无法使用spring oauth对oauth2服务器进行身份验证

时间:2015-08-04 08:21:50

标签: java spring oauth-2.0 spring-boot

我正在尝试运行Dave Syer(https://github.com/spring-cloud-samples/authserverhttps://github.com/spring-cloud-samples/sso)编写的示例,而不使用JWT转换器(以及带证书的签名过程)。

当我按原样运行它时,样本工作正常,带有证书和密钥。但是当我删除所有证书和密钥时,我无法进行身份验证!

我修改了以下代码:

@Configuration
@ComponentScan
@EnableAutoConfiguration
@Controller
@SessionAttributes("authorizationRequest")
public class AuthserverApplication extends WebMvcConfigurerAdapter {

public static void main(String[] args) {
    SpringApplication.run(AuthserverApplication.class, args);
}

@Override
public void addViewControllers(ViewControllerRegistry registry) {
    registry.addViewController("/login").setViewName("login");
    registry.addViewController("/oauth/confirm_access").setViewName("authorize");
}

@Configuration
@Order(ManagementServerProperties.ACCESS_OVERRIDE_ORDER)
protected static class LoginConfig extends WebSecurityConfigurerAdapter {

    @Autowired
    private AuthenticationManager authenticationManager;

    @Override
    protected void configure(HttpSecurity http) throws Exception {
        http.formLogin().loginPage("/login").permitAll().and().authorizeRequests()
                .anyRequest().authenticated();
    }

    @Override
    protected void configure(AuthenticationManagerBuilder auth) throws Exception {
        auth.parentAuthenticationManager(authenticationManager);
    }
}

@Configuration
@EnableAuthorizationServer
protected static class OAuth2Config extends AuthorizationServerConfigurerAdapter {

    @Autowired
    private AuthenticationManager authenticationManager;

    /*
    @Bean
    public JwtAccessTokenConverter jwtAccessTokenConverter() {
        JwtAccessTokenConverter converter = new JwtAccessTokenConverter();
        KeyPair keyPair = new KeyStoreKeyFactory(
                new ClassPathResource("keystore.jks"), "foobar".toCharArray())
                .getKeyPair("test");
        converter.setKeyPair(keyPair);
        return converter;
    }
    */

    @Override
    public void configure(ClientDetailsServiceConfigurer clients) throws Exception {
        clients.inMemory()
                .withClient("acme")
                .secret("acmesecret")
                .authorizedGrantTypes("authorization_code", "refresh_token", "password")
                .scopes("openid")
                .autoApprove(true);
                ;
    }

    @Override
    public void configure(AuthorizationServerEndpointsConfigurer endpoints)
            throws Exception {
        //endpoints.authenticationManager(authenticationManager).accessTokenConverter(jwtAccessTokenConverter());
        endpoints.authenticationManager(authenticationManager);
    }

    @Override
    public void configure(AuthorizationServerSecurityConfigurer oauthServer)
            throws Exception {
        oauthServer.tokenKeyAccess("permitAll()").checkTokenAccess("isAuthenticated()");
    }
}
}

application.properties:

server.contextPath=/uaa
security.user.password=password
security.ignored=/css/**,/js/**,/favicon.ico,/webjars/**
logging.level.org.springframework.security=DEBUG

以下是客户代码:

@Configuration
@ComponentScan
@EnableAutoConfiguration
@RestController
@RequestMapping("/dashboard")
public class SsoApplication {

@RequestMapping("/message")
public Map<String, Object> dashboard() {
    return Collections.<String, Object> singletonMap("message", "Yay!");
}

@RequestMapping("/user")
public Principal user(Principal user) {
    return user;
}

public static void main(String[] args) {
    SpringApplication.run(SsoApplication.class, args);
}

@Controller
public static class LoginErrors {
    @RequestMapping("/dashboard/login")
    public String dashboard() {
        return "redirect:/#/";
    }
}

@Component
@EnableOAuth2Sso
public static class LoginConfigurer extends WebSecurityConfigurerAdapter {

