认证后的OAuth2的Spring Boot 2-404
@Override
protected void configure( HttpSecurity http ) throws Exception
{
http
.antMatcher( "/**" )
.authorizeRequests()
.antMatchers( HttpMethod.OPTIONS, "/" ).permitAll()
.antMatchers( HttpMethod.GET, "/app/**" ).permitAll()
.antMatchers( LOGIN_DESTINATION ).permitAll()
.anyRequest().authenticated()
.and()
.oauth2Login()
.successHandler( oAuth2AuthenticationSuccessHandler )
.and()
.sessionManagement()
.sessionCreationPolicy( SessionCreationPolicy.STATELESS );
}
我目前已将Spring Boot应用程序配置为...,该应用程序目前已重定向到我的身份验证服务器,允许我进行身份验证,然后重定向回我的应用程序以准备进行身份验证的下一部分。
从本质上讲,我已经到达了第3部分。
我的入站URL似乎是对的GET请求:
http://localhost:8080/login?code=[redacted]
据我了解,这是默认的Spring安全URL,现在应该在过滤器中加入该URL以执行安全舞蹈的下一部分。但是,在我的应用程序中,此页面当前为404,带有白色的死亡白屏,如下所示:
值得注意的是,没有参数的对/login的GET请求将启动默认的Spring安全性登录页面-因此,幕后发生的任何魔术都表明安全握手的一部分工作正常。
想知道该URL在spring过滤器的上下文中如何/何处/为何解析不同,以及如何使其自动地执行下一次握手。看来,一旦/login上有参数,即?code=blah出现在我的安全配置中的某个地方,就会出现404。
是对还是错。我相关的应用程序中的一些内容:
@EnableOAuth2Client已添加到主应用程序类。也许应该是@EnableOAuth2Sso?还是我需要手动注册过滤器?
在应用程序yml config下面
security:
oauth2:
client:
registration:
myclient:
clientId: [clientidredacted]
clientSecret: [redacted]
authorization-grant-type: authorization_code
redirect-uri: '{baseUrl}/login'
provider:
propertypal:
authorizationUri: https://auth.authserver.com/oauth/authorize
tokenUri: https://auth.authserver.com/oauth/token
日志输出:
2019-06-25 10:58:50.985 DEBUG 4166 --- [nio-8080-exec-9] o.s.s.w.u.matcher.AntPathRequestMatcher : Request '/login' matched by universal pattern '/**'
2019-06-25 10:58:50.985 DEBUG 4166 --- [nio-8080-exec-9] o.s.security.web.FilterChainProxy : /login at position 1 of 15 in additional filter chain; firing Filter: 'WebAsyncManagerIntegrationFilter'
2019-06-25 10:58:50.985 DEBUG 4166 --- [nio-8080-exec-9] o.s.security.web.FilterChainProxy : /login at position 2 of 15 in additional filter chain; firing Filter: 'SecurityContextPersistenceFilter'
2019-06-25 10:58:50.985 DEBUG 4166 --- [nio-8080-exec-9] o.s.security.web.FilterChainProxy : /login at position 3 of 15 in additional filter chain; firing Filter: 'HeaderWriterFilter'
2019-06-25 10:58:50.985 DEBUG 4166 --- [nio-8080-exec-9] o.s.security.web.FilterChainProxy : /login at position 4 of 15 in additional filter chain; firing Filter: 'CsrfFilter'
2019-06-25 10:58:50.985 DEBUG 4166 --- [nio-8080-exec-9] o.s.security.web.FilterChainProxy : /login at position 5 of 15 in additional filter chain; firing Filter: 'LogoutFilter'
2019-06-25 10:58:50.986 DEBUG 4166 --- [nio-8080-exec-9] o.s.s.w.u.matcher.AntPathRequestMatcher : Request 'GET /login' doesn't match 'POST /logout'
2019-06-25 10:58:50.986 DEBUG 4166 --- [nio-8080-exec-9] o.s.security.web.FilterChainProxy : /login at position 6 of 15 in additional filter chain; firing Filter: 'OAuth2AuthorizationRequestRedirectFilter'
2019-06-25 10:58:50.986 DEBUG 4166 --- [nio-8080-exec-9] o.s.s.w.u.matcher.AntPathRequestMatcher : Checking match of request : '/login'; against '/oauth2/authorization/{registrationId}'
