在多节点Spring LDAP安全应用程序中,获取以下异常 . 奇怪的是在某个节点中,身份验证正常发生,并且在某些节点中获得此异常 -
在多节点Spring LDAP Security应用程序中,获取以下异常 . 奇怪的是在某个节点中,身份验证正常发生并且在某些节点中获得此异常 - 在org.springframework的org.springframework.security.ldap.userdetails.LdapUserDetailsImpl.hashCode(LdapUserDetailsImpl.java:133)中的StackTrace:java.lang.NullPointerException位于org.springframework.security.authentication.AbstractAuthenticationToken.toString(AbstractAuthenticationToken.java:201)的java.lang.Object.toString(Object.java:236)中的.security.authentication.AbstractAuthenticationToken.hashCode(AbstractAuthenticationToken.java:180)at at java.lang.String.valueOf(String.java:2994)at java.lang.StringBuilder.append(StringBuilder.java:131)at org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter.successfulAuthentication(AbstractAuthenticationProcessingFilter.java:312)在org.springframework.security.web.F上的org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter.doFilter(AbstractAuthenticationProcessingFilter.java:240) ilterChainProxy $ VirtualFilterChain.doFilter(FilterChainProxy.java:331)org.springframework.security.web.authentication.logout.LogoutFilter.doFilter(LogoutFilter.java:116)org.springframework.security.web.FilterChainProxy $ VirtualFilterChain.doFilter( FilterChainProxy.java:331)位于org.springframework的org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107)的com.company.cm.config.WebSecurityConfig $ 1.doFilterInternal(WebSecurityConfig.java:113) . security.web.FilterChainProxy $ VirtualFilterChain.doFilter(FilterChainProxy.java:331)org.springframework.security.web.csrf.CsrfFilter.doFilterInternal(CsrfFilter.java:124)org.springframework.web.filter.OncePerRequestFilter.doFilter( OncePerRequestFilter.java:107)org.springframework.security.web.FilterChainProxy $ VirtualFilterChain.doFilter(FilterChainProxy.java:331)org.springframework.security.web.header.HeaderWriterFilter.doFilterInternal(HeaderWriterFilter.java:64)at org .springframework.we b.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107)org.springframework.security.web.FilterChainProxy $ VirtualFilterChain.doFilter(FilterChainProxy.java:331)org.springframework.security.web.context.SecurityContextPersistenceFilter.doFilter( SecurityContextPersistenceFilter.java:105)org.springframework.security.web.FilterChainProxy $ VirtualFilterChain.doFilter(FilterChainProxy.java:331)org.springframework.security.web.context.request.async.WebAsyncManagerIntegrationFilter.doFilterInternal(WebAsyncManagerIntegrationFilter.java: 56)在org.springframework.security.web的org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107)org.springframework.security.web.FilterChainProxy $ VirtualFilterChain.doFilter(FilterChainProxy.java:331)org.springframework.security.web .access.channel.ChannelProcessingFilter.doFilter(ChannelProcessingFilter.java:157)org.springframework.security.web.FilterChainProxy $ VirtualFilterChain.doFilter(FilterChainProxy.java:331)at org .springframework.security.web.FilterChainProxy.doFilterInternal(FilterChainProxy.java:214)org.springframework.security.web.FilterChainProxy.doFilter(FilterChainProxy.java:177)org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy) .java:346)在org.apache.catalina的org.apache.catalina.core.AppalFinterChain.internalDoFilter(ApplicationFilterChain.java:240)的org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:262) . core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:207)org.springframework.session.web.http.SessionRepositoryFilter.doFilterInternal(SessionRepositoryFilter.java:167)org.springframework.session.web.http.OncePerRequestFilter.doFilter(OncePerRequestFilter . java:80)atg.