationFilter.java:113)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342)
at org.springframework.security.web.servletapi.SecurityContextHolderAwareRequestFilter.doFilter(SecurityContextHolderAwareRequestFilter.java:154)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342)
at org.springframework.security.web.savedrequest.RequestCacheAwareFilter.doFilter(RequestCacheAwareFilter.java:45)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342)
at org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter.doFilter(AbstractAuthenticationProcessingFilter.java:199)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342)
at org.springframework.security.oauth2.client.filter.OAuth2ClientContextFilter.doFilter(OAuth2ClientContextFilter.java:57)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342)
at org.springframework.security.web.authentication.logout.LogoutFilter.doFilter(LogoutFilter.java:110)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342)
at org.springframework.security.web.csrf.CsrfFilter.doFilterInternal(CsrfFilter.java:85)
at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342)
at org.springframework.security.web.header.HeaderWriterFilter.doFilterInternal(HeaderWriterFilter.java:57)
at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342)
at org.springframework.security.web.context.SecurityContextPersistenceFilter.doFilter(SecurityContextPersistenceFilter.java:87)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342)
at org.springframework.security.web.context.request.async.WebAsyncManagerIntegrationFilter.doFilterInternal(WebAsyncManagerIntegrationFilter.java:50)
at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342)
at org.springframework.security.web.FilterChainProxy.doFilterInternal(FilterChainProxy.java:192)
at org.springframework.security.web.FilterChainProxy.doFilter(FilterChainProxy.java:160)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
at org.springframework.security.oauth2.client.filter.OAuth2ClientContextFilter.doFilter(OAuth2ClientContextFilter.java:57)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:220)
at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:122)
at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:503)
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:170)
at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:103)
at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:116)
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:421)
at org.apache.coyote.http11.AbstractHttp11Processor.process(AbstractHttp11Processor.java:1070)
at org.apache.coyote.AbstractProtocol$AbstractConnectionHandler.process(AbstractProtocol.java:611)
at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1736)
at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.run(NioEndpoint.java:1695)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617)
at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61)
at java.lang.Thread.run(Thread.java:745)
2016-09-11 02:32:34.678 DEBUG 41435 --- [nio-8080-exec-1] o.s.s.w.util.matcher.AndRequestMatcher : Trying to match using Ant [pattern='/**', GET]
2016-09-11 02:32:34.678 DEBUG 41435 --- [nio-8080-exec-1] o.s.s.w.u.matcher.AntPathRequestMatcher : Request '/test' matched by universal pattern '/**'
2016-09-11 02:32:34.679 DEBUG 41435 --- [nio-8080-exec-1] o.s.s.w.util.matcher.AndRequestMatcher : Trying to match using NegatedRequestMatcher [requestMatcher=Ant [pattern='/**/favicon.ico']]
2016-09-11 02:32:34.679 DEBUG 41435 --- [nio-8080-exec-1] o.s.s.w.u.matcher.AntPathRequestMatcher : Checking match of request : '/test'; against '/**/favicon.ico'
2016-09-11 02:32:34.679 DEBUG 41435 --- [nio-8080-exec-1] o.s.s.w.u.matcher.NegatedRequestMatcher : matches = true
2016-09-11 02:32:34.679 DEBUG 41435 --- [nio-8080-exec-1] o.s.s.w.util.matcher.AndRequestMatcher : Trying to match using NegatedRequestMatcher [requestMatcher=MediaTypeRequestMatcher [contentNegotiationStrategy=org.springframework.web.accept.ContentNegotiationManager@7f127599, matchingMediaTypes=[application/json], useEquals=false, ignoredMediaTypes=[*/*]]]
