春季安全。 Principal = anonymousUser,类型= AUTHORIZATION_FAILURE

时间:2019-02-23 20:43:14

标签: spring spring-boot spring-security

我尝试为我的Spring Boot应用程序创建身份验证。 但是我不能摆脱

 principal=anonymousUser, type=AUTHORIZATION_FAILURE, data={type=org.springframework.security.access.AccessDeniedException, message=Access is denied}]

这是我的安全性配置已更新 

   @Autowired
UserDetailsService userDetailsService;


@Override
protected void configure(HttpSecurity http) throws Exception {
    http
            .csrf().disable()
            .authorizeRequests()
            .anyRequest().authenticated()
            .antMatchers("/**").hasRole("USER")
            .and()
            .sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS)
            .and()
            .formLogin()
            .failureHandler(authenticationFailureHandler())
            .successHandler(authenticationSuccessHandler());

}


@Autowired
public void configureGlobal(AuthenticationManagerBuilder auth) throws Exception {
    auth.userDetailsService(userDetailsService);
}


@Bean
public AuthenticationFailureHandler authenticationFailureHandler() {
    return new SimpleUrlAuthenticationFailureHandler();
}


@Bean
public AuthenticationSuccessHandler authenticationSuccessHandler() {
    return new RedirectAuthenticationSuccessHandler("/status");
}

具有身份验证过程的日志已更新

    01:16:37.563 [http-nio-8080-exec-3] INFO  r.t.dao.DataRepositoryDaoImpl - Dao layer -> getAuthUser with userName: testuser
01:16:37.576 [http-nio-8080-exec-3] INFO  r.t.security.CustomUserAuthImpl - ::: AUTH::: User testuser is exist. And is_enable 1
01:16:37.578 [http-nio-8080-exec-3] INFO  o.s.b.a.audit.listener.AuditListener - AuditEvent [timestamp=Sun Feb 24 01:16:37 2019, principal=testuser, type=AUTHENTICATION_SUCCESS, data={details=org.springframework.security.web.authentication.WebAuthenticationDetails@fffde5d4: RemoteIpAddress: 0:0:0:0:0:0:0:1; SessionId: 4893CD513771B4710AE33C9B19CF62D6}]
01:16:37.580 [http-nio-8080-exec-3] INFO  o.s.b.a.audit.listener.AuditListener - AuditEvent [timestamp=Sun Feb 24 01:16:37 2019, principal=testuser, type=AUTHENTICATION_SUCCESS, data={details=org.springframework.security.web.authentication.WebAuthenticationDetails@fffde5d4: RemoteIpAddress: 0:0:0:0:0:0:0:1; SessionId: 4893CD513771B4710AE33C9B19CF62D6}]
01:16:37.581 [http-nio-8080-exec-3] INFO  o.s.b.a.audit.listener.AuditListener - AuditEvent [timestamp=Sun Feb 24 01:16:37 2019, principal=testuser, type=AUTHENTICATION_SUCCESS, data={details=org.springframework.security.web.authentication.WebAuthenticationDetails@fffde5d4: RemoteIpAddress: 0:0:0:0:0:0:0:1; SessionId: 4893CD513771B4710AE33C9B19CF62D6}]
01:16:37.586 [http-nio-8080-exec-4] INFO  o.s.b.a.audit.listener.AuditListener - AuditEvent [timestamp=Sun Feb 24 01:16:37 2019, principal=anonymousUser, type=AUTHORIZATION_FAILURE, data={type=org.springframework.security.access.AccessDeniedException, message=Access is denied}]

有人知道是什么问题吗?当我输入log \ pass到我的登录表单时,Spring Security会将我重定向回我的登录页面,并且我在日志中看到的是AUTHORIZATION_FAILURE消息。

0 个答案:

没有答案
相关问题
最新问题