我遇到了Spring SocialAuthenticationFilter的问题,我发现它已经加载到过滤器链中但是当我访问“/ auth / facebook?code = ...”时,它不会处理该输入 .
这是我的WebSecurityConfig的配置方法:
@Override
protected void configure(HttpSecurity http) throws Exception {
//@formatter:off
http
.csrf().disable()
.sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS)
.and()
.authorizeRequests()
.antMatchers("/oauth/token").permitAll()
.antMatchers("/auth/**").permitAll()
.antMatchers(HttpMethod.OPTIONS, "/oauth/token").permitAll()
.anyRequest().authenticated()
.and()
.apply(new SpringSocialConfigurer());
//@formatter:on
}
在输出中我得到关于过滤器链:
2015-07-06 12:42:08.400 INFO 28531 --- [ost-startStop-1] o.s.s.web.DefaultSecurityFilterChain : Creating filter chain: org.springframework.security.web.util.matcher.AnyRequestMatcher@1, [org.springframework.security.web.context.request.async.WebAsyncManagerIntegrationFilter@4cb4e09b, org.springframework.security.web.context.SecurityContextPersistenceFilter@4ac65d33, org.springframework.security.web.header.HeaderWriterFilter@3181e122, org.springframework.security.web.authentication.logout.LogoutFilter@3492e7fd,
org.springframework.social.security.SocialAuthenticationFilter@1b2b4922
,org.springframework.security.web.savedrequest.RequestCacheAwareFilter@392294cd, org.springframework.security.web.servletapi.SecurityContextHolderAwareRequestFilter@794fa3a, org.springframework.security.web.authentication.AnonymousAuthenticationFilter@3f3e8762, org.springframework.security.web.session.SessionManagementFilter@3d31d08d, org.springframework.security.web.access.ExceptionTranslationFilter@31e84fe1, org.springframework.security.web.access.intercept.FilterSecurityInterceptor@d8d9225]
关于URL匹配:
2015-07-06 12:43:22.075 DEBUG 28531 --- [nio-8080-exec-2] o.s.s.w.u.matcher.AntPathRequestMatcher : Checking match of request : '/auth/facebook'; against '/css/**'
2015-07-06 12:43:22.075 DEBUG 28531 --- [nio-8080-exec-2] o.s.s.w.u.matcher.AntPathRequestMatcher : Checking match of request : '/auth/facebook'; against '/js/**'
2015-07-06 12:43:22.075 DEBUG 28531 --- [nio-8080-exec-2] o.s.s.w.u.matcher.AntPathRequestMatcher : Checking match of request : '/auth/facebook'; against '/images/**'
2015-07-06 12:43:22.075 DEBUG 28531 --- [nio-8080-exec-2] o.s.s.w.u.matcher.AntPathRequestMatcher : Checking match of request : '/auth/facebook'; against '/**/favicon.ico'
2015-07-06 12:43:22.075 DEBUG 28531 --- [nio-8080-exec-2] o.s.s.w.u.matcher.AntPathRequestMatcher : Checking match of request : '/auth/facebook'; against '/info'
2015-07-06 12:43:22.075 DEBUG 28531 --- [nio-8080-exec-2] o.s.s.w.u.matcher.AntPathRequestMatcher : Checking match of request : '/auth/facebook'; against '/health'
2015-07-06 12:43:22.076 DEBUG 28531 --- [nio-8080-exec-2] o.s.s.w.u.matcher.AntPathRequestMatcher : Checking match of request : '/auth/facebook'; against '/error'
2015-07-06 12:43:22.076 DEBUG 28531 --- [nio-8080-exec-2] o.s.s.web.util.matcher.OrRequestMatcher : Trying to match using Ant [pattern='/oauth/token']
2015-07-06 12:43:22.076 DEBUG 28531 --- [nio-8080-exec-2] o.s.s.w.u.matcher.AntPathRequestMatcher : Checking match of request : '/auth/facebook'; against '/oauth/token'
2015-07-06 12:43:22.076 DEBUG 28531 --- [nio-8080-exec-2] o.s.s.web.util.matcher.OrRequestMatcher : Trying to match using Ant [pattern='/oauth/token_key']