2016-09-11 02:32:34.689 DEBUG 41435 --- [nio-8080-exec-1] o.s.s.w.u.m.MediaTypeRequestMatcher : httpRequestMediaTypes=[text/html, application/xhtml+xml, image/webp, application/xml;q=0.9, */*;q=0.8]
2016-09-11 02:32:34.689 DEBUG 41435 --- [nio-8080-exec-1] o.s.s.w.u.m.MediaTypeRequestMatcher : Processing text/html
2016-09-11 02:32:34.689 DEBUG 41435 --- [nio-8080-exec-1] o.s.s.w.u.m.MediaTypeRequestMatcher : application/json .isCompatibleWith text/html = false
2016-09-11 02:32:34.689 DEBUG 41435 --- [nio-8080-exec-1] o.s.s.w.u.m.MediaTypeRequestMatcher : Processing application/xhtml+xml
2016-09-11 02:32:34.691 DEBUG 41435 --- [nio-8080-exec-1] o.s.s.w.u.m.MediaTypeRequestMatcher : application/json .isCompatibleWith application/xhtml+xml = false
2016-09-11 02:32:34.692 DEBUG 41435 --- [nio-8080-exec-1] o.s.s.w.u.m.MediaTypeRequestMatcher : Processing image/webp
2016-09-11 02:32:34.692 DEBUG 41435 --- [nio-8080-exec-1] o.s.s.w.u.m.MediaTypeRequestMatcher : application/json .isCompatibleWith image/webp = false
2016-09-11 02:32:34.697 DEBUG 41435 --- [nio-8080-exec-1] o.s.s.w.u.m.MediaTypeRequestMatcher : Processing application/xml;q=0.9
2016-09-11 02:32:34.699 DEBUG 41435 --- [nio-8080-exec-1] o.s.s.w.u.m.MediaTypeRequestMatcher : application/json .isCompatibleWith application/xml;q=0.9 = false
2016-09-11 02:32:34.703 DEBUG 41435 --- [nio-8080-exec-1] o.s.s.w.u.m.MediaTypeRequestMatcher : Processing */*;q=0.8
2016-09-11 02:32:34.705 DEBUG 41435 --- [nio-8080-exec-1] o.s.s.w.u.m.MediaTypeRequestMatcher : Ignoring
2016-09-11 02:32:34.707 DEBUG 41435 --- [nio-8080-exec-1] o.s.s.w.u.m.MediaTypeRequestMatcher : Did not match any media types
2016-09-11 02:32:34.707 DEBUG 41435 --- [nio-8080-exec-1] o.s.s.w.u.matcher.NegatedRequestMatcher : matches = true
2016-09-11 02:32:34.707 DEBUG 41435 --- [nio-8080-exec-1] o.s.s.w.util.matcher.AndRequestMatcher : Trying to match using NegatedRequestMatcher [requestMatcher=RequestHeaderRequestMatcher [expectedHeaderName=X-Requested-With, expectedHeaderValue=XMLHttpRequest]]
2016-09-11 02:32:34.708 DEBUG 41435 --- [nio-8080-exec-1] o.s.s.w.u.matcher.NegatedRequestMatcher : matches = true
2016-09-11 02:32:34.709 DEBUG 41435 --- [nio-8080-exec-1] o.s.s.w.util.matcher.AndRequestMatcher : All requestMatchers returned true
2016-09-11 02:32:34.759 DEBUG 41435 --- [nio-8080-exec-1] o.s.s.w.s.HttpSessionRequestCache : DefaultSavedRequest added to Session: DefaultSavedRequest[http://localhost:8080/test]
2016-09-11 02:32:34.759 DEBUG 41435 --- [nio-8080-exec-1] o.s.s.w.a.ExceptionTranslationFilter : Calling Authentication entry point.
2016-09-11 02:32:34.760 DEBUG 41435 --- [nio-8080-exec-1] o.s.s.web.DefaultRedirectStrategy : Redirecting to 'http://localhost:8080/login'
2016-09-11 02:32:34.761 DEBUG 41435 --- [nio-8080-exec-1] w.c.HttpSessionSecurityContextRepository : SecurityContext is empty or contents are anonymous - context will not be stored in HttpSession.
2016-09-11 02:32:34.761 DEBUG 41435 --- [nio-8080-exec-1] s.s.w.c.SecurityContextPersistenceFilter : SecurityContextHolder now cleared, as request processing completed
2016-09-11 02:32:35.059 DEBUG 41435 --- [nio-8080-exec-2] o.s.security.web.FilterChainProxy : /login at position 1 of 13 in additional filter chain; firing Filter: 'WebAsyncManagerIntegrationFilter'
2016-09-11 02:32:35.059 DEBUG 41435 --- [nio-8080-exec-2] o.s.security.web.FilterChainProxy : /login at position 2 of 13 in additional filter chain; firing Filter: 'SecurityContextPersistenceFilter'
2016-09-11 02:32:35.059 DEBUG 41435 --- [nio-8080-exec-2] w.c.HttpSessionSecurityContextRepository : HttpSession returned null object for SPRING_SECURITY_CONTEXT
2016-09-11 02:32:35.059 DEBUG 41435 --- [nio-8080-exec-2] w.c.HttpSessionSecurityContextRepository : No SecurityContext was available from the HttpSession: org.apache.catalina.session.StandardSessionFacade@7ff7af51. A new one will be created.