2019-06-25 10:58:50.986 DEBUG 4166 --- [nio-8080-exec-9] o.s.security.web.FilterChainProxy : /login at position 7 of 15 in additional filter chain; firing Filter: 'OAuth2LoginAuthenticationFilter'
2019-06-25 10:58:50.986 DEBUG 4166 --- [nio-8080-exec-9] o.s.s.w.util.matcher.AndRequestMatcher : Trying to match using Ant [pattern='/login/oauth2/code/*']
2019-06-25 10:58:50.986 DEBUG 4166 --- [nio-8080-exec-9] o.s.s.w.u.matcher.AntPathRequestMatcher : Checking match of request : '/login'; against '/login/oauth2/code/*'
2019-06-25 10:58:50.986 DEBUG 4166 --- [nio-8080-exec-9] o.s.s.w.util.matcher.AndRequestMatcher : Did not match
2019-06-25 10:58:50.986 DEBUG 4166 --- [nio-8080-exec-9] o.s.security.web.FilterChainProxy : /login at position 8 of 15 in additional filter chain; firing Filter: 'DefaultLoginPageGeneratingFilter'
2019-06-25 10:58:50.986 DEBUG 4166 --- [nio-8080-exec-9] o.s.s.w.header.writers.HstsHeaderWriter : Not injecting HSTS header since it did not match the requestMatcher org.springframework.security.web.header.writers.HstsHeaderWriter$SecureRequestMatcher@3dba75bf
2019-06-25 10:58:50.986 DEBUG 4166 --- [nio-8080-exec-9] s.s.w.c.SecurityContextPersistenceFilter : SecurityContextHolder now cleared, as request processing completed
2019-06-25 10:58:52.962 DEBUG 4166 --- [io-8080-exec-10] o.s.s.w.u.matcher.AntPathRequestMatcher : Request '/login' matched by universal pattern '/**'
2019-06-25 10:58:52.962 DEBUG 4166 --- [io-8080-exec-10] o.s.security.web.FilterChainProxy : /login?code=[redacted]&state=[redacted] at position 1 of 15 in additional filter chain; firing Filter: 'WebAsyncManagerIntegrationFilter'
2019-06-25 10:58:52.962 DEBUG 4166 --- [io-8080-exec-10] o.s.security.web.FilterChainProxy : /login?code=[redacted]&state=[redacted] at position 2 of 15 in additional filter chain; firing Filter: 'SecurityContextPersistenceFilter'
2019-06-25 10:58:52.962 DEBUG 4166 --- [io-8080-exec-10] o.s.security.web.FilterChainProxy : /login?code=[redacted]&state=[redacted] at position 3 of 15 in additional filter chain; firing Filter: 'HeaderWriterFilter'
2019-06-25 10:58:52.962 DEBUG 4166 --- [io-8080-exec-10] o.s.security.web.FilterChainProxy : /login?code=[redacted]&state=[redacted] at position 4 of 15 in additional filter chain; firing Filter: 'CsrfFilter'
2019-06-25 10:58:52.962 DEBUG 4166 --- [io-8080-exec-10] o.s.security.web.FilterChainProxy : /login?code=[redacted]&state=[redacted] at position 5 of 15 in additional filter chain; firing Filter: 'LogoutFilter'
2019-06-25 10:58:52.962 DEBUG 4166 --- [io-8080-exec-10] o.s.s.w.u.matcher.AntPathRequestMatcher : Request 'GET /login' doesn't match 'POST /logout'
2019-06-25 10:58:52.962 DEBUG 4166 --- [io-8080-exec-10] o.s.security.web.FilterChainProxy : /login?code=[redacted]&state=[redacted] at position 6 of 15 in additional filter chain; firing Filter: 'OAuth2AuthorizationRequestRedirectFilter'
2019-06-25 10:58:52.962 DEBUG 4166 --- [io-8080-exec-10] o.s.s.w.u.matcher.AntPathRequestMatcher : Checking match of request : '/login'; against '/oauth2/authorization/{registrationId}'
