我创建了一个新的spring boot 2项目,以便使用eureka服务器创建微服务,使用zuul代理创建api网关,并尝试微服务之间的相互通信 .
但是,为了安全起见,试图为api网关实现oauth . 但是现在我在spring 1.x版本中用来获取访问令牌的 'oauth/token' endpoints 在spring boot 2中不起作用 .
正如我用Google搜索, spring boot 2 经历了一些更改 spring security 5 到默认加密和解密
-
client-id
-
客户秘密
-
用户密码
同样在mysql数据库中也改变了这一点,使用带有prefiexed的bcrypted数据作为 使用了Bcrypt,也可以匹配用户输入的凭据 .
但是,请求:http://localhost:8030/oauth/token?grant_type=password&username=XXXX@sdf.com&password=yyyyy
将401作为回复未经授权返回给我
{“timestamp”:“2018-06-28T17:31:07.181 0000”,“status”:401,“error”:“Unauthorized”,“message”:“Unauthorized”,“path”:“/ oauth / token “}
它在spring boot 1.x版本中运行顺利,但在spring boot 2.0中没有 . 我不知道我做错了什么 . 因为我坚持这个,请扔一些灯 .
如果我错了或在下面发表评论如果问题需要更清楚,请更正我 . 所以我用一些有用的代码片段来更新问题 . 请建议一些演示或任何来源了解 . 任何小帮助将不胜感激 .
Edited with - Log details:
:: Spring Boot ::(v2.0.3.RELEASE)2018-06-30 00:26:01.086 INFO 1396 --- [main] org.hibernate.Version:HHH000412:Hibernate Core {5.2.17.Final} 2018 -06-30 00:26:01.088 INFO 1396 --- [main] org.hibernate.cfg.Environment:HHH000206:找不到hibernate.properties 2018-06-30 00:26:01.138 INFO 1396 --- [main] o.hibernate.annotations.common.Version:HCANN000001:Hibernate Commons Annotations {5.0.1.Final} 2018-06-30 00:26:01.388 INFO 1396 --- [main] org.hibernate.dialect.Dialect:HHH000400:使用方言:org.hibernate.dialect.MySQL5Dialect 2018-06-30 00:26:02.115 INFO 1396 --- [main] j.LocalContainerEntityManagerFactoryBean:初始化JPA EntityManagerFactory for persistence unit'default'2018-06-30 00:26: 02.359 DEBUG 1396 --- [main] .sopeFrameworkEndpointHandlerMapping:在应用程序上下文中查找请求映射:org.springframework.boot.web.servlet.context.AnnotationConfigServletWebServerApplicationContext@515aebb0:启动日期[Sat Jun 30 00:25:55 IST 2018 ] . 上下文层次结构2018-06-30 00:26:02.373 DEBUG 1396 --- [main] .sopeFrameworkEndpointHandlerMapping:在类org.springframework.security.oauth2.provider.endpoint.AuthorizationEndpoint上找到2个请求处理程序方法:{public org .springframework.web.servlet.ModelAndView org.springframework.security.oauth2.provider.endpoint.AuthorizationEndpoint.authorize(java.util.Map,java.util.Map,org.springframework.web.bind.support.SessionStatus,java . security.Principal)= {[/ oauth / authorize]},public org.springframework.web.servlet.View org.springframework.security.oauth2.provider.endpoint.AuthorizationEndpoint.approveOrDeny(java.util.Map,java.util . Map,org.springframework.web.bind.support.SessionStatus,java.security.Principal)= {[/ oauth / authorize],methods = [POST],params = [user_oauth_approval]}} 2018-06-30 00:26 :02.377 INFO 1396 --- [main] .sopeFrameworkEndpointHandlerMapping:将“{[/ oauth / authorize]}”映射到公共org.springframework.web.servlet.ModelAndView org.springframework.s ecurity.oauth2.provider.endpoint.AuthorizationEndpoint.authorize(java.util.Map,java.util.Map,org.springframework.web.bind.support.SessionStatus,java.security.Principal)2018-06-30 00:26 :02.381 INFO 1396 --- [main] .sopeFrameworkEndpointHandlerMapping:将“{[/ oauth / authorize],methods = [POST],params = [user_oauth_approval]}”映射到公共org.springframework.web.servlet.View组织 . springframework.security.oauth2.provider.endpoint.AuthorizationEndpoint.approveOrDeny(java.util.Map,java.util.Map,org.springframework.web.bind.support.SessionStatus,java.security.Principal)2018-06-30 00 :26:02.384 DEBUG 1396 --- [main] .sopeFrameworkEndpointHandlerMapping:在类org.springframework.security.oauth2.provider.endpoint.TokenEndpoint上找到2个请求处理程序方法:{public org.springframework.http.ResponseEntity org.springframework . security.oauth2.provider.endpoint.TokenEndpoint.getAccessToken(java.security.Principal,java.util.Map)抛出org.springframework.web.HttpRequestMethodNotSupp ortedException = {[/ oauth / token],methods = [GET]},publicorg.springframework.http.ResponseEntity org.springframework.security.oauth2.provider.endpoint.TokenEndpoint.postAccessToken(java.security.Principal,java.util.Map)throws org.springframework.web.HttpRequestMethodNotSupportedException = {[/ oauth / token ],methods = [POST]}} 2018-06-30 00:26:02.386 INFO 1396 --- [main] .sopeFrameworkEndpointHandlerMapping:将“{[/ oauth / token],methods = [GET]}”映射到公共场所org.springframework.http.ResponseEntity org.springframework.security.oauth2.provider.endpoint.TokenEndpoint.getAccessToken(java.security.Principal,java.util.Map)throws org.springframework.web.HttpRequestMethodNotSupportedException 2018-06-30 00: 26:02.387 INFO 1396 --- [main] .sopeFrameworkEndpointHandlerMapping:将“{[/ oauth / token],methods = [POST]}”映射到公共org.springframework.http.ResponseEntity org.springframework.security.oauth2.provider .endpoint.TokenEndpoint.postAccessToken(java.security.Principal,java.util.Map)抛出org.springframework.web.HttpRequestMethodNotSuppo rtedException 2018-06-30 00:26:02.390 DEBUG 1396 --- [main] .sopeFrameworkEndpointHandlerMapping:在类org.springframework.security.oauth2.provider.endpoint.CheckTokenEndpoint上找到1个请求处理程序方法:{public java.util . Map org.springframework.security.oauth2.provider.endpoint.CheckTokenEndpoint.checkToken(java.lang.String)= {[/ oauth / check_token]}} 2018-06-30 00:26:02.392 INFO 1396 --- [main ] .sopeFrameworkEndpointHandlerMapping:将“{[/ oauth / check_token]}”映射到公共java.util.Map org.springframework.security.oauth2.provider.endpoint.CheckTokenEndpoint.checkToken(java.lang.String)2018-06-30 00:26:02.394 DEBUG 1396 --- [main] .sopeFrameworkEndpointHandlerMapping:在类org.springframework.security.oauth2.provider.endpoint.WhitelabelApprovalEndpoint上找到1个请求处理程序方法:{public org.springframework.web.servlet.ModelAndView org .springframework.security.oauth2.provider.endpoint.WhitelabelApprovalEndpoint.getAccessConfirmation(java.util.Map,J avax.servlet.http.HttpServletRequest)抛出java.lang.Exception = {[/ oauth / confirm_access]}} 2018-06-30 00:26:02.397 INFO 1396 --- [main] .sopeFrameworkEndpointHandlerMapping:Mapped“{[ / oauth / confirm_access]}“on public org.springframework.web.servlet.ModelAndView