    @Override
    public void configure(HttpSecurity http) throws Exception {
        http.antMatcher("/dashboard/**").authorizeRequests().anyRequest()
                .authenticated().and().csrf()
                .csrfTokenRepository(csrfTokenRepository()).and()
                .addFilterAfter(csrfHeaderFilter(), CsrfFilter.class)
                .logout().logoutUrl("/dashboard/logout").permitAll()
                .logoutSuccessUrl("/");
    }

    private Filter csrfHeaderFilter() {
        return new OncePerRequestFilter() {
            @Override
            protected void doFilterInternal(HttpServletRequest request,
                    HttpServletResponse response, FilterChain filterChain)
                    throws ServletException, IOException {
                CsrfToken csrf = (CsrfToken) request
                        .getAttribute(CsrfToken.class.getName());
                if (csrf != null) {
                    Cookie cookie = new Cookie("XSRF-TOKEN",
                            csrf.getToken());
                    cookie.setPath("/");
                    response.addCookie(cookie);
                }
                filterChain.doFilter(request, response);
            }
        };
    }

    private CsrfTokenRepository csrfTokenRepository() {
        HttpSessionCsrfTokenRepository repository = new HttpSessionCsrfTokenRepository();
        repository.setHeaderName("X-XSRF-TOKEN");
        return repository;
    }
}
}

application.yml:

debug:
server:
port: 9999

security:
user:
password: user
ignored: /,/favicon.ico,/index.html,/home.html,/dashboard.html,/js/**,/css/**,/webjars/**
sessions: ALWAYS
oauth2:
 sso:
  loginPath: /dashboard/login
management:
security:
 role: HERO

logging:
 level:
  org.springframework.security: DEBUG
  com.netflix.discovery: 'OFF'

---
spring:
 profiles: default
security:
 oauth2:
  client:
   accessTokenUri: http://localhost:8080/uaa/oauth/token
   userAuthorizationUri: http://localhost:8080/uaa/oauth/authorize
   clientId: acme
   clientSecret: acmesecret
  resource:
#      jwt:
#        keyValue: |
#          -----BEGIN PUBLIC KEY-----
#            MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnGp/Q5lh0P8nPL21oMMrt2RrkT9AW5jgYwLfSUnJVc9G6uR3cXRRDCjHqWU5WYwivcF180A6CWp/ireQFFBNowgc5XaA0kPpzEtgsA5YsNX7iSnUibB004iBTfU9hZ2Rbsc8cWqynT0RyN4TP1RYVSeVKvMQk4GT1r7JCEC+TNu1ELmbNwMQyzKjsfBXyIOCFU/E94ktvsTZUHF4Oq44DBylCDsS1k7/sfZC2G5EU7Oz0mhG8+Uz6MSEQHtoIi6mc8u64Rwi3Z3tscuWG2ShtsUFuNSAFNkY7LkLn+/hxLCu2bNISMaESa8dG22CIMuIeRLVcAmEWEWH5EEforTg+QIDAQAB
#          -----END PUBLIC KEY-----
   id: openid
#      serviceId: ${PREFIX:}resource
   userInfoUri: http://localhost:8080/uaa/oauth/user
   preferTokenInfo: false

当我运行它时,我收到一条“Whitelabel错误页面”,其中显示消息“无法从令牌获取用户详细信息。

Whitelabel Error Page

This application has no explicit mapping for /error, so you are seeing this as a fallback.

Tue Aug 04 09:48:49 CEST 2015
There was an unexpected error (type=Unauthorized, status=401).
Authentication Failed: Could not obtain user details from token

控制台记录:

  

2015-08-04 09:48:04.998 DEBUG 15152 --- [nio-9999-exec-1] o.s.s.w.u.matcher.AntPathRequestMatcher:检查请求的匹配:'/';反对 '/'   2015-08-04 09:48:04.998 DEBUG 15152 --- [nio-9999-exec-1] o.s.security.web.FilterChainProxy:/有一个空的过滤列表