2015-07-06 12:43:22.076 DEBUG 28531 --- [nio-8080-exec-2] o.s.s.w.u.matcher.AntPathRequestMatcher : Checking match of request : '/auth/facebook'; against '/oauth/token_key'
2015-07-06 12:43:22.076 DEBUG 28531 --- [nio-8080-exec-2] o.s.s.web.util.matcher.OrRequestMatcher : Trying to match using Ant [pattern='/oauth/check_token']
2015-07-06 12:43:22.076 DEBUG 28531 --- [nio-8080-exec-2] o.s.s.w.u.matcher.AntPathRequestMatcher : Checking match of request : '/auth/facebook'; against '/oauth/check_token'
2015-07-06 12:43:22.076 DEBUG 28531 --- [nio-8080-exec-2] o.s.s.web.util.matcher.OrRequestMatcher : No matches found
2015-07-06 12:43:22.076 DEBUG 28531 --- [nio-8080-exec-2] o.s.s.web.util.matcher.OrRequestMatcher : Trying to match using org.springframework.security.web.util.matcher.AnyRequestMatcher@1
2015-07-06 12:43:22.076 DEBUG 28531 --- [nio-8080-exec-2] o.s.s.web.util.matcher.OrRequestMatcher : matched
2015-07-06 12:43:22.076 DEBUG 28531 --- [nio-8080-exec-2] o.s.security.web.FilterChainProxy : /auth/facebook?code=AQB2OSMHtYeuu-***-5tQvCyxOGkZCQsnAxFgCKYRE248MXPqEb5VI63W6IJrNyw36losbP3qx73 at position 1 of 11 in additional filter chain; firing Filter: 'WebAsyncManagerIntegrationFilter'
2015-07-06 12:43:22.076 DEBUG 28531 --- [nio-8080-exec-2] o.s.security.web.FilterChainProxy : /auth/facebook?code=AQB2OSMHtYeuu-***-5tQvCyxOGkZCQsnAxFgCKYRE248MXPqEb5VI63W6IJrNyw36losbP3qx73 at position 2 of 11 in additional filter chain; firing Filter: 'SecurityContextPersistenceFilter'
2015-07-06 12:43:22.076 DEBUG 28531 --- [nio-8080-exec-2] o.s.security.web.FilterChainProxy : /auth/facebook?code=AQB2OSMHtYeuu-***-5tQvCyxOGkZCQsnAxFgCKYRE248MXPqEb5VI63W6IJrNyw36losbP3qx73 at position 3 of 11 in additional filter chain; firing Filter: 'HeaderWriterFilter'
2015-07-06 12:43:22.077 DEBUG 28531 --- [nio-8080-exec-2] o.s.s.w.header.writers.HstsHeaderWriter : Not injecting HSTS header since it did not match the requestMatcher org.springframework.security.web.header.writers.HstsHeaderWriter$SecureRequestMatcher@3f8843c2
2015-07-06 12:43:22.077 DEBUG 28531 --- [nio-8080-exec-2] o.s.security.web.FilterChainProxy : /auth/facebook?code=AQB2OSMHtYeuu-***-5tQvCyxOGkZCQsnAxFgCKYRE248MXPqEb5VI63W6IJrNyw36losbP3qx73 at position 4 of 11 in additional filter chain; firing Filter: 'LogoutFilter'
2015-07-06 12:43:22.077 DEBUG 28531 --- [nio-8080-exec-2] o.s.s.w.u.matcher.AntPathRequestMatcher : Checking match of request : '/auth/facebook'; against '/logout'
2015-07-06 12:43:22.077 DEBUG 28531 --- [nio-8080-exec-2] o.s.security.web.FilterChainProxy : /auth/facebook?code=AQB2OSMHtYeuu-***-5tQvCyxOGkZCQsnAxFgCKYRE248MXPqEb5VI63W6IJrNyw36losbP3qx73 at position 5 of 11 in additional filter chain; firing Filter: 'OAuth2AuthenticationProcessingFilter'
2015-07-06 12:43:22.077 DEBUG 28531 --- [nio-8080-exec-2] o.s.s.o.p.a.BearerTokenExtractor : Token not found in headers. Trying request parameters.
2015-07-06 12:43:22.077 DEBUG 28531 --- [nio-8080-exec-2] o.s.s.o.p.a.BearerTokenExtractor : Token not found in request parameters. Not an OAuth2 request.
2015-07-06 12:43:22.077 DEBUG 28531 --- [nio-8080-exec-2] p.a.OAuth2AuthenticationProcessingFilter : No token in request, will continue chain.