org.springframework.security.oauth2.provider.endpoint.WhitelabelApprovalEndpoint.getAccessConfirmation(java.util.Map,javax.servlet.http.HttpServletRequest)抛出java .lang.Exception 2018-06-30 00:26:02.399 DEBUG 1396 --- [main] .sopeFrameworkEndpointHandlerMapping:在类org.springframework.security.oauth2.provider.endpoint.WhitelabelErrorEndpoint上找到1个请求处理程序方法:{public org .springframework.web.servlet.ModelAndView org.springframework.security.oauth2.provider.endpoint.WhitelabelErrorEndpoint.handleError(javax.servlet.http.HttpServletRequest)= {[/ oauth / error]}} 2018-06-30 00:26 :02.401 INFO 1396 --- [main] .sopeFrameworkEndpointHandlerMapping:将“{[/ oauth / error]}”映射到公共org.spr ingframework.web.servlet.ModelAndView org.springframework.security.oauth2.provider.endpoint.WhitelabelErrorEndpoint.handleError(javax.servlet.http.HttpServletRequest)2018-06-30 00:26:02.625 INFO 1396 --- [main] osws handler.SimpleUrlHandlerMapping:将URL路径[//favicon.ico]映射到类型[class org.springframework.web.servlet.resource.ResourceHttpRequestHandler]的处理程序2018-06-30 00:26:03.361 INFO 1396 --- [main] ohhiQueryTranslatorFactoryInitiator:HHH000397:使用ASTQueryTranslatorFactory 2018-06-30 00:26:03.591 INFO 1396 --- [main] swsmmaRequestMappingHandlerAdapter:寻找@ControllerAdvice:org.springframework.boot.web.servlet.context.AnnotationConfigServletWebServerApplicationContext@515aebb0:startup日期[星期六6月30日00:25:55 IST 2018];上下文层次结构2018-06-30 00:26:03.651 WARN 1396 --- [main] aWebConfiguration $ JpaWebMvcConfiguration:默认情况下启用spring.jpa.open-in-view . 因此,可以在视图呈现期间执行数据库查询 . 显式配置spring.jpa.open-in-view以禁用此警告2018-06-30 00:26:03.688 INFO 1396 --- [main] swsmmaRequestMappingHandlerMapping:将“{[/ check / data]}”映射到公共java .lang.String com.cheers.authserver.auth.DataCheck.data()2018-06-30 00:26:03.690 INFO 1396 --- [main] swsmmaRequestMappingHandlerMapping:映射“{[/ api / open]}”到public java.lang.String com.cheers.authserver.auth.DataCheck.testing()2018-06-30 00:26:03.703 INFO 1396 --- [main] swsmmaRequestMappingHandlerMapping:将“{[/ error]}”映射到公共org.springframework.http.ResponseEntity> org.springframework.boot.autoconfigure.web.servlet.error.BasicErrorController.error(javax.servlet.http.HttpServletRequest) 2018-06-30 00:26:03.705 INFO 1396 --- [main] swsmmaRequestMappingHandlerMapping:将“{[/ error],produce = [text / html]}”映射到公共org.springframework.web.servlet.ModelAndView org .springframework.boot.autoconfigure.web.servlet.error.BasicErrorController.errorHtml(javax.servlet.http.HttpServletRequest,javax.servlet.http.HttpServletResponse)2018-06-30 00:26:03.769 INFO 1396 --- [main ] oswshandler.SimpleUrlHandlerMapping:映射URL路径[/ webjars /]到类型[class org.springframework.web.servlet.resource.ResourceHttpRequestHandler]的处理程序2018-06-30 00:26:03.770 INFO 1396 --- [main] oswshandler.SimpleUrlHandlerMapping:将URL路径[/]映射到[class org.springframework.web.servlet.resource.ResourceHttp]类型的处理程序上RequestHandler] 2018-06-30 00:26:04.148 DEBUG 1396 --- [main] s.c.a.w.c.WebSecurityConfigurerAdapter $ 3:没有authenticationProviders,也没有定义parentAuthenticationManager . 