2019-06-25 10:58:52.962 DEBUG 4166 --- [io-8080-exec-10] o.s.security.web.FilterChainProxy : /login?code=[redacted]&state=[redacted] at position 7 of 15 in additional filter chain; firing Filter: 'OAuth2LoginAuthenticationFilter'
2019-06-25 10:58:52.962 DEBUG 4166 --- [io-8080-exec-10] o.s.s.w.util.matcher.AndRequestMatcher : Trying to match using Ant [pattern='/login/oauth2/code/*']
2019-06-25 10:58:52.962 DEBUG 4166 --- [io-8080-exec-10] o.s.s.w.u.matcher.AntPathRequestMatcher : Checking match of request : '/login'; against '/login/oauth2/code/*'
2019-06-25 10:58:52.962 DEBUG 4166 --- [io-8080-exec-10] o.s.s.w.util.matcher.AndRequestMatcher : Did not match
2019-06-25 10:58:52.962 DEBUG 4166 --- [io-8080-exec-10] o.s.security.web.FilterChainProxy : /login?code=[redacted]&state=[redacted] at position 8 of 15 in additional filter chain; firing Filter: 'DefaultLoginPageGeneratingFilter'
2019-06-25 10:58:52.962 DEBUG 4166 --- [io-8080-exec-10] o.s.security.web.FilterChainProxy : /login?code=[redacted]&state=[redacted] at position 9 of 15 in additional filter chain; firing Filter: 'DefaultLogoutPageGeneratingFilter'
2019-06-25 10:58:52.963 DEBUG 4166 --- [io-8080-exec-10] o.s.s.w.u.matcher.AntPathRequestMatcher : Checking match of request : '/login'; against '/logout'
2019-06-25 10:58:52.963 DEBUG 4166 --- [io-8080-exec-10] o.s.security.web.FilterChainProxy : /login?code=[redacted]&state=[redacted] at position 10 of 15 in additional filter chain; firing Filter: 'RequestCacheAwareFilter'
2019-06-25 10:58:52.963 DEBUG 4166 --- [io-8080-exec-10] o.s.security.web.FilterChainProxy : /login?code=[redacted]&state=[redacted] at position 11 of 15 in additional filter chain; firing Filter: 'SecurityContextHolderAwareRequestFilter'
2019-06-25 10:58:52.963 DEBUG 4166 --- [io-8080-exec-10] o.s.security.web.FilterChainProxy : /login?code=[redacted]&state=[redacted] at position 12 of 15 in additional filter chain; firing Filter: 'AnonymousAuthenticationFilter'
2019-06-25 10:58:52.963 DEBUG 4166 --- [io-8080-exec-10] o.s.s.w.a.AnonymousAuthenticationFilter : Populated SecurityContextHolder with anonymous token: 'org.springframework.security.authentication.AnonymousAuthenticationToken@6bc44a5c: Principal: anonymousUser; Credentials: [PROTECTED]; Authenticated: true; Details: org.springframework.security.web.authentication.WebAuthenticationDetails@fffc7f0c: RemoteIpAddress: 0:0:0:0:0:0:0:1; SessionId: 7AE9900602736997387E290E40F7986C; Granted Authorities: ROLE_ANONYMOUS'
2019-06-25 10:58:52.963 DEBUG 4166 --- [io-8080-exec-10] o.s.security.web.FilterChainProxy : /login?code=[redacted]&state=[redacted] at position 13 of 15 in additional filter chain; firing Filter: 'SessionManagementFilter'
2019-06-25 10:58:52.963 DEBUG 4166 --- [io-8080-exec-10] o.s.security.web.FilterChainProxy : /login?code=[redacted]&state=[redacted] at position 14 of 15 in additional filter chain; firing Filter: 'ExceptionTranslationFilter'
2019-06-25 10:58:52.963 DEBUG 4166 --- [io-8080-exec-10] o.s.security.web.FilterChainProxy : /login?code=[redacted]&state=[redacted] at position 15 of 15 in additional filter chain; firing Filter: 'FilterSecurityInterceptor'
2019-06-25 10:58:52.963 DEBUG 4166 --- [io-8080-exec-10] o.s.s.w.u.matcher.AntPathRequestMatcher : Request 'GET /login' doesn't match 'OPTIONS /'
2019-06-25 10:58:52.963 DEBUG 4166 --- [io-8080-exec-10] o.s.s.w.u.matcher.AntPathRequestMatcher : Checking match of request : '/login'; against '/app/**'
2019-06-25 10:58:52.963 DEBUG 4166 --- [io-8080-exec-10] o.s.s.w.u.matcher.AntPathRequestMatcher : Checking match of request : '/login'; against '/login'
2019-06-25 10:58:52.963 DEBUG 4166 --- [io-8080-exec-10] o.s.s.w.a.i.FilterSecurityInterceptor : Secure object: FilterInvocation: URL: /login?code=[redacted]&state=[redacted]; Attributes: [permitAll]
2019-06-25 10:58:52.963 DEBUG 4166 --- [io-8080-exec-10] o.s.s.w.a.i.FilterSecurityInterceptor : Previously Authenticated: org.springframework.security.authentication.AnonymousAuthenticationToken@6bc44a5c: Principal: anonymousUser; Credentials: [PROTECTED]; Authenticated: true; Details: org.springframework.security.web.authentication.WebAuthenticationDetails@fffc7f0c: RemoteIpAddress: 0:0:0:0:0:0:0:1; SessionId: 7AE9900602736997387E290E40F7986C; Granted Authorities: ROLE_ANONYMOUS
2019-06-25 10:58:52.963 DEBUG 4166 --- [io-8080-exec-10] o.s.s.access.vote.AffirmativeBased : Voter: org.springframework.security.web.access.expression.WebExpressionVoter@2b3f7dfc, returned: 1
2019-06-25 10:58:52.963 DEBUG 4166 --- [io-8080-exec-10] o.s.s.w.a.i.FilterSecurityInterceptor : Authorization successful
2019-06-25 10:58:52.964 DEBUG 4166 --- [io-8080-exec-10] o.s.s.w.a.i.FilterSecurityInterceptor : RunAsManager did not change Authentication object
2019-06-25 10:58:52.964 DEBUG 4166 --- [io-8080-exec-10] o.s.security.web.FilterChainProxy : /login?code=[redacted]&state=[redacted] reached end of additional filter chain; proceeding with original chain
2019-06-25 10:58:52.965 WARN 4166 --- [io-8080-exec-10] o.s.web.servlet.PageNotFound : No mapping for GET /login
2019-06-25 10:58:52.965 DEBUG 4166 --- [io-8080-exec-10] o.s.s.w.header.writers.HstsHeaderWriter : Not injecting HSTS header since it did not match the requestMatcher org.springframework.security.web.header.writers.HstsHeaderWriter$SecureRequestMatcher@3dba75bf
2019-06-25 10:58:52.966 DEBUG 4166 --- [io-8080-exec-10] o.s.s.w.a.ExceptionTranslationFilter : Chain processed normally
2019-06-25 10:58:52.966 DEBUG 4166 --- [io-8080-exec-10] s.s.w.c.SecurityContextPersistenceFilter : SecurityContextHolder now cleared, as request processing completed
2019-06-25 10:58:52.966 DEBUG 4166 --- [io-8080-exec-10] o.s.s.w.u.matcher.AntPathRequestMatcher : Request '/error' matched by universal pattern '/**'
2019-06-25 10:58:52.966 DEBUG 4166 --- [io-8080-exec-10] o.s.security.web.FilterChainProxy : /error?code=[redacted]&state=[redacted] at position 1 of 15 in additional filter chain; firing Filter: 'WebAsyncManagerIntegrationFilter'
2019-06-25 10:58:52.966 DEBUG 4166 --- [io-8080-exec-10] o.s.security.web.FilterChainProxy : /error?code=[redacted]&state=[redacted] at position 2 of 15 in additional filter chain; firing Filter: 'SecurityContextPersistenceFilter'