2015-07-06 12:43:22.077 DEBUG 28531 --- [nio-8080-exec-2] o.s.security.web.FilterChainProxy : /auth/facebook?code=AQB2OSMHtYeuu-***-5tQvCyxOGkZCQsnAxFgCKYRE248MXPqEb5VI63W6IJrNyw36losbP3qx73 at position 6 of 11 in additional filter chain; firing Filter: 'RequestCacheAwareFilter'
2015-07-06 12:43:22.077 DEBUG 28531 --- [nio-8080-exec-2] o.s.security.web.FilterChainProxy : /auth/facebook?code=AQB2OSMHtYeuu-***-5tQvCyxOGkZCQsnAxFgCKYRE248MXPqEb5VI63W6IJrNyw36losbP3qx73 at position 7 of 11 in additional filter chain; firing Filter: 'SecurityContextHolderAwareRequestFilter'
2015-07-06 12:43:22.077 DEBUG 28531 --- [nio-8080-exec-2] o.s.security.web.FilterChainProxy : /auth/facebook?code=AQB2OSMHtYeuu-***-5tQvCyxOGkZCQsnAxFgCKYRE248MXPqEb5VI63W6IJrNyw36losbP3qx73 at position 8 of 11 in additional filter chain; firing Filter: 'AnonymousAuthenticationFilter'
2015-07-06 12:43:22.078 DEBUG 28531 --- [nio-8080-exec-2] o.s.s.w.a.AnonymousAuthenticationFilter : Populated SecurityContextHolder with anonymous token: 'org.springframework.security.authentication.AnonymousAuthenticationToken@9055e4a6: Principal: anonymousUser; Credentials: [PROTECTED]; Authenticated: true; Details: org.springframework.security.web.authentication.WebAuthenticationDetails@957e: RemoteIpAddress: 127.0.0.1; SessionId: null; Granted Authorities: ROLE_ANONYMOUS'
2015-07-06 12:43:22.078 DEBUG 28531 --- [nio-8080-exec-2] o.s.security.web.FilterChainProxy : /auth/facebook?code=AQB2OSMHtYeuu-***-5tQvCyxOGkZCQsnAxFgCKYRE248MXPqEb5VI63W6IJrNyw36losbP3qx73 at position 9 of 11 in additional filter chain; firing Filter: 'SessionManagementFilter'
2015-07-06 12:43:22.078 DEBUG 28531 --- [nio-8080-exec-2] o.s.security.web.FilterChainProxy : /auth/facebook?code=AQB2OSMHtYeuu-***-5tQvCyxOGkZCQsnAxFgCKYRE248MXPqEb5VI63W6IJrNyw36losbP3qx73 at position 10 of 11 in additional filter chain; firing Filter: 'ExceptionTranslationFilter'
2015-07-06 12:43:22.078 DEBUG 28531 --- [nio-8080-exec-2] o.s.security.web.FilterChainProxy : /auth/facebook?code=AQB2OSMHtYeuu-***-5tQvCyxOGkZCQsnAxFgCKYRE248MXPqEb5VI63W6IJrNyw36losbP3qx73 at position 11 of 11 in additional filter chain; firing Filter: 'FilterSecurityInterceptor'
2015-07-06 12:43:22.078 DEBUG 28531 --- [nio-8080-exec-2] o.s.s.w.a.i.FilterSecurityInterceptor : Secure object: FilterInvocation: URL: /auth/facebook?code=AQB2OSMHtYeuu-***-5tQvCyxOGkZCQsnAxFgCKYRE248MXPqEb5VI63W6IJrNyw36losbP3qx73; Attributes: [#oauth2.throwOnError(permitAll)]
2015-07-06 12:43:22.078 DEBUG 28531 --- [nio-8080-exec-2] o.s.s.w.a.i.FilterSecurityInterceptor : Previously Authenticated: org.springframework.security.authentication.AnonymousAuthenticationToken@9055e4a6: Principal: anonymousUser; Credentials: [PROTECTED]; Authenticated: true; Details: org.springframework.security.web.authentication.WebAuthenticationDetails@957e: RemoteIpAddress: 127.0.0.1; SessionId: null; Granted Authorities: ROLE_ANONYMOUS
2015-07-06 12:43:22.079 DEBUG 28531 --- [nio-8080-exec-2] o.s.s.access.vote.AffirmativeBased : Voter: org.springframework.security.web.access.expression.WebExpressionVoter@361b4478, returned: 1
2015-07-06 12:43:22.079 DEBUG 28531 --- [nio-8080-exec-2] o.s.s.w.a.i.FilterSecurityInterceptor : Authorization successful
2015-07-06 12:43:22.079 DEBUG 28531 --- [nio-8080-exec-2] o.s.s.w.a.i.FilterSecurityInterceptor : RunAsManager did not change Authentication object
2015-07-06 12:43:22.079 DEBUG 28531 --- [nio-8080-exec-2] o.s.security.web.FilterChainProxy : /auth/facebook?code=AQB2OSMHtYeuu-***-5tQvCyxOGkZCQsnAxFgCKYRE248MXPqEb5VI63W6IJrNyw36losbP3qx73 reached end of additional filter chain; proceeding with original chain
2015-07-06 12:43:22.085 DEBUG 28531 --- [nio-8080-exec-2] .s.o.p.e.FrameworkEndpointHandlerMapping : Looking up handler method for path /auth/facebook
2015-07-06 12:43:22.086 DEBUG 28531 --- [nio-8080-exec-2] .s.o.p.e.FrameworkEndpointHandlerMapping : Did not find handler method for [/auth/facebook]
2015-07-06 12:43:22.088 DEBUG 28531 --- [nio-8080-exec-2] o.s.s.w.a.ExceptionTranslationFilter : Chain processed normally
2015-07-06 12:43:22.089 DEBUG 28531 --- [nio-8080-exec-2] s.s.w.c.SecurityContextPersistenceFilter : SecurityContextHolder now cleared, as request processing completed
如果你看错了,请告诉我,或者你可以建议一个调试方法 .
谢谢!