返回null . 2018-06-30 00:26:04.289 DEBUG 1396 --- [main] eGlobalAuthenticationAutowiredConfigurer:热切初始化{org.springframework.boot.autoconfigure.security.servlet.WebSecurityEnablerConfiguration = org.springframework.boot.autoconfigure.security.servlet.WebSecurityEnablerConfiguration $$ EnhancerBySpringCGLIB $$ c3e8db27 @ 77aea} 2018-06-30 00:26:04.316 INFO 1396 --- [main] ossweb.DefaultSecurityFilterChain:创建过滤器链:Ant [pattern ='/ api /'],[] 2018 -06-30 00:26:04.425 DEBUG 1396 --- [main] edFilterInvocationSecurityMetadataSource:为Ant [pattern ='/ oauth / token']添加Web访问控制表达式'fullyAuthenticated'2018-06-30 00:26:04.428 DEBUG 1396 --- [main] edFilterInvocationSecurityMetadataSource:为Ant [pattern ='/ oauth / token_key']添加Web访问控制表达式'permitAll()'2018-06-30 00:26:04.428 DEBUG 1396 --- [main ] edFilterInvocationSecurityMetadataSource:为Ant添加Web访问控制表达式'isAuthenticated()'[pattern ='/ oauth / chec k_token'] 2018-06-30 00:26:04.439 DEBUG 1396 --- [main] osswaiFilterSecurityInterceptor:验证配置属性2018-06-30 00:26:04.459 DEBUG 1396 --- [main] osswaiFilterSecurityInterceptor:验证配置属性2018-06-30 00:26:04.477 INFO 1396 --- [main] ossweb.DefaultSecurityFilterChain:创建过滤器链:OrRequestMatcher [requestMatchers = [Ant [pattern ='/ oauth / token'],Ant [pattern =' / oauth / token_key'],Ant [pattern ='/ oauth / check_token']]],[org.springframework.security.web.context.request.async.WebAsyncManagerIntegrationFilter@11826398,org.springframework.security.web.context . SecurityContextPersistenceFilter @ 76ac68b0,org.springframework.security.web.header.HeaderWriterFilter @ 5e2a6991,org.springframework.security.web.authentication.logout.LogoutFilter @ 7a358613,org.springframework.security.web.authentication.www.BasicAuthenticationFilter @ 59b492ec, org.springframework.security.web.savedrequest.RequestCacheAwareFilter@63917fe1,org .springframework.security.web.servletapi.SecurityContextHolderAwareRequestFilter @ 2b7facc7,org.springframework.security.web.authentication.AnonymousAuthenticationFilter@6c5ca0b6,org.springframework.security.web.session.SessionManagementFilter@409732fb,org.springframework.security.web.access .ExceptionTranslationFilter @ 5aea8994,org.springframework.security.web.access.intercept.FilterSecurityInterceptor@2e4eda17] 2018-06-30 00:26:04.503 DEBUG 1396 --- [main] edFilterInvocationSecurityMetadataSource:添加Web访问控制表达式'permitAll', for Ant [pattern ='/'] 2018-06-30 00:26:04.504 DEBUG 1396 --- [main] edFilterInvocationSecurityMetadataSource:为org.springframework.security.web.util.matcher添加Web访问控制表达式'authenticated' .AnyRequestMatcher @ 1 2018-06-30 00:26:04.506 DEBUG 1396 --- [main] osswaiFilterSecurityInterceptor:验证配置属性2018-06-30 00:26:04.507 DEBUG 1396 --- [main] osswaiFilterSecurityInterceptor :验证配置属性2018-06-30 00:26:04.509 INFO 