我有以下问题: 我有一个访问点,该访问点受Spring安全性保护。当我使用正确的授权标头访问此点时,控制器将执行全部操作,然后它意外地将我重定向到根路径“ /”。
我发现,当路径固定时,它会重定向我。
这是我的日志:
2018-07-29 15:47:26.513 DEBUG 11272 --- [nio-8090-exec-4] o.s.b.w.s.f.OrderedRequestContextFilter : Bound request context to thread: org.apache.catalina.connector.RequestFacade@4b679aea
2018-07-29 15:47:26.520 DEBUG 11272 --- [nio-8090-exec-4] o.s.web.servlet.DispatcherServlet : DispatcherServlet with name 'dispatcherServlet' processing GET request for [/secured/abc]
2018-07-29 15:47:26.520 DEBUG 11272 --- [nio-8090-exec-4] s.w.s.m.m.a.RequestMappingHandlerMapping : Looking up handler method for path /secured/abc
2018-07-29 15:47:26.521 DEBUG 11272 --- [nio-8090-exec-4] s.w.s.m.m.a.RequestMappingHandlerMapping : Returning handler method [public org.springframework.http.ResponseEntity<?> app.user.controller.UserController.changePassword()]
2018-07-29 15:47:26.521 DEBUG 11272 --- [nio-8090-exec-4] o.s.web.servlet.DispatcherServlet : Last-Modified value for [/secured/abc] is: -1
2018-07-29 15:47:26.521 DEBUG 11272 --- [nio-8090-exec-4] o.s.w.s.m.m.a.HttpEntityMethodProcessor : Written [{"message":"Das Passwort wurde geändert!"}] as "application/json" using [org.springframework.http.converter.StringHttpMessageConverter@3b555c6]
2018-07-29 15:47:26.522 DEBUG 11272 --- [nio-8090-exec-4] o.s.web.servlet.DispatcherServlet : Null ModelAndView returned to DispatcherServlet with name 'dispatcherServlet': assuming HandlerAdapter completed request handling
2018-07-29 15:47:26.522 DEBUG 11272 --- [nio-8090-exec-4] o.s.web.servlet.DispatcherServlet : Successfully completed request
2018-07-29 15:47:26.522 DEBUG 11272 --- [nio-8090-exec-4] o.s.b.w.s.f.OrderedRequestContextFilter : Cleared thread-bound request context: org.apache.catalina.connector.RequestFacade@4b679aea
2018-07-29 15:47:26.533 DEBUG 11272 --- [nio-8090-exec-5] o.s.b.w.s.f.OrderedRequestContextFilter : Bound request context to thread: org.apache.catalina.connector.RequestFacade@4b679aea
2018-07-29 15:47:26.533 DEBUG 11272 --- [nio-8090-exec-5] o.s.web.servlet.DispatcherServlet : DispatcherServlet with name 'dispatcherServlet' processing GET request for [/]
2018-07-29 15:47:26.533 DEBUG 11272 --- [nio-8090-exec-5] s.w.s.m.m.a.RequestMappingHandlerMapping : Looking up handler method for path /
2018-07-29 15:47:26.534 DEBUG 11272 --- [nio-8090-exec-5] s.w.s.m.m.a.RequestMappingHandlerMapping : Did not find handler method for [/]
2018-07-29 15:47:26.534 DEBUG 11272 --- [nio-8090-exec-5] o.s.w.s.handler.SimpleUrlHandlerMapping : Matching patterns for request [/] are [/**]
2018-07-29 15:47:26.534 DEBUG 11272 --- [nio-8090-exec-5] o.s.w.s.handler.SimpleUrlHandlerMapping : URI Template variables for request [/] are {}
2018-07-29 15:47:26.535 DEBUG 11272 --- [nio-8090-exec-5] o.s.w.s.handler.SimpleUrlHandlerMapping : Mapping [/] to HandlerExecutionChain with handler [ResourceHttpRequestHandler [locations=[class path resource [META-INF/resources/], class path resource [resources/], class path resource [static/], class path resource [public/], ServletContext resource [/]], resolvers=[org.springframework.web.servlet.resource.PathResourceResolver@5cccdf95]]] and 1 interceptor
2018-07-29 15:47:26.535 DEBUG 11272 --- [nio-8090-exec-5] o.s.web.servlet.DispatcherServlet : Last-Modified value for [/] is: -1
2018-07-29 15:47:26.535 DEBUG 11272 --- [nio-8090-exec-5] o.s.web.servlet.DispatcherServlet : Null ModelAndView returned to DispatcherServlet with name 'dispatcherServlet': assuming HandlerAdapter completed request handling