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:346)atg.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:262)at org.apac他在org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:207)的org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve . )中的.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:240) . java:212)org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:94)org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:504)at org.apache.catalina.core .standardHostValve.invoke(StandardHostValve.java:141)atg.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:79)at atorg.apache.catalina.valves.AbstractAccessLogValve.invoke(AbstractAccessLogValve.java:620)org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:88)org.apache.catalina.connector.CoyoteAdapter.service( CoyoteAdapter.java:502)org.apache.coyote.http11.AbstractHttp11Processor.process(AbstractHttp11Processor.java:1132)atg.apache.coyote.AbstractProtocol $ AbstractConnectionHandler.process(AbstractProtocol.java:684)org.apache.tomcat .util.net.NioEndpoint $ SocketProcessor.doRun(NioEndpoint.java:1533)atg.apache.tomcat.util.net.NioEndpoint $ SocketProcessor.run(NioEndpoint.java:1489)at java.util.concurrent.ThreadPoolExecutor.runWorker (ThreadPoolExecutor.java:1142)java.util.concurrent.ThreadPoolExecutor $ Worker.run(ThreadPoolExecutor.java:617)at org.apache.tomcat.util.threads.TaskThread $ WrappingRunnable.run(TaskThread.java:61)at at java.lang.Thread.run(Thread.java:745)
日志 -
20:04:28.581 [http-nio-8080-exec-10] DEBUG org.springframework.security.web.util.matcher.AntPathRequestMatcher - 检查请求匹配:'/ login_process';反对'/ login_process'20:04:28.581 [http-nio-8080-exec-10] DEBUG org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter - 请求处理身份验证20:04:28.581 [http-nio-8080 -exec-10] DEBUG org.springframework.security.authentication.ProviderManager - 使用org.springframework.security.ldap.authentication.LdapAuthenticationProvider验证尝试20:04:28.581 [http-nio-8080-exec-10] DEBUG org.springframework .security.ldap.authentication.LdapAuthenticationProvider - 处理用户的身份验证请求:20:04:28.581 [http-nio-8080-exec-10] DEBUG org.springframework.security.ldap.authentication.BindAuthenticator - 尝试绑定为uid = ,ou = People,dc = company,dc = com 20:04:28.581 [http-nio-8080-exec-10] DEBUG org.springframework.security.ldap.DefaultSpringSecurityContextSource - 删除用户的池标志uid =,ou = People ,dc = company,dc = com 20:04:28.772 [http-nio-8080-exec-10] DEBUG org.springframework.ldap.core.support.Abstrac tContextSource - 在服务器上获得Ldap上下文'ldap:// ip / dc = company,dc = com'20:04:28.772 [http-nio-8080-exec-10] DEBUG org.springframework.security.ldap.authentication.BindAuthenticator - 检索属性... 20:04:28.860 [http-nio-8080-exec-10] DEBUG org.springframework.security.ldap.userdetails.DefaultLdapAuthoritiesPopulator - 获取用户权限uid =,ou = People,dc = company, dc = com 20:04:28.860 [http-nio-8080-exec-10] DEBUG org.springframework.security.ldap.userdetails.DefaultLdapAuthoritiesPopulator - 搜索用户''的角色,DN ='uid =,ou =人, dc = company,dc = com',在搜索库中有过滤器(memberUid = {0})'ou = Group'20:04:28.860 [http-nio-8080-exec-10] DEBUG org.springframework.security.ldap .SpringSecurityLdapTemplate - 使用过滤器:(memberUid = uid =,ou = People,dc = company,dc = com)20:04:28.860 [http-nio-8080-exec-10] DEBUG org.springframework.ldap.core.LdapTemplate - 未设置提供的SearchControls的returnObjFlag,但使用了ContextMapper - 设置标志t o true 20:04:28.865 [http-nio-8080-exec-10] DEBUG org.springframework.ldap.core.support.AbstractContextSource - 在服务器上获得Ldap上下文'ldap:// ip / dc = company,dc = com '20:04:28.976 [http-nio-8080-exec-10] DEBUG org.springframework.security.ldap.userdetails.DefaultLdapAuthoritiesPopulator 20:04:28.977 [http-nio-8080-exec-10] DEBUG org.springframework . security.ldap.userdetails.LdapUserDetailsMapper - 使用DN从上下文映射用户详细信息:uid =,ou = People,dc = company,dc = com 20:04:28.977 [http-nio-8080-exec-10] DEBUG org.springframework .security.web.authentication.session.CompositeSessionAuthenticationStrategy - 委托给org.springframework.security.web.authentication.session.ChangeSessionIdAuthenticationStrategy@1d1ae249 20:04:28.977 [http-nio-8080-exec-10] DEBUG org.springframework.data .redis.core.RedisConnectionUtils - 打开RedisConnection 20:04:28.978 [http-nio-8080-exec-10] DEBUG org.springframework.data.redis.core.RedisConnectionUtils - 关闭Redis Connection 20:04:28.97 9 [http-nio-8080-exec-10] DEBUG org.springframework.data.redis.core.RedisConnectionUtils - 打开RedisConnection 20:04:28.979 [http-nio-8080-exec-10] DEBUG org.springframework.data . redis.core.RedisConnectionUtils - 关闭Redis Connection 20:04:28.979 [http-nio-8080-exec-10] DEBUG org.springframework.data.redis.core.RedisConnectionUtils - 打开RedisConnection 20:04:28.979 [http-nio- 8080-exec-10] DEBUG org.springframework.data.redis.core.RedisConnectionUtils - Closing Redis Connection 20:04:28.980 [http-nio-8080-exec-10] DEBUG org.springframework.data.redis.core.RedisConnectionUtils - 打开RedisConnection 20:04:28.980 [http-nio-8080-exec-10] DEBUG org.springframework.data.redis.core.RedisConnectionUtils - Closing Redis Connection 20:04:28.980 [http-nio-8080-exec-10 ] DEBUG org.springframework.data.redis.core.RedisConnectionUtils - 打开RedisConnection 20:04:28.980 [http-nio-8080-exec-10] DEBUGorg.springframework.data.redis.core.RedisConnectionUtils - 关闭Redis Connection 20:04:28.981 [http-nio-8080-exec-10] DEBUG org.springframework.data.redis.core.RedisConnectionUtils - 打开RedisConnection 20:04: 28.981 [http-nio-8080-exec-10] DEBUG org.springframework.data.redis.core.RedisConnectionUtils - 关闭Redis Connection 20:04:28.981 [http-nio-8080-exec-10] DEBUG org.springframework.data .redis.core.RedisConnectionUtils - 打开RedisConnection 20:04:28.981 [http-nio-8080-exec-10] DEBUG org.springframework.data.redis.core.RedisConnectionUtils - 关闭Redis Connection 20:04:28.981 [http-nio -8080-EXEC-10] DEBUG org.springframework.data.redis.core.RedisConnectionUtils - 打开RedisConnection 20:04:28.981 [HTTP-NIO-8080-EXEC-10] DEBUG org.springframework.data.redis.core.RedisConnectionUtils - 关闭Redis Connection 20:04:28.981 [http-nio-8080-exec-10] DEBUG org.springframework.data.redis.core.RedisConnectionUtils - 打开RedisConnection 20:04:28.981 [http-nio-8080-exe C-10] DEBUG org.springframework.data.redis.core.RedisConnectionUtils - 关闭Redis的连接20:04:28.983 [HTTP-NIO-8080-EXEC-10] DEBUG org.springframework.session.web.http.SessionRepositoryFilter.SESSION_LOGGER - 没有找到id的会话:缓存此HttpServletRequest的getSession(false)结果 . 20:04:28.983 [http-nio-8080-exec-10] DEBUG org.springframework.session.web.http.SessionRepositoryFilter.SESSION_LOGGER - 创建了一个新会话 . 为了帮助您解决创建会话的位置,我们提供了StackTrace(这不是错误) . 