1396 --- [main] ossweb.DefaultSecurityFilterChain:创建过滤器链:Ant [pattern ='/ api /'],[org.springframework.security.web .context.request.async.WebAsyncManagerIntegrationFilter @ 15a8cebd,org.springframework.security.web.context.SecurityContextPersistenceFilter@410fc508,org.springframework.security.web.header.HeaderWriterFilter@a316f6b,org.springframework.security.web.authentication.logout.LogoutFilter @ 62e73ab6,org.springframework.security . oauth2.provider.authentication.OAuth2AuthenticationProcessingFilter@5ebbde60,org.springframework.security.web.savedrequest.RequestCacheAwareFilter@4e17442f,org.springframework.security.web.servletapi.SecurityContextHolderAwareRequestFilter@4f5c30b1,org.springframework.security.web.authentication.AnonymousAuthenticationFilter @ 3f6c2763,org.springframework.security.web.session.SessionManagementFilter@63f9ddf9,org.springframework.security.web.access.ExceptionTranslationFilter @ 35e74e08,org.springframework.security.web.access.intercept.FilterSecurityInterceptor@7bf018dd] 2018-06- 30 00:26:04.532 INFO 1396 --- [main] ossweb.DefaultSecurityFilterChain:创建过滤链:org.springframework.security.web.util.matcher.AnyReques tMatcher @ 1,[org.springframework.security.web.context.request.async.WebAsyncManagerIntegrationFilter@76a6f045,org.springframework.security.web.context.SecurityContextPersistenceFilter@59e7564b,org.springframework.security.web.header.HeaderWriterFilter@6793f752 ,org.springframework.security.web.csrf.CsrfFilter@2ad7bd26,org.springframework.security.web.authentication.logout.LogoutFilter @ 1510b9a2,org.springframework.security.web.savedrequest.RequestCacheAwareFilter@482ba4b1,org.springframework.security .web.servletapi.SecurityContextHolderAwareRequestFilter @ 307af381,org.springframework.security.web.authentication.AnonymousAuthenticationFilter @ 633ddc0c,org.springframework.security.web.session.SessionManagementFilter @ 1216eb3f,org.springframework.security.web.access.ExceptionTranslationFilter@44faa4f2 ] 2018-06-30 00:26:04.684 INFO 1396 --- [main] osjeaAnnotationMBeanExporter:在启动时为JMX曝光注册bean 2018-06-30 00:26:04.759 INFO 1396 --- [main] osbwemb edded.tomcat.TomcatWebServer:Tomcat在端口上启动:8030(http),上下文路径为''2018-06-30 00:26:04.768 INFO 1396 --- [main] ccauthserver.AuthServerApplication:在9.893中启动AuthServerApplication秒(JVM运行10.573)2018-06-30 00:27:40.919 INFO 1396 --- [nio-8030-exec-2] oaccC [Tomcat] . [localhost] . [/]:初始化Spring FrameworkServlet'dispatcherServlet' 2018-06-30 00:27:40.919 INFO 1396 --- [nio-8030-exec-2] osweb.servlet.DispatcherServlet:FrameworkServlet'dispatcherServlet':初始化开始2018-06-30 00:27:41.004 INFO 1396 --- [nio-8030-exec-2] osweb.servlet.DispatcherServlet:FrameworkServlet'dispatcherServlet':初始化完成时间为85毫秒2018-06-30 00:27:41.026 DEBUG 1396 --- [nio-8030-exec -2] osswumatcher.AntPathRequestMatcher:检查请求的匹配:'/ oauth / token';反对'/ api /'2018-06-30 00:27:41.026 DEBUG 1396 --- [nio-8030-exec-2] ossweb.util.matcher.OrRequestMatcher:尝试使用Ant进行匹配[pattern ='/ oauth / token'] 2018-06-30 00:27:41.026 DEBUG 1396 --- [nio-8030-exec-2] osswumatcher.AntPathRequestMatcher:检查请求的匹配:'/ oauth / token';反对'/ oauth / token'2018-06-30 00:27:41.026 DEBUG 1396 --- [nio-8030-exec-2] ossweb.util.matcher.OrRequestMatcher:匹配2018-06-30 00:27: 41.027 DEBUG 1396 --- [nio-8030-exec-2] ossecurity.web.FilterChainProxy:/oauth/token?grant_type=password&username=raja@gmail.com&password=password在第1位的第11位附加过滤器链;触发过滤器:'WebAsyncManagerIntegrationFilter'2018-06-30 00:27:41.029 DEBUG 1396 --- [nio-8030-exec-2] ossecurity.web.FilterChainProxy:/ oauth / token?grant_type = password&username = raja @ gmail . com&password =附加过滤链中第2位的密码;触发过滤器:'SecurityContextPersistenceFilter'2018-06-30 00:27:41.030 DEBUG 1396 --- [nio-8030-exec-2] ossecurity.web.FilterChainProxy:/ oauth / token?grant_type = password&username = raja @ gmail . com&password =密码在第3位,共11个附加过滤链;触发过滤器:'HeaderWriterFilter'2018-06-30 00:27:41.032 DEBUG 1396 --- [nio-8030-exec-2] ossecurity.web.FilterChainProxy:/ oauth / token?grant_type = password&username = raja @ gmail . com&password =密码在第4位的11位附加过滤链中;触发过滤器:'LogoutFilter'2018-06-06 00:27:41.032 DEBUG 1396 --- [nio-8030-exec-2] ossweb.util.matcher.OrRequestMatcher:尝试使用Ant匹配[pattern ='/ logout ',GET] 2018-06-3000:27:41.032 DEBUG 1396 --- [nio-8030-exec-2] o.s.s.w.u.matcher.AntPathRequestMatcher:检查请求的匹配:'/ oauth / token';反对'/ logout'2018-06-30 00:27:41.032 DEBUG 1396 --- [nio-8030-exec-2] ossweb.util.matcher.OrRequestMatcher:尝试使用Ant匹配[pattern ='/ logout' ,POST] 2018-06-30 00:27:41.032 DEBUG 1396 --- [nio-8030-exec-2] osswumatcher.AntPathRequestMatcher:请求'GET / oauth / token'与'POST / logout 2018-不匹配 - 06-30 00:27:41.032 DEBUG 1396 --- [nio-8030-exec-2] ossweb.util.matcher.OrRequestMatcher:尝试匹配使用Ant [pattern ='/ logout',PUT] 2018-06- 30 00:27:41.033 DEBUG 1396 --- [nio-8030-exec-2] osswumatcher.AntPathRequestMatcher:请求'GET / oauth / token'与'PUT / logout 2018-06-30 00:27不匹配: 41.033 DEBUG 1396 --- [nio-8030-exec-2] ossweb.util.matcher.OrRequestMatcher:尝试使用Ant进行匹配[pattern ='/ logout',DELETE] 2018-06-30 00:27:41.033 DEBUG 1396 --- [nio-8030-exec-2] osswumatcher.AntPathRequestMatcher:请求'GET / oauth / token'与'DELETE / logout不匹配2018-06-30 00:27:41.033 DEBUG 1396 --- [ nio-8030-exec-2] osswe b.util.matcher.OrRequestMatcher:找不到匹配项2018-06-30 00:27:41.033 DEBUG 1396 --- [nio-8030-exec-2] ossecurity.web.FilterChainProxy:/ oauth / token?grant_type = password&username =raja@gmail.com&password=password在第5位的第11位附加过滤链;触发过滤器:'BasicAuthenticationFilter'2018-06-30 00:27:41.034 DEBUG 1396 --- [nio-8030-exec-2] osswawww.BasicAuthenticationFilter:为用户'fooClientIdPassword'找到的基本认证授权头2018-06-30 00:27:41.038 DEBUG 1396 --- [nio-8030-exec-2] ossauthentication.ProviderManager:使用org.springframework.security.authentication.dao.DaoAuthenticationProvider进行身份验证尝试2018-06-30 00:27:41.844 DEBUG 