2016-09-11 02:32:35.060 DEBUG 41435 --- [nio-8080-exec-2] o.s.security.web.FilterChainProxy : /login at position 3 of 13 in additional filter chain; firing Filter: 'HeaderWriterFilter'
2016-09-11 02:32:35.060 DEBUG 41435 --- [nio-8080-exec-2] o.s.s.w.header.writers.HstsHeaderWriter : Not injecting HSTS header since it did not match the requestMatcher org.springframework.security.web.header.writers.HstsHeaderWriter$SecureRequestMatcher@38511637
2016-09-11 02:32:35.060 DEBUG 41435 --- [nio-8080-exec-2] o.s.security.web.FilterChainProxy : /login at position 4 of 13 in additional filter chain; firing Filter: 'CsrfFilter'
2016-09-11 02:32:35.060 DEBUG 41435 --- [nio-8080-exec-2] o.s.security.web.FilterChainProxy : /login at position 5 of 13 in additional filter chain; firing Filter: 'LogoutFilter'
2016-09-11 02:32:35.061 DEBUG 41435 --- [nio-8080-exec-2] o.s.s.w.u.matcher.AntPathRequestMatcher : Request 'GET /login' doesn't match 'POST /logout
2016-09-11 02:32:35.061 DEBUG 41435 --- [nio-8080-exec-2] o.s.security.web.FilterChainProxy : /login at position 6 of 13 in additional filter chain; firing Filter: 'OAuth2ClientContextFilter'
2016-09-11 02:32:35.062 DEBUG 41435 --- [nio-8080-exec-2] o.s.security.web.FilterChainProxy : /login at position 7 of 13 in additional filter chain; firing Filter: 'OpenIDConnectAuthenticationFilter'
2016-09-11 02:32:35.187 DEBUG 41435 --- [nio-8080-exec-2] o.s.s.web.DefaultRedirectStrategy : Redirecting to 'https://accounts.google.com/o/oauth2/auth?client_id=%3Cclient_id%3E&redirect_uri=http%3A%2F%2Flocalhost%3A8080%2Flogin&response_type=code&scope=openid&state=19P08W'
2016-09-11 02:32:35.187 DEBUG 41435 --- [nio-8080-exec-2] w.c.HttpSessionSecurityContextRepository : SecurityContext is empty or contents are anonymous - context will not be stored in HttpSession.
2016-09-11 02:32:35.188 DEBUG 41435 --- [nio-8080-exec-2] s.s.w.c.SecurityContextPersistenceFilter : SecurityContextHolder now cleared, as request processing completed
此外,在示例代码中,请注意@enableoauth2client,它导入了oauth2clientconfiguration。
类似资料:
-
问题内容: 嗨,您已经用yeoman,grunt和bower创建了一个angularJS应用程序。我已经为应用程序启用了html5Mode。及其工作。但是,当我刷新页面(localhost:9000 / login)时,它说 这是应用程序结构 这是我的 app.js 路由 这是我的Gruntfile.js 我已经解决了这个问题。根据已接受的答案,我将Gruntfile.js更改为以下内容。 但是刷
-
我一直在尝试将Firebase Google Login集成到我的应用程序中,但我得到了com.Google.android.gms.common.api.apiException:10: 基于这个堆栈溢出问题,我甚至尝试使用WebClient客户端ID,但仍然得到相同的错误! 基于这个堆栈溢出问题,我输入了调试密钥库SHA1、SHA256并启用了Google登录 在Android方面,我关注了这
-
因此,我已经阅读了所有关于创建会话和自动登录的jsoup文章。阅读有关cookie问题的问题。因此,使用所有这些示例,我创建了一些JAVA代码来登录到特定站点。但每次我登录或尝试登录时,我都会被重定向回登录页面。 使用loginForm我获得所需的cookie 然后我使用Forms操作URL发布我的登录信息 然后我应该登录,但它是重新定向到登录。我可以在loginDoc对象解析中看到这一点。 问题
-
我尝试使用这个简单的代码登录,但在我点击登录按钮后,else选项“无效用户名或密码!”总是出现,即使用户名和密码是匹配的 控制器:
-
我正在现有的JavaSpring应用程序中实现kerberos身份验证。我的unix团队为我提供了SPN,krb5。conf和keytab文件。我正在努力使用下面的代码和配置,但无法从下面附加的日志中的用户异常中获取密码。 有人能纠正我吗?如果我做错了什么或者可能出了什么问题?如果你需要更多关于这方面的信息,请告诉我。如果有人能告诉我,如何验证kerberos配置是否正确,那就太好了? 以下是我尝
-
每当我试图打开 致命错误:未捕获错误:调用C:\xampp\htdocs\wordpress\wp includes\wp db中未定义的函数mysql\u connect()。php:1668堆栈跟踪:#0 C:\xampp\htdocs\wordpress\wp includes\wp db。php(632):wpdb- 致命错误:未捕获错误:调用C:\xampp\htdocs\wordpre