您可以通过禁用org.springframework.session.web.http.SessionRepositoryFilter.SESSION_LOGGER java.lang.RuntimeException的DEBUG日志记录来阻止此情况出现:仅用于org.springframework.session.web.http的调试目的(不是错误) . SessionRepositoryFilter $ SessionRepositoryRequestWrapper.getSession(SessionRepositoryFilter.java:368)org.springframework.session.web.http.SessionRepositoryFilter $ SessionRepositoryRequestWrapper.getSession(SessionRepositoryFilter.java:390)at org.springframework.session.web.http.SessionRepositoryFilter $ SessionRepositoryRequestWrapper . 在sun.reflect.NativeMethodAccessorImpl.invoke0的javax.servlet.http.HttpServletRequestWrapper.changeSessionId(HttpServletRequestWrapper.java:249)的javax.servlet.http.HttpServletRequestWrapper.changeSessionId(HttpServletRequestWrapper.java:249)中的changeSessionId(SessionRepositoryFilter.java:291) (本地方法)at sun.reflect的sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) .DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)在java.lang.reflect.Method.invoke(Method.java:498)在org.springframework.util.ReflectionUtils.invokeMethod(ReflectionUtils.java:216)在org.springframework . util.ReflectionUtils.invokeMethod(ReflectionUtils.java:201)位于org.springframework.security.web.authentication.session.AbstractSessionFixationProtectionStrategy的org.springframework.security.web.authentication.session.ChangeSessionIdAuthenticationStrategy.applySessionFixation(ChangeSessionIdAuthenticationStrategy.java:55) . org.springframework.security.web.authentication.session.ChangeSessionIdAuthenticationStrategy.onAuthentication(ChangeSessionIdAuthenticationStrategy.java:32)中的onAuthentication(AbstractSessionFixationProtectionStrategy.java:87)位于org.springframework.security.web.authentication.session.CompositeSessionAuthenticationStrategy.onAuthentication(CompositeSessionAuthenticationStrategy . java:89)at org.springframework.security.web.authenticatio n.AbstractAuthenticationProcessingFilter.doFilter(AbstractAuthenticationProcessingFilter.java:218)位于org.springframework.security.web.authentication.logout.LogoutFilter.doFilter的org.springframework.security.web.FilterChainProxy $ VirtualFilterChain.doFilter(FilterChainProxy.java:331) LogoutFilter.java:116)在org.springframework.security.web.FilterChainProxy $ VirtualFilterChain.doFilter(FilterChainProxy.java:331)在com.company.cm.config.WebSecurityConfig $ 1.doFilterInternal(WebSecurityConfig.java:113)的组织 . springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107)位于org.springframework.security.web.csrf.CsrfFilter的org.springframework.security.web.FilterChainProxy $ VirtualFilterChain.doFilter(FilterChainProxy.java:331) . doFilterInternal(CsrfFilter.java:124)在org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107)在org.springframework.security.web.FilterChainProxy $ VirtualFilterChain.doFilter(FilterChainProxy.java:3 31)在org.springframework.security.web.header.HeaderWriterFilter.doFilterInternal(HeaderWriterFilter.java:64)在org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107)在org.springframework.security.web .FilterChainProxy $ VirtualFilterChain.doFilter(FilterChainProxy.java:331)at atorg.springframework.security.web.context.SecurityContextPersistenceFilter.doFilter(SecurityContextPersistenceFilter.java:105)位于org.springframework.security.web的org.springframework.security.web.FilterChainProxy $ VirtualFilterChain.doFilter(FilterChainProxy.java:331) . 在org.springframework.security.web.FilterChainProxy $ VirtualFilterChain.doFilter的org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107)中的context.request.async.WebAsyncManagerIntegrationFilter.doFilterInternal(WebAsyncManagerIntegrationFilter.java:56) FilterChainProxy.java:331)org.springframework.security.web.access.channel.ChannelProcessingFilter.doFilter(ChannelProcessingFilter.java:157)org.springframework.security.web.FilterChainProxy $ VirtualFilterChain.doFilter(FilterChainProxy.java:331) org.springframework.security.web.FilterChainProxy.doFilterInternal(FilterChainProxy.java:214)org.springframework.security.web.FilterChainProxy.doFilter(FilterChainProxy.java:177)a org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:346)位于org.apache.catalina.core.ApplicationFilterChain.internalDoFilter的org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:262) (ApplicationFilterChain.java:240)org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:207)org.springframework.session.web.http.SessionRepositoryFilter.doFilterInternal(SessionRepositoryFilter.java:167)at org . springframework.session.web.http.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:80)atg.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:346)org.springframework.web.filter.DelegatingFilterProxy.doFilter( DelegatingFilterProxy.java:262)org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:240)org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:207) )org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:212)位于org.apache.catalina.authenticator.AuthenticatorBase的org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:94) . 在Org.apache上的org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:141)org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:79)中调用(AuthenticatorBase.java:504)位于org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:88)的.catalina.valves.AbstractAccessLogValve.invoke(AbstractAccessLogValve.java:620)org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java) :502)org.apache.coyote.http11.AbstractHttp11Processor.process(AbstractHttp11Processor.java:1132)atg.apache.coyote.AbstractProtocol $ AbstractConnectionHandler.process(AbstractProtocol.java:684)at org.apache.tomcat.util . net.NioEndpoint $ SocketProcessor.doRun(NioEndpoint.java:1533)at org.apache.tomcat.util.net.NioEndp oint $ SocketProcessor.run(NioEndpoint.java:1489)at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142)at java.util.concurrent.ThreadPoolExecutor $ Worker.run(ThreadPoolExecutor.java:617)at org .apache.tomcat.util.threads.TaskThread $ WrappingRunnable.run(TaskThread.java:61)at java.lang.Thread.run(Thread.java:745)20:04:28.984 [http-nio-8080-exec- 10] DEBUG org.springframework.security.web.authentication.session.CompositeSessionAuthenticationStrategy - 委托给org.springframework.security.web.csrf.CsrfAuthenticationStrategy@38ef21bd 20:04:28.984 [http-nio-8080-exec-10] DEBUG org .springframework.security.web.context.HttpSessionSecurityContextRepository - SecurityContext为空或内容为匿名 - 上下文不会存储在HttpSession中 . 20:04:28.984 [http-nio-8080-exec-10] DEBUG org.springframework.security.web.context.SecurityContextPersistenceFilter - SecurityContextHolder现已清除,请求处理完成20:04:28.986 [http-nio-8080-exec -10] DEBUG org.springframework.data.redis.core.RedisConnectionUtils - 打开RedisConnection 20:04:28.987 [http-nio-8080-exec-10] DEBUG org.springframework.data.redis.core.RedisConnectionUtils - 关闭Redis连接20:04:28.987 [http-nio-8080-exec-10] DEBUG org.springframework.data.redis.core.RedisConnectionUtils - 打开RedisConnection 20:04:28.987 [http-nio-8080-exec-10] DEBUG组织 . springframework.data.redis.core.RedisConnectionUtils - 关闭Redis Connection 20:04:28.987 [http-nio-8080-exec-10] DEBUG org.springframework.data.redis.core.RedisConnectionUtils - 打开RedisConnection 20:04:28.987 [ http-nio-8080-exec-10] DEBUG org.springframework.data.redis.core.RedisConnectionUtils - 关闭Redis Connection 20:04:28.987 [http-nio-8080-exec-10] DEBUG org.springfr amework.data.redis.core.RedisConnectionUtils - 打开RedisConnection 20:04:28.988 [http-nio-8080-exec-10] DEBUG org.springframework.data.redis.core.RedisConnectionUtils - Closing Redis Connection 20:04:28.988[http-nio-8080-exec-10] DEBUG org.springframework.data.redis.core.RedisConnectionUtils - 打开RedisConnection 20:04:28.989 [http-nio-8080-exec-10] DEBUG org.springframework.data.redis .core.RedisConnectionUtils - 关闭Redis Connection 20:04:28.990 [http-nio-8080-exec-10] DEBUG org.springframework.data.redis.core.RedisConnectionUtils - 打开RedisConnection 20:04:28.990 [http-nio-8080 -exec-10] DEBUG org.springframework.data.redis.core.RedisConnectionUtils - Closing Redis Connection 20:04:28.990 [http-nio-8080-exec-10] DEBUG org.springframework.data.redis.core.RedisConnectionUtils - 打开RedisConnection 20:04:28.991 [http-nio-8080-exec-10] DEBUG org.springframework.data.redis.core.RedisConnectionUtils - 关闭Redis Connection 20:04:28.992 [http-nio-8080-exec-10] DEBUG org.springframework.security.web.util.matcher.AntPathRequestMatcher - 检查请求匹配:'/ WEB-INF / error / exceptionPage.jsp';反对'/ css / '20:04:28.992 [http-nio-8080-exec-10] DEBUG org.springframework.security.web.util.matcher.AntPathRequestMatcher - 检查请求的匹配:'/ WEB-INF / error / exceptionPage.jsp“;反对'/ fonts / '20:04:28.992 [http-nio-8080-exec-10] DEBUG org.springframework.security.web.util.matcher.AntPathRequestMatcher - 检查请求的匹配:'/ WEB-INF / error / exceptionPage.jsp“;反对'/ html / '20:04:28.992 [http-nio-8080-exec-10] DEBUG org.springframework.security.web.util.matcher.AntPathRequestMatcher - 检查请求的匹配:'/ WEB-INF / error / exceptionPage.jsp“;反对'/ js / '20:04:28.992 [http-nio-8080-exec-10] DEBUG org.springframework.security.web.util.matcher.AntPathRequestMatcher - 检查请求的匹配:'/ WEB-INF / error / exceptionPage.jsp“;反对'/ thirdparty / '20:04:28.992 [http-nio-8080-exec-10] DEBUG org.springframework.security.web.FilterChainProxy - /WEB-INF/error/exceptionPage.jsp at position 1 of 14 in过滤链;触发过滤器:'ChannelProcessingFilter'20:04:28.992 [http-nio-8080-exec-10] DEBUG org.springframework.security.web.util.matcher.AntPathRequestMatcher - 请求'/WEB-INF/error/exceptionPage.jsp'通用模式匹配'/ '20:04:28.992 [http-nio-8080-exec-10] DEBUG org.springframework.security.web.access.channel.ChannelProcessingFilter - 请求:FilterInvocation:URL:/ WEB-INF / error /exceptionPage.jsp; ConfigAttributes:[ANY_CHANNEL] 20:04:28.992 [http-nio-8080-exec-10] DEBUG org.springframework.security.web.FilterChainProxy - /WEB-INF/error/exceptionPage.jsp在2位14的附加过滤器中链;触发过滤器:'WebAsyncManagerIntegrationFilter'20:04:28.992 [http-nio-8080-exec-10] DEBUG org.springframework.security.web.FilterChainProxy - /WEB-INF/error/exceptionPage.jsp,位于第3位,共14位过滤链;触发过滤器:'SecurityContextPersistenceFilter'20:04:28.992 [http-nio-8080-exec-10] DEBUG org.springframework.security.web.context.HttpSessionSecurityContextRepository - HttpSession返回了SPRING_SECURITY_CONTEXT 20:04:28.992的空对象[http-nio -8080-exec-10] DEBUG org.springframework.security.web.context.HttpSessionSecurityContextRepository - HttpSession中没有可用的SecurityContext:org.springframework.session.web.http.SessionRepositoryFilter$SessionRepositoryRequestWrapper$HttpSessionWrapper@1285eb30 . 