 >2015-08-04 09:48:05.855 DEBUG 15152 --- [nio-9999-exec-5] o.s.b.a.e.mvc.EndpointHandlerMapping     : Looking up handler method for path /home.html
 >2015-08-04 09:48:05.855 DEBUG 15152 --- [nio-9999-exec-5] o.s.b.a.e.mvc.EndpointHandlerMapping     : Did not find handler method for [/home.html]
 >2015-08-04 09:48:05.858 DEBUG 15152 --- [nio-9999-exec-2] o.s.security.web.FilterChainProxy        : /dashboard/user at position 6 of 13 in additional filter chain; firing Filter: 'LogoutFilter'
 >2015-08-04 09:48:05.858 DEBUG 15152 --- [nio-9999-exec-2] o.s.s.w.u.matcher.AntPathRequestMatcher  : Request 'GET /dashboard/user' doesn't match 'POST /dashboard/logout
 >2015-08-04 09:48:05.858 DEBUG 15152 --- [nio-9999-exec-2] o.s.security.web.FilterChainProxy        : /dashboard/user at position 7 of 13 in additional filter chain; firing Filter: 'OAuth2ClientAuthenticationProcessingFilter'
 >2015-08-04 09:48:05.858 DEBUG 15152 --- [nio-9999-exec-2] o.s.s.w.u.matcher.AntPathRequestMatcher  : Checking match of request : '/dashboard/user'; against '/dashboard/login'
 >2015-08-04 09:48:05.858 DEBUG 15152 --- [nio-9999-exec-2] o.s.security.web.FilterChainProxy        : /dashboard/user at position 8 of 13 in additional filter chain; firing Filter: 'RequestCacheAwareFilter'
 >2015-08-04 09:48:05.858 DEBUG 15152 --- [nio-9999-exec-2] o.s.security.web.FilterChainProxy        : /dashboard/user at position 9 of 13 in additional filter chain; firing Filter: 'SecurityContextHolderAwareRequestFilter'
 >2015-08-04 09:48:05.859 DEBUG 15152 --- [nio-9999-exec-2] o.s.security.web.FilterChainProxy        : /dashboard/user at position 10 of 13 in additional filter chain; firing Filter: 'AnonymousAuthenticationFilter'
 >2015-08-04 09:48:05.859 DEBUG 15152 --- [nio-9999-exec-2] o.s.s.w.a.AnonymousAuthenticationFilter  : Populated SecurityContextHolder with anonymous token: 'org.springframework.security.authentication.AnonymousAuthenticationToken@9056f12c: Principal: anonymousUser; Credentials: [PROTECTED]; Authenticated: true; Details: org.springframework.security.web.authentication.WebAuthenticationDetails@380f4: RemoteIpAddress: 0:0:0:0:0:0:0:1; SessionId: 727CB5F626A106EBEDF8C86823DA98BA; Granted Authorities: ROLE_ANONYMOUS'
 >2015-08-04 09:48:05.859 DEBUG 15152 --- [nio-9999-exec-2] o.s.security.web.FilterChainProxy        : /dashboard/user at position 11 of 13 in additional filter chain; firing Filter: 'SessionManagementFilter'
 >2015-08-04 09:48:05.859 DEBUG 15152 --- [nio-9999-exec-2] o.s.security.web.FilterChainProxy        : /dashboard/user at position 12 of 13 in additional filter chain; firing Filter: 'ExceptionTranslationFilter'
 >2015-08-04 09:48:05.859 DEBUG 15152 --- [nio-9999-exec-2] o.s.security.web.FilterChainProxy        : /dashboard/user at position 13 of 13 in additional filter chain; firing Filter: 'FilterSecurityInterceptor'
 >2015-08-04 09:48:05.859 DEBUG 15152 --- [nio-9999-exec-2] o.s.s.w.u.matcher.AntPathRequestMatcher  : Request 'GET /dashboard/user' doesn't match 'POST /dashboard/logout
 >2015-08-04 09:48:05.859 DEBUG 15152 --- [nio-9999-exec-2] o.s.s.w.a.i.FilterSecurityInterceptor    : Secure object: FilterInvocation: URL: /dashboard/user; Attributes: [authenticated]
 >2015-08-04 09:48:05.859 DEBUG 15152 --- [nio-9999-exec-2] o.s.s.w.a.i.FilterSecurityInterceptor    : Previously Authenticated: org.springframework.security.authentication.AnonymousAuthenticationToken@9056f12c: Principal: anonymousUser; Credentials: [PROTECTED]; Authenticated: true; Details: org.springframework.security.web.authentication.WebAuthenticationDetails@380f4: RemoteIpAddress: 0:0:0:0:0:0:0:1; SessionId: 727CB5F626A106EBEDF8C86823DA98BA; Granted Authorities: ROLE_ANONYMOUS
 >2015-08-04 09:48:05.859 DEBUG 15152 --- [nio-9999-exec-2] o.s.s.access.vote.AffirmativeBased       : Voter: org.springframework.security.web.access.expression.WebExpressionVoter@7f2b37fb, returned: -1
 >2015-08-04 09:48:05.861 DEBUG 15152 --- [nio-9999-exec-2] o.s.b.a.audit.listener.AuditListener     : AuditEvent [timestamp=Tue Aug 04 09:48:05 CEST 2015, principal=anonymousUser, type=AUTHORIZATION_FAILURE, data={type=org.springframework.security.access.AccessDeniedException, message=Accès refusé}]
 >2015-08-04 09:48:05.862 DEBUG 15152 --- [nio-9999-exec-2] o.s.s.w.a.ExceptionTranslationFilter     : Access is denied (user is anonymous); redirecting to authentication entry point

>org.springframework.security.access.AccessDeniedException: Accès refusé
>at org.springframework.security.access.vote.AffirmativeBased.decide(AffirmativeBased.java:83)
>at org.springframework.security.access.intercept.AbstractSecurityInterceptor.beforeInvocation(AbstractSecurityInterceptor.java:232)
>at org.springframework.security.web.access.intercept.FilterSecurityInterceptor.invoke(FilterSecurityInterceptor.java:123)
>at org.springframework.security.web.access.intercept.FilterSecurityInterceptor.doFilter(FilterSecurityInterceptor.java:90)
>at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:330)
>at org.springframework.security.web.access.ExceptionTranslationFilter.doFilter(ExceptionTranslationFilter.java:114)
>at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:330)
>at org.springframework.security.web.session.SessionManagementFilter.doFilter(SessionManagementFilter.java:122)
>at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:330)
>at org.springframework.security.web.authentication.AnonymousAuthenticationFilter.doFilter(AnonymousAuthenticationFilter.java:111)
>at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:330)
>at org.springframework.security.web.servletapi.SecurityContextHolderAwareRequestFilter.doFilter(SecurityContextHolderAwareRequestFilter.java:168)
>at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:330)
>at org.springframework.security.web.savedrequest.RequestCacheAwareFilter.doFilter(RequestCacheAwareFilter.java:48)
>at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:330)
>at org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter.doFilter(AbstractAuthenticationProcessingFilter.java:205)
>at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:330)
>at org.springframework.security.web.authentication.logout.LogoutFilter.doFilter(LogoutFilter.java:120)
>at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:330)
>at demo.SsoApplication$LoginConfigurer$1.doFilterInternal(SsoApplication.java:91)
>at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107)
>at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:330)
>at org.springframework.security.web.csrf.CsrfFilter.doFilterInternal(CsrfFilter.java:96)
>at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107)
>at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:330)
>at org.springframework.security.web.header.HeaderWriterFilter.doFilterInternal(HeaderWriterFilter.java:64)
>at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107)
>at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:330)
>at org.springframework.security.web.context.SecurityContextPersistenceFilter.doFilter(SecurityContextPersistenceFilter.java:91)
>at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:330)
>at org.springframework.security.web.context.request.async.WebAsyncManagerIntegrationFilter.doFilterInternal(WebAsyncManagerIntegrationFilter.java:53)
>at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107)
>at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:330)
>at org.springframework.security.web.FilterChainProxy.doFilterInternal(FilterChainProxy.java:213)
>at org.springframework.security.web.FilterChainProxy.doFilter(FilterChainProxy.java:176)
>at org.springframework.security.oauth2.client.filter.OAuth2ClientContextFilter.doFilter(OAuth2ClientContextFilter.java:60)
>at org.springframework.web.filter.HiddenHttpMethodFilter.doFilterInternal(HiddenHttpMethodFilter.java:77)
>at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107)
>at org.springframework.web.filter.CharacterEncodingFilter.doFilterInternal(CharacterEncodingFilter.java:85)
>at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107)
>at org.springframework.boot.actuate.autoconfigure.MetricsFilter.doFilterInternal(MetricsFilter.java:69)
>at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107)
>at org.apache.coyote.http11.AbstractHttp11Processor.process(AbstractHttp11Processor.java:1091)
>at org.apache.coyote.AbstractProtocol$AbstractConnectionHandler.process(AbstractProtocol.java:668)
>at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1521)
>at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.run(NioEndpoint.java:1478)
>at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142)
>at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617)
>at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61)
>at java.lang.Thread.run(Thread.java:745)

 >2015-08-04 09:48:05.864 DEBUG 15152 --- [nio-9999-exec-2] o.s.s.w.util.matcher.AndRequestMatcher   : Trying to match using Ant [pattern='/**', GET]
 >2015-08-04 09:48:05.864 DEBUG 15152 --- [nio-9999-exec-2] o.s.s.w.u.matcher.AntPathRequestMatcher  : Request '/dashboard/user' matched by universal pattern '/**'
 >2015-08-04 09:48:05.864 DEBUG 15152 --- [nio-9999-exec-2] o.s.s.w.util.matcher.AndRequestMatcher   : Trying to match using NegatedRequestMatcher [requestMatcher=Ant [pattern='/**/favicon.ico']]
 >2015-08-04 09:48:05.864 DEBUG 15152 --- [nio-9999-exec-2] o.s.s.w.u.matcher.AntPathRequestMatcher  : Checking match of request : '/dashboard/user'; against '/**/favicon.ico'
o.s.s.w.a.ExceptionTranslationFilter     : Calling Authentication entry point.
w.c.HttpSessionSecurityContextRepository : No SecurityContext was available from the HttpSession: org.apache.catalina.session.StandardSessionFacade@7067a19. A new one will be created.
 >2015-08-04 09:48:06.108 DEBUG 15152 --- [nio-9999-exec-9] o.s.security.web.FilterChainProxy        : /dashboard/login at position 3 of 13 in additional filter chain; firing Filter: 'HeaderWriterFilter'
 >2015-08-04 09:48:06.108 DEBUG 15152 --- [nio-9999-exec-9] o.s.security.web.FilterChainProxy        : /dashboard/login at position 5 of 13 in additional filter chain; firing Filter: ''
 >2015-08-04 09:48:06.108 DEBUG 15152 --- [nio-9999-exec-9] o.s.security.web.FilterChainProxy        : /dashboard/login at position 6 of 13 in additional filter chain; firing Filter: 'LogoutFilter'
 >2015-08-04 09:48:06.108 DEBUG 15152 --- [nio-9999-exec-9] o.s.s.w.u.matcher.AntPathRequestMatcher  : Request 'GET /dashboard/login' doesn't match 'POST /dashboard/logout
 >2015-08-04 09:48:06.109 DEBUG 15152 --- [nio-9999-exec-9] o.s.security.web.FilterChainProxy        : /dashboard/login at position 7 of 13 in additional filter chain; firing Filter: 'OAuth2ClientAuthenticationProcessingFilter'
 >2015-08-04 09:48:06.109 DEBUG 15152 --- [nio-9999-exec-9] o.s.s.w.u.matcher.AntPathRequestMatcher  : Checking match of request : '/dashboard/login'; against '/dashboard/login'
 >2015-08-04 09:48:06.109 DEBUG 15152 --- [nio-9999-exec-9] uth2ClientAuthenticationProcessingFilter : Request is to process authentication
 >2015-08-04 09:48:06.110 DEBUG 15152 --- [nio-9999-exec-9] w.c.HttpSessionSecurityContextRepository : SecurityContext is empty or contents are anonymous - context will not be stored in HttpSession.
 >2015-08-04 09:48:06.110 DEBUG 15152 --- [nio-9999-exec-9] s.s.w.c.SecurityContextPersistenceFilter : SecurityContextHolder now cleared, as request processing completed
 >2015-08-04 09:48:06.110 DEBUG 15152 --- [nio-9999-exec-9] o.s.s.web.DefaultRedirectStrategy        : Redirecting to 'http://localhost:8080/uaa/oauth/authorize?client_id=acme&redirect_uri=http://localhost:9999/dashboard/login&response_type=code&state=Q5u4sk'
 >2015-08-04 09:48:27.258 DEBUG 15152 --- [io-9999-exec-10] o.s.security.web.FilterChainProxy        : /dashboard/login at position 1 of 13 in additional filter chain; firing Filter: 'WebAsyncManagerIntegrationFilter'
 >2015-08-04 09:48:27.258 DEBUG 15152 --- [io-9999-exec-10] o.s.security.web.FilterChainProxy        : /dashboard/login at position 2 of 13 in additional filter chain; firing Filter: 'SecurityContextPersistenceFilter'
 >2015-08-04 09:48:27.258 DEBUG 15152 --- [io-9999-exec-10] w.c.HttpSessionSecurityContextRepository : HttpSession returned null object for SPRING_SECURITY_CONTEXT
 >2015-08-04 09:48:27.258 DEBUG 15152 --- [io-9999-exec-10] w.c.HttpSessionSecurityContextRepository : No SecurityContext was available from the HttpSession: org.apache.catalina.session.StandardSessionFacade@7067a19. A new one will be created.
 >2015-08-04 09:48:27.258 DEBUG 15152 --- [io-9999-exec-10] o.s.security.web.FilterChainProxy        : /dashboard/login at position 3 of 13 in additional filter chain; firing Filter: 'HeaderWriterFilter'
 >2015-08-04 09:48:27.258 DEBUG 15152 --- [io-9999-exec-10] o.s.s.w.header.writers.HstsHeaderWriter  : Not injecting HSTS header since it did not match the requestMatcher org.springframework.security.web.header.writers.HstsHeaderWriter$SecureRequestMatcher@13e431af
 >2015-08-04 09:48:27.258 DEBUG 15152 --- [io-9999-exec-10] o.s.security.web.FilterChainProxy        : /dashboard/login at position 4 of 13 in additional filter chain; firing Filter: 'CsrfFilter'
 >2015-08-04 09:48:27.258 DEBUG 15152 --- [io-9999-exec-10] o.s.security.web.FilterChainProxy        : /dashboard/login at position 5 of 13 in additional filter chain; firing Filter: ''
 >2015-08-04 09:48:27.258 DEBUG 15152 --- [io-9999-exec-10] o.s.security.web.FilterChainProxy        : /dashboard/login at position 6 of 13 in additional filter chain; firing Filter: 'LogoutFilter'
 >2015-08-04 09:48:27.258 DEBUG 15152 --- [io-9999-exec-10] o.s.s.w.u.matcher.AntPathRequestMatcher  : Request 'GET /dashboard/login' doesn't match 'POST /dashboard/logout
 >2015-08-04 09:48:27.258 DEBUG 15152 --- [io-9999-exec-10] o.s.security.web.FilterChainProxy        : /dashboard/login at position 7 of 13 in additional filter chain; firing Filter: 'OAuth2ClientAuthenticationProcessingFilter'
 >2015-08-04 09:48:27.258 DEBUG 15152 --- [io-9999-exec-10] o.s.s.w.u.matcher.AntPathRequestMatcher  : Checking match of request : '/dashboard/login'; against '/dashboard/login'
 >2015-08-04 09:48:27.258 DEBUG 15152 --- [io-9999-exec-10] uth2ClientAuthenticationProcessingFilter : Request is to process authentication
 >2015-08-04 09:48:27.260 DEBUG 15152 --- [io-9999-exec-10] w.c.HttpSessionSecurityContextRepository : SecurityContext is empty or contents are anonymous - context will not be stored in HttpSession.
 >2015-08-04 09:48:27.261 DEBUG 15152 --- [io-9999-exec-10] s.s.w.c.SecurityContextPersistenceFilter : SecurityContextHolder now cleared, as request processing completed
 >2015-08-04 09:48:27.261 DEBUG 15152 --- [io-9999-exec-10] o.s.s.web.DefaultRedirectStrategy        : Redirecting to 'http://localhost:8080/uaa/oauth/authorize?client_id=acme&redirect_uri=http://localhost:9999/dashboard/login&response_type=code&state=QT2drI'
 >2015-08-04 09:48:49.878 DEBUG 15152 --- [nio-9999-exec-7] o.s.security.web.FilterChainProxy        : /dashboard/login?code=oAbBeG&state=QT2drI at position 1 of 13 in additional filter chain; firing Filter: 'WebAsyncManagerIntegrationFilter'
 >2015-08-04 09:48:49.878 DEBUG 15152 --- [nio-9999-exec-7] o.s.security.web.FilterChainProxy        : /dashboard/login?code=oAbBeG&state=QT2drI at position 2 of 13 in additional filter chain; firing Filter: 'SecurityContextPersistenceFilter'
 >2015-08-04 09:48:49.878 DEBUG 15152 --- [nio-9999-exec-7] w.c.HttpSessionSecurityContextRepository : HttpSession returned null object for SPRING_SECURITY_CONTEXT
 >2015-08-04 09:48:49.878 DEBUG 15152 --- [nio-9999-exec-7] w.c.HttpSessionSecurityContextRepository : No SecurityContext was available from the HttpSession: org.apache.catalina.session.StandardSessionFacade@7067a19. A new one will be created.
 >2015-08-04 09:48:49.878 DEBUG 15152 --- [nio-9999-exec-7] o.s.security.web.FilterChainProxy        : /dashboard/login?code=oAbBeG&state=QT2drI at position 3 of 13 in additional filter chain; firing Filter: 'HeaderWriterFilter'
 >2015-08-04 09:48:49.878 DEBUG 15152 --- [nio-9999-exec-7] o.s.s.w.header.writers.HstsHeaderWriter  : Not injecting HSTS header since it did not match the requestMatcher org.springframework.security.web.header.writers.HstsHeaderWriter$SecureRequestMatcher@13e431af
 >2015-08-04 09:48:49.878 DEBUG 15152 --- [nio-9999-exec-7] o.s.security.web.FilterChainProxy        : /dashboard/login?code=oAbBeG&state=QT2drI at position 4 of 13 in additional filter chain; firing Filter: 'CsrfFilter'
 >2015-08-04 09:48:49.878 DEBUG 15152 --- [nio-9999-exec-7] o.s.security.web.FilterChainProxy        : /dashboard/login?code=oAbBeG&state=QT2drI at position 5 of 13 in additional filter chain; firing Filter: ''
 >2015-08-04 09:48:49.879 DEBUG 15152 --- [nio-9999-exec-7] o.s.security.web.FilterChainProxy        : /dashboard/login?code=oAbBeG&state=QT2drI at position 6 of 13 in additional filter chain; firing Filter: 'LogoutFilter'
 >2015-08-04 09:48:49.879 DEBUG 15152 --- [nio-9999-exec-7] o.s.s.w.u.matcher.AntPathRequestMatcher  : Request 'GET /dashboard/login' doesn't match 'POST /dashboard/logout
 >2015-08-04 09:48:49.879 DEBUG 15152 --- [nio-9999-exec-7] o.s.security.web.FilterChainProxy        : /dashboard/login?code=oAbBeG&state=QT2drI at position 7 of 13 in additional filter chain; firing Filter: 'OAuth2ClientAuthenticationProcessingFilter'
 >2015-08-04 09:48:49.879 DEBUG 15152 --- [nio-9999-exec-7] o.s.s.w.u.matcher.AntPathRequestMatcher  : Checking match of request : '/dashboard/login'; against '/dashboard/login'
 >2015-08-04 09:48:49.879 DEBUG 15152 --- [nio-9999-exec-7] uth2ClientAuthenticationProcessingFilter : Request is to process authentication
 >2015-08-04 09:48:49.880 DEBUG 15152 --- [nio-9999-exec-7] g.c.AuthorizationCodeAccessTokenProvider : Retrieving token from http://localhost:8080/uaa/oauth/token
