网关身份验证成功后,从Edgware(春季启动1.x)升级到Finchely / Greenwich(春季启动2.x)的Spring Cloud失败,但是在网页中显示403禁止访问。我正在升级Spring Cloud,我可以在最新的Spring Cloud版本中看到一些工件更改,并且已经对其进行了更新,但不幸的是,登录到应用程序后它抛出403 access拒绝错误。如果我使用Edgware(Spring boot 1 .x)版本。
在调试我为类“ UsernamePasswordAuthenticationToken”传递参数后找到的代码时,它进入springframwork类,并且永远不会从spring库中退出。
@Service(值=“ AuthProvider”) 公共最终类AuthProvider实现AuthenticationProvider { 私有静态最终Logger logger = LoggerFactory.getLogger(AuthProvider.class);
@Autowired
UserAuthenticationService userAuthenticationService;
@Override
public Authentication authenticate(Authentication authentication)throws AuthenticationException
{
UsernamePasswordAuthenticationToken userToken = (UsernamePasswordAuthenticationToken) authentication;
List<String> roles = userAuthenticationService.authenticate(userToken.getName(),
userToken.getCredentials().toString());
if (roles.size() > 1 && roles.get(0).equals("FINE"))
{
Collection<GrantedAuthority> authorities = new ArrayList<>();
for (String role : roles.subList(1, roles.size()))
{
authorities.add(new SimpleGrantedAuthority(role));
}
return new UsernamePasswordAuthenticationToken(userToken.getName(), userToken.getCredentials(),
authorities); --> **at this point it enters into spring libraries and it never comes out of it.**
}
// User has an FINE in the first position of the list,there are no roles
// (size = 1)
else if (roles.size() == 1 && roles.get(0).equals("FINE"))
{
JSONObject json = new JSONObject();
try
{
json.put("errorCode", "FFF");
}
catch (JSONException e)
{
logger.warn("AuthProvider: Unexpected error", e);
}
throw new BadCredentialsException(json.toString());
}
// User has an JSON-message error in the first position of the list
else
{
throw new BadCredentialsException(roles.get(0));
}
}
}