将创建一个新的 . 20:04:28.992 [http-nio-8080-exec-10] DEBUG org.springframework.security.web.FilterChainProxy - /WEB-INF/error/exceptionPage.jsp,位于第4位,共有14个额外的过滤链;触发过滤器:'HeaderWriterFilter'20:04:28.993 [http-nio-8080-exec-10] DEBUG org.springframework.security.web.FilterChainProxy - /WEB-INF/error/exceptionPage.jsp at position 5 of 14 in additional过滤链;触发过滤器:'CsrfFilter'20:04:28.993 [http-nio-8080-exec-10] DEBUG org.springframework.security.web.FilterChainProxy - /WEB-INF/error/exceptionPage.jsp at 6 of 14 in additional过滤链;触发过滤器:''20:04:28.993 [http-nio-8080-exec-10] DEBUG org.springframework.security.web.FilterChainProxy - /WEB-INF/error/exceptionPage.jsp,位于第7位,共14个附加过滤器链;触发过滤器:'LogoutFilter'20:04:28.993 [http-nio-8080-exec-10] DEBUG org.springframework.security.web.util.matcher.AntPathRequestMatcher - 检查请求的匹配:'/ WEB-INF / error / exceptionPage.jsp“;反对'/ logout '20:04:28.993 [http-nio-8080-exec-10] DEBUG org.springframework.security.web.FilterChainProxy - /WEB-INF/error/exceptionPage.jsp在第8位的第14位附加过滤器链;触发过滤器:'UsernamePasswordAuthenticationFilter'20:04:28.993 [http-nio-8080-exec-10] DEBUG org.springframework.security.web.util.matcher.AntPathRequestMatcher - 检查请求的匹配:'/ WEB-INF / error / exceptionPage.jsp“;反对'/ login_process'20:04:28.993 [http-nio-8080-exec-10] DEBUG org.springframework.security.web.FilterChainProxy - /WEB-INF/error/exceptionPage.jsp at 9 of 14 in additional filter链;触发过滤器:'RequestCacheAwareFilter'DEBUGorg.springframework.security.web.savedrequest.DefaultSavedRequest - pathInfo:both null(property equals)20:04:28.993 [http-nio-8080-exec-10] DEBUG org.springframework.security.web.savedrequest.DefaultSavedRequest - queryString :均为null(属性等于)20:04:28.993 [http-nio-8080-exec-10] DEBUG org.springframework.security.web.savedrequest.DefaultSavedRequest - requestURI:arg1 = / cms / index.html; arg2 = / cms / WEB-INF / error / exceptionPage.jsp(property not equals)20:04:28.993 [http-nio-8080-exec-10] DEBUG org.springframework.security.web.savedrequest.HttpSessionRequestCache - 保存的请求不符合20:04:28.993 [http-nio-8080-exec-10] DEBUG org.springframework.security.web.FilterChainProxy - /WEB-INF/error/exceptionPage.jsp,位于第10位,共有14个额外的过滤链;触发过滤器:'SecurityContextHolderAwareRequestFilter'20:04:28.993 [http-nio-8080-exec-10] DEBUG org.springframework.security.web.FilterChainProxy - /WEB-INF/error/exceptionPage.jsp at position 11 of 14 in additional过滤链;使用匿名标记填充SecurityContextHolder:'org.springframework.security.authentication . AnonymousAuthenticationToken @ 905571d8:Principal:anonymousUser;证书:[受保护];认证:真实;详细信息:org.springframework.security.web.authentication.WebAuthenticationDetails@0:RemoteIpAddress:127.0.0.1; SessionId:35b812b5-4e29-4f31-9c9f-be7601329ec3;授权机构:ROLE_ANONYMOUS'20:04:28.993 [http-nio-8080-exec-10] DEBUG org.springframework.security.web.FilterChainProxy - /WEB-INF/error/exceptionPage.jsp,位于第12位,共14个,附加过滤器链;触发过滤器:'SessionManagementFilter'20:04:28.993 [http-nio-8080-exec-10] DEBUG org.springframework.data.redis.core.RedisConnectionUtils - 打开RedisConnection 20:04:28.993 [http-nio-8080-exec -10] DEBUG org.springframework.data.redis.core.RedisConnectionUtils - Closing Redis Connection 20:04:28.994 [http-nio-8080-exec-10] DEBUG org.springframework.security.web.session.SessionManagementFilter - 请求的会话ID 59d0030f-e0ba-4991-a512-a5848660afc4无效 .