1396 --- [nio-8030-exec-2] ossadao.DaoAuthenticationProvider:用户'fooClientIdPassword'未找到2018-06-30 00:27:41.845 DEBUG 1396 --- [nio-8030-exec-2] osswawww . BasicAuthenticationFilter:失败的身份验证请求:org.springframework.security.authentication.BadCredentialsException:错误的凭据2018-06-30 00:27:41.845 DEBUG 1396 --- [nio-8030-exec-2] swaDelegatingAuthenticationEntryPoint:尝试匹配使用RequestHeaderRequestMatcher [expectedHeaderName = X-Requested-With,expectedHeaderValue = XMLHttpRequest] 201 8-06-30 00:27:41.845 DEBUG 1396 --- [nio-8030-exec-2] s.w.a.DelegatingAuthenticationEntryPoint:未找到匹配项 . 使用默认入口点org.springframework.security.web.authentication.www.BasicAuthenticationEntryPoint@6dad2eff 2018-06-30 00:27:41.846 DEBUG 1396 --- [nio-8030-exec-2] osswheader.writers.HstsHeaderWriter:没有注入HSTS头,因为它与requestMatcher不匹配org.springframework.security.web.header.writers.HstsHeaderWriter$SecureRequestMatcher@547de45b 2018-06-30 00:27:41.848 DEBUG 1396 --- [nio-8030-exec- 2] sswcSecurityContextPersistenceFilter:SecurityContextHolder现已清除,请求处理完成2018-06-30 00:27:41.854 DEBUG 1396 --- [nio-8030-exec-2] osswumatcher.AntPathRequestMatcher:检查请求匹配:'/ error “;反对'/ api /'2018-06-30 00:27:41.854 DEBUG 1396 --- [nio-8030-exec-2] ossweb.util.matcher.OrRequestMatcher:尝试使用Ant进行匹配[pattern ='/ oauth / token'] 2018-06-30 00:27:41.854 DEBUG 1396 --- [nio-8030-exec-2] osswumatcher.AntPathRequestMatcher:检查请求的匹配:'/ error';反对'/ oauth / token'2018-06-30 00:27:41.854 DEBUG 1396 --- [nio-8030-exec-2] ossweb.util.matcher.OrRequestMatcher:尝试使用Ant匹配[pattern ='/ oauth / token_key'] 2018-06-30 00:27:41.854 DEBUG 1396 --- [nio-8030-exec-2] osswumatcher.AntPathRequestMatcher:检查请求的匹配:'/ error';反对'/ oauth / token_key'2018-06-30 00:27:41.854 DEBUG 1396 --- [nio-8030-exec-2] ossweb.util.matcher.OrRequestMatcher:尝试使用Ant匹配[pattern ='/ oauth / check_token'] 2018-06-30 00:27:41.854 DEBUG 1396 --- [nio-8030-exec-2] osswumatcher.AntPathRequestMatcher:检查请求的匹配:'/ error';反对'/ oauth / check_token'2018-06-30 00:27:41.854 DEBUG 1396 --- [nio-8030-exec-2] ossweb.util.matcher.OrRequestMatcher:未找到匹配项2018-06-30 00: 27:41.854 DEBUG 1396 --- [nio-8030-exec-2] osswumatcher.AntPathRequestMatcher:检查请求的匹配:'/ error';反对'/ api /'2018-06-30 00:27:41.854 DEBUG 1396 --- [nio-8030-exec-2]o.s.security.web.FilterChainProxy:/error?grant_type=password&username=raja@gmail.com&password=password在第1位(共10位)的附加过滤器链中;触发过滤器:'WebAsyncManagerIntegrationFilter'2018-06-30 00:27:41.854 DEBUG 1396 --- [nio-8030-exec-2] ossecurity.web.FilterChainProxy:/error?grant_type=password&username=raja@gmail.com&password=在附加过滤器链中位置2的密码为10;过滤:'SecurityContextPersistenceFilter'2018-06-30 00:27:41.855 DEBUG 1396 --- [nio-8030-exec-2] wcHttpSessionSecurityContextRepository:No HttpSession目前存在2018-06-30 00:27:41.856 DEBUG 1396 - - [nio-8030-exec-2] wcHttpSessionSecurityContextRepository:HttpSession中没有可用的SecurityContext:null . 将创建一个新的 . 