 >2015-08-04 09:48:49.881 DEBUG 15152 --- [nio-9999-exec-7] g.c.AuthorizationCodeAccessTokenProvider : Encoding and sending form: {grant_type=[authorization_code], code=[oAbBeG], redirect_uri=[http://localhost:9999/dashboard/login]}
 >2015-08-04 09:48:49.906  INFO 15152 --- [nio-9999-exec-7] o.s.b.a.s.o.r.UserInfoTokenServices      : Getting user info from: http://localhost:8080/uaa/oauth/user
 >2015-08-04 09:48:49.927 DEBUG 15152 --- [nio-9999-exec-7] o.s.s.oauth2.client.OAuth2RestTemplate   : Created GET request for "http://localhost:8080/uaa/oauth/user"
 >2015-08-04 09:48:49.928 DEBUG 15152 --- [nio-9999-exec-7] o.s.s.oauth2.client.OAuth2RestTemplate   : Setting request Accept header to [application/json, application/*+json]
 >2015-08-04 09:48:49.952 DEBUG 15152 --- [nio-9999-exec-7] o.s.s.oauth2.client.OAuth2RestTemplate   : GET request for "http://localhost:8080/uaa/oauth/user" resulted in 200 (OK)
 >2015-08-04 09:48:49.953  INFO 15152 --- [nio-9999-exec-7] o.s.b.a.s.o.r.UserInfoTokenServices      : Could not fetch user details: class org.springframework.web.client.RestClientException, Could not extract response: no suitable HttpMessageConverter found for response type [interface java.util.Map] and content type [text/html;charset=UTF-8]
 >2015-08-04 09:48:49.953 DEBUG 15152 --- [nio-9999-exec-7] o.s.b.a.s.o.r.UserInfoTokenServices      : userinfo returned error: Could not fetch user details
 >2015-08-04 09:48:49.953 DEBUG 15152 --- [nio-9999-exec-7] uth2ClientAuthenticationProcessingFilter : Authentication request failed: org.springframework.security.authentication.BadCredentialsException: Could not obtain user details from token
 >2015-08-04 09:48:49.953 DEBUG 15152 --- [nio-9999-exec-7] uth2ClientAuthenticationProcessingFilter : Updated SecurityContextHolder to contain null Authentication
 >2015-08-04 09:48:49.953 DEBUG 15152 --- [nio-9999-exec-7] uth2ClientAuthenticationProcessingFilter : Delegating to authentication failure handler org.springframework.security.web.authentication.SimpleUrlAuthenticationFailureHandler@44cb6589
 >2015-08-04 09:48:49.953 DEBUG 15152 --- [nio-9999-exec-7] .a.SimpleUrlAuthenticationFailureHandler : No failure URL set, sending 401 Unauthorized error
 >2015-08-04 09:48:49.953 DEBUG 15152 --- [nio-9999-exec-7] w.c.HttpSessionSecurityContextRepository : SecurityContext is empty or contents are anonymous - context will not be stored in HttpSession.
 >2015-08-04 09:48:49.953 DEBUG 15152 --- [nio-9999-exec-7] s.s.w.c.SecurityContextPersistenceFilter : SecurityContextHolder now cleared, as request processing completed
 >2015-08-04 09:48:49.954 DEBUG 15152 --- [nio-9999-exec-7] o.s.b.a.e.mvc.EndpointHandlerMapping     : Looking up handler method for path /error
 >2015-08-04 09:48:49.954 DEBUG 15152 --- [nio-9999-exec-7] o.s.b.a.e.mvc.EndpointHandlerMapping     : Did not find handler method for [/error]

任何提示我做错了什么?

提前致谢

1 个答案:

答案 0 :(得分:1)

日志显示您的用户信息终结点存在问题。 “http://localhost:8080/uaa/oauth/user”的GET请求成功但返回HTML(应为JSON)。