配置 -
@Bean
public DefaultSpringSecurityContextSource ldapContext() {
DefaultSpringSecurityContextSource context = new DefaultSpringSecurityContextSource(
config.get("ldap.context", "ldap://x.x.x.x/dc=company,dc=com"));
context.afterPropertiesSet();
return context;
}
/**
* LDAP Bind Authenticator
*
* @return
*/
@Bean
public BindAuthenticator bindAuthenticator() {
BindAuthenticator authenticator = new BindAuthenticator(ldapContext());
String[] dnPatterns = { config.get("ldap.dnPattern", "uid={0},ou=People") };
authenticator.setUserDnPatterns(dnPatterns);
return authenticator;
}
/**
* LDAP authorities populator
*
* @return
*/
@Bean
public DefaultLdapAuthoritiesPopulator ldapAuthoritiesPopulator() {
DefaultLdapAuthoritiesPopulator ldapAuthoritiesPopulator = new DefaultLdapAuthoritiesPopulator(ldapContext(),
config.get("ldap.group.search.base", "ou=Group"));
ldapAuthoritiesPopulator.setGroupRoleAttribute(config.get("ldap.group.role.attribute", "cn"));
ldapAuthoritiesPopulator.setGroupSearchFilter(config.get("ldap.group.search.filter", "(memberUid={0})"));
ldapAuthoritiesPopulator.setIgnorePartialResultException(true);
ldapAuthoritiesPopulator.setRolePrefix(config.get("ldap.user.role.prefix", "ROLE_"));
ldapAuthoritiesPopulator.setSearchSubtree(true);
ldapAuthoritiesPopulator.setConvertToUpperCase(true);
return ldapAuthoritiesPopulator;
}
@Bean
public LdapAuthenticationProvider ldapAuthenticationProvider() {
LdapAuthenticationProvider authProvider = new LdapAuthenticationProvider(bindAuthenticator(),
ldapAuthoritiesPopulator());
authProvider.setUseAuthenticationRequestCredentials(true);
authProvider.setHideUserNotFoundExceptions(false);
authProvider.setUserDetailsContextMapper(ldapContextMapper());
return authProvider;
}
@Bean
public LdapUserDetailsContextMapper ldapContextMapper() {
return new LdapUserDetailsContextMapper();
}
@Configuration @EnableRedisHttpSession(redisNamespace =“cms”,maxInactiveIntervalInSeconds = 14400)@ImportResource(“classpath:application-context.xml”)公共类SessionRepositoryConfig扩展AbstractHttpSessionApplicationInitializer {
@Autowired
Configuration config;
@Bean
public JedisConnectionFactory connectionFactory() {
List<String> clusterNodes = Arrays.asList(config.get("redis.cluster.session"));
return new JedisConnectionFactory(new RedisClusterConfiguration(clusterNodes));
}
1 回答
做了很多挖掘 . 令人惊讶的是,logback配置导致了这个问题 . 一旦正确配置了实例的logback xml,问题就消失了 .
不确定logback如何与此相关 . 但上面的解决方案工作得非常好 .
谢谢