在过去的24小时中,我遇到了一个奇怪的问题,即部署一个Spring Boot应用程序,该应用程序在上一次更改之前一直可以正常工作。
我们最终发现,只要删除某些HttpSecurity过滤器链(特别是.antMatchers()),Java构建就可以正常工作。
值得一提的是,例如在使用像STS这样的IDE时,不会出现此问题。
在WebSecurityConfig文件中具有超过332个.antMatchers()时,我们面临的错误如下:
[ec2-user@ip-XX.XX.XX.XX SOMEAPP]$ mvn clean install
[INFO] Scanning for projects...
[WARNING]
[WARNING] Some problems were encountered while building the effective
model for com.kryptolabs:SOMEAPP:jar:0.0.1-SNAPSHOT
[WARNING] 'dependencies.dependency.
(groupId:artifactId:type:classifier)' must be unique:
org.springframework.boot:spring-boot-devtools:jar -> duplicate
declaration of version (?) @ line 175, column 15
[WARNING]
[WARNING] It is highly recommended to fix these problems because they
threaten the stability of your build.
[WARNING]
[WARNING] For this reason, future Maven versions might no longer
support building such malformed projects.
[WARNING]
[INFO]
[INFO] ---------------------< com.kryptolabs:SOMEAPP >----------------
-----
[INFO] Building SOMEAPP 0.0.1-SNAPSHOT
[INFO] --------------------------------[ jar ]------------------------
---------
[INFO]
[INFO] --- maven-clean-plugin:2.6.1:clean (default-clean) @ SOMEAPP --
[INFO] Deleting /home/ec2-user/source/SOMEAPP/target
[INFO]
[INFO] --- maven-resources-plugin:2.6:resources (default-resources) @ SOMEAPP ---
[INFO] Using 'UTF-8' encoding to copy filtered resources.
[INFO] Copying 7 resources
[INFO] Copying 5014 resources
[INFO]
[INFO] --- maven-compiler-plugin:3.1:compile (default-compile) @ SOMEAPP ---
[INFO] Changes detected - recompiling the module!
[INFO] Compiling 1518 source files to /home/ec2-user/source/SOMEAPP/target/classes
The system is out of resources.
Consult the following stack trace for details.
java.lang.StackOverflowError
at com.sun.tools.javac.jvm.Gen.genExpr(Gen.java:940)
at com.sun.tools.javac.jvm.Gen.visitSelect(Gen.java:2341)
at com.sun.tools.javac.tree.JCTree$JCFieldAccess.accept(JCTree.java:1897)
at com.sun.tools.javac.jvm.Gen.genExpr(Gen.java:947)
at com.sun.tools.javac.jvm.Gen.visitApply(Gen.java:1837)
...< huge number of lines> ...
at com.sun.tools.javac.tree.JCTree$JCMethodInvocation.accept(JCTree.java:1465)
at com.sun.tools.javac.jvm.Gen.genExpr(Gen.java:947)
at com.sun.tools.javac.jvm.Gen.visitTypeCast(Gen.java:2264)
at com.sun.tools.javac.tree.JCTree$JCFieldAccess.accept(JCTree.java:1897)
at com.sun.tools.javac.jvm.Gen.genExpr(Gen.java:947)
[INFO] -------------------------------------------------------------
[ERROR] COMPILATION ERROR :
[INFO] -------------------------------------------------------------
[ERROR] An unknown compilation problem occurred
[INFO] 1 error
[INFO] -------------------------------------------------------------
[INFO] ------------------------------------------------------------------------
[INFO] BUILD FAILURE
[INFO] ------------------------------------------------------------------------
[INFO] Total time: 22.540 s
[INFO] Finished at: 2019-01-24T12:12:55+04:00
[INFO] ------------------------------------------------------------------------
[ERROR] Failed to execute goal org.apache.maven.plugins:maven-compiler-plugin:3.1:compile (default-compile) on project SOMEAPP: Compilation failure
[ERROR] An unknown compilation problem occurred
[ERROR]
[ERROR] -> [Help 1]
[ERROR]
[ERROR] To see the full stack trace of the errors, re-run Maven with the -e switch.
[ERROR] Re-run Maven using the -X switch to enable full debug logging.
[ERROR]
[ERROR] For more information about the errors and possible solutions, please read the following articles:
[ERROR] [Help 1] http://cwiki.apache.org/confluence/display/MAVEN/MojoFailureException
如前所述,只要我们从文件中删除7-10 .antMatchers(),就不会出现此问题。
问题是:HttpSecurity过滤器接受的链数是否有限制?在这种情况下,是否有大量匹配规则的替代方案?
http.csrf().ignoringAntMatchers("/xxx/**", "/yyyy-data/**","/web/**").antMatchers(SPVApis.HOME_SUMMARY).hasAuthority(SPVPrivileges.HOME_SUMMARY_ACCESS)
.antMatchers(SPVApis.HOME_SUMMARY).hasAuthority(SPVPrivileges.HOME_SUMMARY_ACCESS)
< 330+ matching rules >
.antMatchers(SPVApis.HOME_BY_CAT).hasAuthority(SPVPrivileges.HOME_BY_CAT_ACCESS)
.antMatchers(SPVApis.HOME_INVESTMENT_BY_ENT).hasAuthority(SPVPrivileges.HOME_INVESTMENTS_BY_ENT_ACCESS)