2018-07-29 15:47:26.535 DEBUG 11272 --- [nio-8090-exec-5] o.s.web.servlet.DispatcherServlet : Successfully completed request
2018-07-29 15:47:26.535 DEBUG 11272 --- [nio-8090-exec-5] o.s.b.w.s.f.OrderedRequestContextFilter : Cleared thread-bound request context: org.apache.catalina.connector.RequestFacade@4b679aea
2018-07-29 15:47:26.536 DEBUG 11272 --- [nio-8090-exec-5] o.s.web.servlet.DispatcherServlet : DispatcherServlet with name 'dispatcherServlet' processing GET request for [/error]
2018-07-29 15:47:26.536 DEBUG 11272 --- [nio-8090-exec-5] s.w.s.m.m.a.RequestMappingHandlerMapping : Looking up handler method for path /error
2018-07-29 15:47:26.537 DEBUG 11272 --- [nio-8090-exec-5] s.w.s.m.m.a.RequestMappingHandlerMapping : Returning handler method [public org.springframework.http.ResponseEntity<java.util.Map<java.lang.String, java.lang.Object>> org.springframework.boot.autoconfigure.web.servlet.error.BasicErrorController.error(javax.servlet.http.HttpServletRequest)]
2018-07-29 15:47:26.537 DEBUG 11272 --- [nio-8090-exec-5] o.s.web.servlet.DispatcherServlet : Last-Modified value for [/error] is: -1
2018-07-29 15:47:26.538 DEBUG 11272 --- [nio-8090-exec-5] o.s.w.s.m.m.a.HttpEntityMethodProcessor : Written [{timestamp=Sun Jul 29 15:47:26 CEST 2018, status=404, error=Not Found, message=No message available, path=/}] as "application/json" using [org.springframework.http.converter.json.MappingJackson2HttpMessageConverter@15679586]
2018-07-29 15:47:26.538 DEBUG 11272 --- [nio-8090-exec-5] o.s.web.servlet.DispatcherServlet : Null ModelAndView returned to DispatcherServlet with name 'dispatcherServlet': assuming HandlerAdapter completed request handling
2018-07-29 15:47:26.538 DEBUG 11272 --- [nio-8090-exec-5] o.s.web.servlet.DispatcherServlet : Successfully completed request
这是我的SecurityConfig类:
@Configuration
@EnableWebSecurity
public class SecurityConfig extends WebSecurityConfigurerAdapter {
@Autowired
private JwtAuthenticationProvider authenticationProvider;
@Override
protected void configure(HttpSecurity http) throws Exception {
http.csrf().disable();
http.cors()
.and()
.authorizeRequests()
.antMatchers("/secured/**")
.authenticated()
.and()
.formLogin()
.loginPage("/login-required")
.and()
.sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS)
.and()
.httpBasic();
http.addFilterBefore(authenticationTokenFilter(), UsernamePasswordAuthenticationFilter.class);
http.headers().cacheControl();
}
@Bean
public CorsConfigurationSource corsConfigurationSource() {
final CorsConfiguration configuration = new CorsConfiguration();
configuration.setAllowedOrigins(Arrays.asList("http://localhost:4200", "*"));
configuration.setAllowedMethods(Arrays.asList("HEAD", "GET", "POST", "PUT", "DELETE", "PATCH", "OPTIONS"));
configuration.setAllowCredentials(true);
configuration.setAllowedHeaders(Arrays.asList("Authorization", "Origin", "Content-Type", "Accept", "X-Requested-With"));
final UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource();
source.registerCorsConfiguration("/**", configuration);
return source;
}
@Bean
public PasswordEncoder passwordEncoder() {
return new BCryptPasswordEncoder();
}
@Bean
public AuthenticationManager authenticationManager() {
return new ProviderManager(Collections.singletonList(authenticationProvider));
}
@Bean
public JwtAuthenticationTokenFilter authenticationTokenFilter() {
JwtAuthenticationTokenFilter filter = new JwtAuthenticationTokenFilter();
filter.setAuthenticationManager(authenticationManager());
return filter;
}
}
这种行为可能是什么原因?