2018-06-30 00:27:41.857 DEBUG 1396 --- [nio-8030-exec-2] ossecurity.web.FilterChainProxy:/error?grant_type=password&username=raja@gmail.com&password=password at position 3 of 10在额外的过滤链中;触发过滤器:'HeaderWriterFilter'2018-06-30 00:27:41.857 DEBUG 1396 --- [nio-8030-exec-2] ossecurity.web.FilterChainProxy:/error?grant_type=password&username=raja@gmail.com&password=密码在第4位的10位额外的过滤链中;过滤:'CsrfFilter'2018-06-30 00:27:41.857 DEBUG 1396 --- [nio-8030-exec-2] ossecurity.web.FilterChainProxy:/error?grant_type=password&username=raja@gmail.com&password=密码在第5位的10位附加过滤链中;触发过滤器:'LogoutFilter'2018-06-30 00:27:41.859 DEBUG 1396 --- [nio-8030-exec-2] osswumatcher.AntPathRequestMatcher:请求'GET / error'与'POST / logout 2018不匹配-06-30 00:27:41.860 DEBUG 1396 --- [nio-8030-exec-2] ossecurity.web.FilterChainProxy:/error?grant_type=password&username=raja@gmail.com&password=password at position 6 of 10 in额外的过滤链;触发过滤器:'RequestCacheAwareFilter'2018-06-30 00:27:41.860 DEBUG 1396 --- [nio-8030-exec-2] ossecurity.web.FilterChainProxy:/error?grant_type=password&username=raja@gmail.com&password=密码在第7位的10位额外的过滤链中;触发过滤器:'SecurityContextHolderAwareRequestFilter'2018-06-30 00:27:41.863 DEBUG 1396 --- [nio-8030-exec-2] ossecurity.web.FilterChainProxy:/error?grant_type=password&username=raja@gmail.com&password=密码在第8位的10位额外的过滤链中;触发过滤器:'AnonymousAuthenticationFilter'2018-06-30 00:27:41.863 DEBUG 1396 --- [nio-8030-exec-2] osswaAnonymousAuthenticationFilter:填充带有匿名标记的SecurityContextHolder:'org.springframework.security.authentication.AnonymousAuthenticationToken @ 784958e0:校长:anonymousUser;证书:[保护];认证:真实;详细信息:org.springframework.security.web.authentication.WebAuthenticationDetails@b364:RemoteIpAddress:0:0:0:0:0:0:0:1; SessionId:null;授权机构:ROLE_ANONYMOUS'2018-06-30 00:27:41.864 DEBUG 1396 --- [nio-8030-exec-2] ossecurity.web.FilterChainProxy:/error?grant_type=password&username=raja@gmail.com&password=password在附加过滤链中的第9个位置;触发过滤器:'SessionManagementFilter'2018-06-30 00:27:41.865 DEBUG 1396 --- [nio-8030-exec-2] o.s.s.w.session.SessionManagementFilter:请求的会话ID E5A0A21A0F7DF095CB629DA455BDEEA0无效 . 2018-06-30 00:27:41.865 DEBUG 1396 --- [nio-8030-exec-2] ossecurity.web.FilterChainProxy:/error?grant_type=password&username=raja@gmail.com&password=password at 10 of 10在额外的过滤链中;触发过滤器:'ExceptionTranslationFilter'2018-06-30 00:27:41.865 DEBUG 1396 --- [nio-8030-exec-2] ossecurity.web.FilterChainProxy:/error?grant_type=password&username=raja@gmail.com&password=密码到达附加过滤链的末尾;继续使用原始链2018-06-30 00:27:42.018 DEBUG 1396 --- [nio-8030-exec-2] w.c.HttpSessionSecurityContextRepository:SecurityContext为空或内容为匿名 - 上下文不会存储在HttpSession中 . 2018-06-30 00:27:42.036 DEBUG 1396 --- [nio-8030-exec-2] osswaExceptionTranslationFilter:链正常处理2018-06-30 00:27:42.037 DEBUG 1396 --- [nio-8030- exec-2] sswcSecurityContextPersistenceFilter:SecurityContextHolder现已清除,请求处理完成
1 回答
在自己分析之前,请不要简单地共享整个日志文件 .
在日志文件中很明显,您提供的客户端凭据不正确 .
客户用户
fooClientIdPassword在数据库中不存在 . 以下是您分享的日志的摘录: