我正在使用XML编号的Spring Social Security通过Google和Facebook对用户进行身份验证。
一切正常但几个小时后它就会停止工作,用户无法使用社交登录进行身份验证。我不知道为什么 GET
请求(Google示例)https://www.googleapis.com/plus/v1/people/me给我一个400
错误请求,并将用户重定向到/signin
我的redirect_uri
。
如果我重新启动我的Tomcat服务器,社交登录身份验证会在几个小时内再次运行。现在我已经配置了一个crontab来每小时重新启动我的服务器,但我不认为它是好的溶液
我有两个supossals:
1)问题是与过期令牌有关的问题,我应该处理Exception并重新认证抛出ConnectController流程。但我不知道该怎么做。有什么想法吗?
2)问题与我的inMemoryUsersConnectionRepository
有关,当我restart
服务器并再次工作时,该问题就会清除。
弹簧security.xml文件
<beans:beans xmlns="http://www.springframework.org/schema/security"
xmlns:beans="http://www.springframework.org/schema/beans" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://www.springframework.org/schema/beans
http://www.springframework.org/schema/beans/spring-beans-3.0.xsd
http://www.springframework.org/schema/security
http://www.springframework.org/schema/security/spring-security.xsd">
<beans:import resource="spring-web-servlet.xml" />
<authentication-manager alias="authenticationManager">
<authentication-provider user-service-ref="customUserDetailsService">
<password-encoder ref="encoder" />
</authentication-provider>
<authentication-provider ref="socialAuthenticationProvider" />
</authentication-manager>
<!-- social login filter which is a pre authentication filter and works
for /auth service url -->
<beans:bean id="socialAuthenticationFilter" name="socialAuthenticationFilter"
class="org.springframework.social.security.SocialAuthenticationFilter">
<beans:constructor-arg name="authManager"
ref="authenticationManager" />
<beans:constructor-arg name="userIdSource" ref="userIdSource" />
<beans:constructor-arg name="usersConnectionRepository"
ref="inMemoryUsersConnectionRepository" />
<beans:constructor-arg name="authServiceLocator"
ref="appSocialAuthenticationServiceRegistry" />
<beans:property name="authenticationSuccessHandler"
ref="successHandler" />
</beans:bean>
<beans:bean id="successHandler" class="com.ejemplo.social.AppSuccessHandler" />
<beans:bean id="failureHandler"
class="org.springframework.security.web.authentication.SimpleUrlAuthenticationFailureHandler" />
<beans:bean
class="org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter"
id="SecurityAuthFilter">
<beans:property name="authenticationManager" ref="authenticationManager" />
<beans:property name="authenticationSuccessHandler"
ref="successHandler" />
<beans:property name="authenticationFailureHandler"
ref="failureHandler" />
<beans:property name="filterProcessesUrl" value="/j_spring_security_check" />
<beans:property name="rememberMeServices" ref="rememberMeServices" />
</beans:bean>
<beans:bean id="authenticationProcessingFilter"
class="org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter">
<beans:property name="rememberMeServices" ref="rememberMeServices" />
<beans:property name="authenticationManager" ref="authenticationManager" />
<beans:property name="filterProcessesUrl" value="/?iniciar" />
<beans:property name="authenticationSuccessHandler">
<beans:bean
class="org.springframework.security.web.authentication.SavedRequestAwareAuthenticationSuccessHandler">
<beans:property name="defaultTargetUrl" value="/dentro" />
</beans:bean>
</beans:property>
<beans:property name="authenticationFailureHandler">
<beans:bean
class="org.springframework.security.web.authentication.SimpleUrlAuthenticationFailureHandler">
<beans:property name="defaultFailureUrl" value="/?error" />
</beans:bean>
</beans:property>
</beans:bean>
<http auto-config="true" use-expressions="true">
<csrf disabled="true" />
<intercept-url pattern="/inicio" access="permitAll" />
<form-login login-page="/?iniciar" default-target-url="/exist-usuario"
authentication-failure-url="/?error" username-parameter="j_username"
password-parameter="j_password" />
<logout logout-url="/logout" logout-success-url="/?logout"
invalidate-session="true" delete-cookies="JSESSIONID, TOKEN_KEY" />
<remember-me user-service-ref="customUserDetailsService"
key="TOKEN_KEY" />
<headers disabled="true" />
<!-- Adds social authentication filter to the Spring Security filter chain. -->
<custom-filter before="PRE_AUTH_FILTER" ref="socialAuthenticationFilter" />
<custom-filter before="FORM_LOGIN_FILTER" ref="SecurityAuthFilter" />
</http>
<beans:bean id="rememberMeServices"
class="org.springframework.security.web.authentication.rememberme.TokenBasedRememberMeServices">
<beans:constructor-arg name="key" value="TOKEN_KEY" />
<beans:constructor-arg name="userDetailsService"
ref="customUserDetailsService" />
<beans:property name="tokenValiditySeconds" value="30000"></beans:property>
<beans:property name="parameter" value="remember-me" />
</beans:bean>
<beans:bean id="customUserDetailsService"
class="com.ejemplo.security.CustomUserDetailsService">
</beans:bean>
<beans:bean id="customSocialUserDetailsService"
class="com.ejemplo.social.CustomSocialUserDetailsService" />
<beans:bean id="userIdSource"
class="org.springframework.social.security.AuthenticationNameUserIdSource" />
<beans:bean id="socialAuthenticationProvider"
class="org.springframework.social.security.SocialAuthenticationProvider">
<beans:constructor-arg ref="inMemoryUsersConnectionRepository" />
<beans:constructor-arg ref="customSocialUserDetailsService" />
</beans:bean>
<!-- inmemory connection repository which holds connection repository per
local user -->
<beans:bean id="inMemoryUsersConnectionRepository"
class="org.springframework.social.connect.mem.InMemoryUsersConnectionRepository">
<beans:constructor-arg name="connectionFactoryLocator"
ref="appSocialAuthenticationServiceRegistry" />
<beans:property name="connectionSignUp" ref="connectionSignUp" />
</beans:bean>
<!-- If no local user is associated to a social connection then connection
sign up will create a new local user and map it to social user -->
<beans:bean id="connectionSignUp" class="com.ejemplo.social.AppConnectionSignUp" />
<!-- service registry will holds connection factory of each social provider -->
<beans:bean id="appSocialAuthenticationServiceRegistry"
class="com.ejemplo.social.AppSocialAuthenticationServiceRegistry">
<beans:constructor-arg>
<beans:list>
<beans:ref bean="facebookAuthenticationService" />
<!-- <beans:ref bean="twitterAuthenticationService" /> -->
<beans:ref bean="googleAuthenticationService" />
</beans:list>
</beans:constructor-arg>
</beans:bean>
<beans:bean id="facebookAuthenticationService"
class="org.springframework.social.facebook.security.FacebookAuthenticationService">
<beans:constructor-arg name="apiKey"
value="${app.config.oauth.facebook.apikey}" />
<beans:constructor-arg name="appSecret"
value="${app.config.oauth.facebook.apisecret}" />
</beans:bean>
<beans:bean id="googleAuthenticationService"
class="org.springframework.social.google.security.GoogleAuthenticationService">
<beans:constructor-arg name="apiKey"
value="${app.config.oauth.google.apikey}" />
<beans:constructor-arg name="appSecret"
value="${app.config.oauth.google.apisecret}" />
</beans:bean>
<beans:bean id="encoder"
class="org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder" />
<!-- Enable the annotations for defining the secure role -->
<beans:bean id="expressionHandler"
class="org.springframework.security.access.expression.method.DefaultMethodSecurityExpressionHandler" />
<global-method-security pre-post-annotations="enabled">
<expression-handler ref="expressionHandler" />
</global-method-security>
的web.xml
<filter>
<filter-name>springSecurityFilterChain</filter-name>
<filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
</filter>
<filter-mapping>
<filter-name>springSecurityFilterChain</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
的pom.xml
<properties>
<jdk.version>1.8</jdk.version>
<spring.version>4.3.0.RELEASE</spring.version>
<spring.security.version>4.0.2.RELEASE</spring.security.version>
<spring.social.version>1.1.4.RELEASE</spring.social.version>
<jstl.version>1.2</jstl.version>
<log4j.version>1.2.17</log4j.version>
<slf4j.version>1.6.1</slf4j.version>
</properties>
引入了menu.jsp
<h4>Iniciar sesión con:</h4>
<a href="<c:url value='../auth/facebook?scope=email' />"
rel="nofollow"
class="btn-facebook"> <i
class="zmdi zmdi-facebook"></i> Facebook
</a> <a href="<c:url value='../auth/google?scope=email' />"
rel="nofollow" class="btn-google">
<i class="zmdi zmdi-google"></i> Google
</a>
application.properties
app.config.oauth.facebook.apikey=******
app.config.oauth.facebook.apisecret=******
app.config.oauth.twitter.apikey=******
app.config.oauth.twitter.apisecret=******
app.config.oauth.google.apikey=******
app.config.oauth.google.apisecret=******
日志
DEBUG 2018-02-18 23:37:52,713 [ajp-bio-8009-exec-3] org.springframework.security.web.FilterChainProxy - /auth/google?scope=email at position 1 of 14 in additional filter chain; firing Filter: 'SecurityContextPersistenceFilter'
DEBUG 2018-02-18 23:37:52,713 [ajp-bio-8009-exec-3] org.springframework.security.web.FilterChainProxy - /auth/google?scope=email at position 2 of 14 in additional filter chain; firing Filter: 'WebAsyncManagerIntegrationFilter'
DEBUG 2018-02-18 23:37:52,713 [ajp-bio-8009-exec-3] org.springframework.security.web.FilterChainProxy - /auth/google?scope=email at position 3 of 14 in additional filter chain; firing Filter: 'LogoutFilter'
DEBUG 2018-02-18 23:37:52,713 [ajp-bio-8009-exec-3] org.springframework.security.web.FilterChainProxy - /auth/google?scope=email at position 4 of 14 in additional filter chain; firing Filter: 'SocialAuthenticationFilter'
DEBUG 2018-02-18 23:37:52,713 [ajp-bio-8009-exec-3] org.springframework.social.security.SocialAuthenticationFilter - Request is to process authentication
DEBUG 2018-02-18 23:37:52,714 [ajp-bio-8009-exec-3] org.springframework.social.security.SocialAuthenticationFilter - Authentication request failed: org.springframework.social.security.SocialAuthenticationRedirectException:
DEBUG 2018-02-18 23:37:52,714 [ajp-bio-8009-exec-3] org.springframework.social.security.SocialAuthenticationFilter - Updated SecurityContextHolder to contain null Authentication
DEBUG 2018-02-18 23:37:52,714 [ajp-bio-8009-exec-3] org.springframework.social.security.SocialAuthenticationFilter - Delegating to authentication failure handler org.springframework.social.security.SocialAuthenticationFailureHandler@22ad613b
DEBUG 2018-02-18 23:37:52,909 [ajp-bio-8009-exec-3] org.springframework.security.web.FilterChainProxy - /auth/google?state=63c3ac35-e0f3-46b7-9887-d8932c6b0034&code=4/AADVb20K49mFatQ8hDxLtqLlvz8LSsD4IHB2ciufaR46gzPrJr1RUoJmw1QM_Zb4pc7ruZ9snU1-IdOg2SnGu34 at position 1 of 14 in additional filter chain; firing Filter: 'SecurityContextPersistenceFilter'
DEBUG 2018-02-18 23:37:52,909 [ajp-bio-8009-exec-3] org.springframework.security.web.FilterChainProxy - /auth/google?state=63c3ac35-e0f3-46b7-9887-d8932c6b0034&code=4/AADVb20K49mFatQ8hDxLtqLlvz8LSsD4IHB2ciufaR46gzPrJr1RUoJmw1QM_Zb4pc7ruZ9snU1-IdOg2SnGu34 at position 2 of 14 in additional filter chain; firing Filter: 'WebAsyncManagerIntegrationFilter'
DEBUG 2018-02-18 23:37:52,909 [ajp-bio-8009-exec-3] org.springframework.security.web.FilterChainProxy - /auth/google?state=63c3ac35-e0f3-46b7-9887-d8932c6b0034&code=4/AADVb20K49mFatQ8hDxLtqLlvz8LSsD4IHB2ciufaR46gzPrJr1RUoJmw1QM_Zb4pc7ruZ9snU1-IdOg2SnGu34 at position 3 of 14 in additional filter chain; firing Filter: 'LogoutFilter'
DEBUG 2018-02-18 23:37:52,909 [ajp-bio-8009-exec-3] org.springframework.security.web.FilterChainProxy - /auth/google?state=63c3ac35-e0f3-46b7-9887-d8932c6b0034&code=4/AADVb20K49mFatQ8hDxLtqLlvz8LSsD4IHB2ciufaR46gzPrJr1RUoJmw1QM_Zb4pc7ruZ9snU1-IdOg2SnGu34 at position 4 of 14 in additional filter chain; firing Filter: 'SocialAuthenticationFilter'
DEBUG 2018-02-18 23:37:52,909 [ajp-bio-8009-exec-3] org.springframework.social.security.SocialAuthenticationFilter - Request is to process authentication
DEBUG 2018-02-18 23:37:52,909 [ajp-bio-8009-exec-3] org.springframework.web.client.RestTemplate - Created POST request for "https://accounts.google.com/o/oauth2/token"
DEBUG 2018-02-18 23:37:52,909 [ajp-bio-8009-exec-3] org.springframework.web.client.RestTemplate - Setting request Accept header to [application/x-www-form-urlencoded, multipart/form-data, application/json, application/+json]
DEBUG 2018-02-18 23:37:52,909 [ajp-bio-8009-exec-3] org.springframework.web.client.RestTemplate - Writing [{client_id=[**********.apps.googleusercontent.com], client_secret=[************], code=[4/AADVb20K49mFatQ8hDxLtqLlvz8LSsD4IHB2ciufaR46gzPrJr1RUoJmw1QM_Zb4pc7ruZ9snU1-IdOg2SnGu34], redirect_uri=[https://ejemplo.com/auth/google], grant_type=[authorization_code]}] as "application/x-www-form-urlencoded" using [org.springframework.http.converter.FormHttpMessageConverter@45fbaee9]
DEBUG 2018-02-18 23:37:52,980 [ajp-bio-8009-exec-3] org.springframework.web.client.RestTemplate - POST request for "https://accounts.google.com/o/oauth2/token" resulted in 200 (OK)
DEBUG 2018-02-18 23:37:52,980 [ajp-bio-8009-exec-3] org.springframework.web.client.RestTemplate - Reading [interface java.util.Map] as "application/json;charset=utf-8" using [org.springframework.http.converter.json.MappingJackson2HttpMessageConverter@4e445436]
DEBUG 2018-02-18 23:37:52,984 [ajp-bio-8009-exec-3] org.springframework.web.client.RestTemplate - Created GET request for "https://www.googleapis.com/plus/v1/people/me"
DEBUG 2018-02-18 23:37:52,988 [ajp-bio-8009-exec-3] org.springframework.web.client.RestTemplate - Setting request Accept header to [application/json, application/*+json]
DEBUG 2018-02-18 23:37:52,989 [ajp-bio-8009-exec-3] org.springframework.social.google.security.GoogleAuthenticationService - failed to exchange for access
org.springframework.web.client.ResourceAccessException: I/O error on GET request for "https://www.googleapis.com/plus/v1/people/me": Unable to tunnel through proxy. Proxy returns "HTTP/1.1 400 Petición incorrecta"; nested exception is java.io.IOException: Unable to tunnel through proxy. Proxy returns "HTTP/1.1 400 Petición incorrecta"
at org.springframework.web.client.RestTemplate.doExecute(RestTemplate.java:633)
at org.springframework.web.client.RestTemplate.execute(RestTemplate.java:580)
at org.springframework.web.client.RestTemplate.getForObject(RestTemplate.java:287)
at org.springframework.social.google.api.impl.AbstractGoogleApiOperations.getEntity(AbstractGoogleApiOperations.java:50)
at org.springframework.social.google.api.plus.impl.PlusTemplate.getPerson(PlusTemplate.java:105)
at org.springframework.social.google.api.plus.impl.PlusTemplate.getGoogleProfile(PlusTemplate.java:110)
at org.springframework.social.google.connect.GoogleAdapter.fetchUserProfile(GoogleAdapter.java:51)
at org.springframework.social.google.connect.GoogleAdapter.fetchUserProfile(GoogleAdapter.java:31)
at org.springframework.social.google.connect.GoogleConnectionFactory.extractProviderUserId(GoogleConnectionFactory.java:37)
at org.springframework.social.connect.support.OAuth2ConnectionFactory.createConnection(OAuth2ConnectionFactory.java:93)
at org.springframework.social.security.provider.OAuth2AuthenticationService.getAuthToken(OAuth2AuthenticationService.java:100)
at org.springframework.social.security.SocialAuthenticationFilter.attemptAuthService(SocialAuthenticationFilter.java:266)
at org.springframework.social.security.SocialAuthenticationFilter.attemptAuthentication(SocialAuthenticationFilter.java:173)
at org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter.doFilter(AbstractAuthenticationProcessingFilter.java:217)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:330)
at org.springframework.security.web.authentication.logout.LogoutFilter.doFilter(LogoutFilter.java:120)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:330)
at org.springframework.security.web.context.request.async.WebAsyncManagerIntegrationFilter.doFilterInternal(WebAsyncManagerIntegrationFilter.java:53)
at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:330)
at org.springframework.security.web.context.SecurityContextPersistenceFilter.doFilter(SecurityContextPersistenceFilter.java:91)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:330)
at org.springframework.security.web.FilterChainProxy.doFilterInternal(FilterChainProxy.java:213)
at org.springframework.security.web.FilterChainProxy.doFilter(FilterChainProxy.java:176)
at org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:346)
at org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:262)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
at org.springframework.web.filter.CharacterEncodingFilter.doFilterInternal(CharacterEncodingFilter.java:197)
at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
at org.apache.catalina.filters.ExpiresFilter.doFilter(ExpiresFilter.java:1201)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
at org.tuckey.web.filters.urlrewrite.RuleChain.handleRewrite(RuleChain.java:176)
at org.tuckey.web.filters.urlrewrite.RuleChain.doRules(RuleChain.java:145)
at org.tuckey.web.filters.urlrewrite.UrlRewriter.processRequest(UrlRewriter.java:92)
at org.tuckey.web.filters.urlrewrite.UrlRewriteFilter.doFilter(UrlRewriteFilter.java:394)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:221)
at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:122)
at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:505)
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:169)
at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:103)
at org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java:956)
at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:116)
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:436)
at org.apache.coyote.ajp.AjpProcessor.process(AjpProcessor.java:190)
at org.apache.coyote.AbstractProtocol$AbstractConnectionHandler.process(AbstractProtocol.java:625)
at org.apache.tomcat.util.net.JIoEndpoint$SocketProcessor.run(JIoEndpoint.java:316)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624)
at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61)
at java.lang.Thread.run(Thread.java:748)
Caused by: java.io.IOException: Unable to tunnel through proxy. Proxy returns "HTTP/1.1 400 Petición incorrecta"
at sun.net.www.protocol.http.HttpURLConnection.doTunneling(HttpURLConnection.java:2142)
at sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(AbstractDelegateHttpsURLConnection.java:183)
at sun.net.www.protocol.https.HttpsURLConnectionImpl.connect(HttpsURLConnectionImpl.java:162)
at org.springframework.http.client.SimpleBufferingClientHttpRequest.executeInternal(SimpleBufferingClientHttpRequest.java:78)
at org.springframework.http.client.AbstractBufferingClientHttpRequest.executeInternal(AbstractBufferingClientHttpRequest.java:48)
at org.springframework.http.client.AbstractClientHttpRequest.execute(AbstractClientHttpRequest.java:53)
at org.springframework.http.client.InterceptingClientHttpRequest$InterceptingRequestExecution.execute(InterceptingClientHttpRequest.java:93)
at org.springframework.social.oauth2.OAuth2RequestInterceptor.intercept(OAuth2RequestInterceptor.java:45)
at org.springframework.http.client.InterceptingClientHttpRequest$InterceptingRequestExecution.execute(InterceptingClientHttpRequest.java:85)
at org.springframework.http.client.InterceptingClientHttpRequest.executeInternal(InterceptingClientHttpRequest.java:69)
at org.springframework.http.client.AbstractBufferingClientHttpRequest.executeInternal(AbstractBufferingClientHttpRequest.java:48)
at org.springframework.http.client.AbstractClientHttpRequest.execute(AbstractClientHttpRequest.java:53)
at org.springframework.web.client.RestTemplate.doExecute(RestTemplate.java:619)
... 55 more
DEBUG 2018-02-18 23:37:52,989 [ajp-bio-8009-exec-3] org.springframework.social.security.SocialAuthenticationFilter - Authentication request failed: org.springframework.security.authentication.AuthenticationServiceException: authentication failed
DEBUG 2018-02-18 23:37:52,989 [ajp-bio-8009-exec-3] org.springframework.social.security.SocialAuthenticationFilter - Updated SecurityContextHolder to contain null Authentication
DEBUG 2018-02-18 23:37:52,989 [ajp-bio-8009-exec-3] org.springframework.social.security.SocialAuthenticationFilter - Delegating to authentication failure handler org.springframework.social.security.SocialAuthenticationFailureHandler@22ad613b
DEBUG 2018-02-18 23:37:53,048 [ajp-bio-8009-exec-3] org.springframework.security.web.FilterChainProxy - /signin at position 1 of 14 in additional filter chain; firing Filter: 'SecurityContextPersistenceFilter'
DEBUG 2018-02-18 23:37:53,048 [ajp-bio-8009-exec-3] org.springframework.security.web.FilterChainProxy - /signin at position 2 of 14 in additional filter chain; firing Filter: 'WebAsyncManagerIntegrationFilter'
DEBUG 2018-02-18 23:37:53,048 [ajp-bio-8009-exec-3] org.springframework.security.web.FilterChainProxy - /signin at position 3 of 14 in additional filter chain; firing Filter: 'LogoutFilter'
DEBUG 2018-02-18 23:37:53,048 [ajp-bio-8009-exec-3] org.springframework.security.web.FilterChainProxy - /signin at position 4 of 14 in additional filter chain; firing Filter: 'SocialAuthenticationFilter'
DEBUG 2018-02-18 23:37:53,048 [ajp-bio-8009-exec-3] org.springframework.security.web.FilterChainProxy - /signin at position 5 of 14 in additional filter chain; firing Filter: 'UsernamePasswordAuthenticationFilter'
DEBUG 2018-02-18 23:37:53,048 [ajp-bio-8009-exec-3] org.springframework.security.web.FilterChainProxy - /signin at position 6 of 14 in additional filter chain; firing Filter: 'UsernamePasswordAuthenticationFilter'
DEBUG 2018-02-18 23:37:53,048 [ajp-bio-8009-exec-3] org.springframework.security.web.FilterChainProxy - /signin at position 7 of 14 in additional filter chain; firing Filter: 'BasicAuthenticationFilter'
DEBUG 2018-02-18 23:37:53,048 [ajp-bio-8009-exec-3] org.springframework.security.web.FilterChainProxy - /signin at position 8 of 14 in additional filter chain; firing Filter: 'RequestCacheAwareFilter'
DEBUG 2018-02-18 23:37:53,048 [ajp-bio-8009-exec-3] org.springframework.security.web.FilterChainProxy - /signin at position 9 of 14 in additional filter chain; firing Filter: 'SecurityContextHolderAwareRequestFilter'
DEBUG 2018-02-18 23:37:53,048 [ajp-bio-8009-exec-3] org.springframework.security.web.FilterChainProxy - /signin at position 10 of 14 in additional filter chain; firing Filter: 'RememberMeAuthenticationFilter'
DEBUG 2018-02-18 23:37:53,049 [ajp-bio-8009-exec-3] org.springframework.security.web.FilterChainProxy - /signin at position 11 of 14 in additional filter chain; firing Filter: 'AnonymousAuthenticationFilter'
DEBUG 2018-02-18 23:37:53,049 [ajp-bio-8009-exec-3] org.springframework.security.web.FilterChainProxy - /signin at position 12 of 14 in additional filter chain; firing Filter: 'SessionManagementFilter'
DEBUG 2018-02-18 23:37:53,049 [ajp-bio-8009-exec-3] org.springframework.security.web.FilterChainProxy - /signin at position 13 of 14 in additional filter chain; firing Filter: 'ExceptionTranslationFilter'
DEBUG 2018-02-18 23:37:53,049 [ajp-bio-8009-exec-3] org.springframework.security.web.FilterChainProxy - /signin at position 14 of 14 in additional filter chain; firing Filter: 'FilterSecurityInterceptor'
DEBUG 2018-02-18 23:37:53,049 [ajp-bio-8009-exec-3] org.springframework.security.web.FilterChainProxy - /signin reached end of additional filter chain; proceeding with original chain
非常感谢您的帮助!