2019-06-25 10:58:52.966 DEBUG 4166 --- [io-8080-exec-10] o.s.security.web.FilterChainProxy : /error?code=[redacted]&state=[redacted] at position 3 of 15 in additional filter chain; firing Filter: 'HeaderWriterFilter'
2019-06-25 10:58:52.966 DEBUG 4166 --- [io-8080-exec-10] o.s.security.web.FilterChainProxy : /error?code=[redacted]&state=[redacted] at position 4 of 15 in additional filter chain; firing Filter: 'CsrfFilter'
2019-06-25 10:58:52.966 DEBUG 4166 --- [io-8080-exec-10] o.s.security.web.FilterChainProxy : /error?code=[redacted]&state=[redacted] at position 5 of 15 in additional filter chain; firing Filter: 'LogoutFilter'
2019-06-25 10:58:52.966 DEBUG 4166 --- [io-8080-exec-10] o.s.s.w.u.matcher.AntPathRequestMatcher : Request 'GET /error' doesn't match 'POST /logout'
2019-06-25 10:58:52.966 DEBUG 4166 --- [io-8080-exec-10] o.s.security.web.FilterChainProxy : /error?code=[redacted]&state=[redacted] at position 6 of 15 in additional filter chain; firing Filter: 'OAuth2AuthorizationRequestRedirectFilter'
2019-06-25 10:58:52.966 DEBUG 4166 --- [io-8080-exec-10] o.s.security.web.FilterChainProxy : /error?code=[redacted]&state=[redacted] at position 7 of 15 in additional filter chain; firing Filter: 'OAuth2LoginAuthenticationFilter'
2019-06-25 10:58:52.966 DEBUG 4166 --- [io-8080-exec-10] o.s.s.w.util.matcher.AndRequestMatcher : Trying to match using Ant [pattern='/login/oauth2/code/*']
2019-06-25 10:58:52.966 DEBUG 4166 --- [io-8080-exec-10] o.s.s.w.u.matcher.AntPathRequestMatcher : Checking match of request : '/error'; against '/login/oauth2/code/*'
2019-06-25 10:58:52.966 DEBUG 4166 --- [io-8080-exec-10] o.s.s.w.util.matcher.AndRequestMatcher : Did not match
2019-06-25 10:58:52.966 DEBUG 4166 --- [io-8080-exec-10] o.s.security.web.FilterChainProxy : /error?code=[redacted]&state=[redacted] at position 8 of 15 in additional filter chain; firing Filter: 'DefaultLoginPageGeneratingFilter'
2019-06-25 10:58:52.967 DEBUG 4166 --- [io-8080-exec-10] o.s.security.web.FilterChainProxy : /error?code=[redacted]&state=[redacted] at position 9 of 15 in additional filter chain; firing Filter: 'DefaultLogoutPageGeneratingFilter'
2019-06-25 10:58:52.967 DEBUG 4166 --- [io-8080-exec-10] o.s.security.web.FilterChainProxy : /error?code=[redacted]&state=[redacted] at position 10 of 15 in additional filter chain; firing Filter: 'RequestCacheAwareFilter'
2019-06-25 10:58:52.967 DEBUG 4166 --- [io-8080-exec-10] o.s.security.web.FilterChainProxy : /error?code=[redacted]&state=[redacted] at position 11 of 15 in additional filter chain; firing Filter: 'SecurityContextHolderAwareRequestFilter'
2019-06-25 10:58:52.967 DEBUG 4166 --- [io-8080-exec-10] o.s.security.web.FilterChainProxy : /error?code=[redacted]&state=[redacted] at position 12 of 15 in additional filter chain; firing Filter: 'AnonymousAuthenticationFilter'
2019-06-25 10:58:52.967 DEBUG 4166 --- [io-8080-exec-10] o.s.s.w.a.AnonymousAuthenticationFilter : Populated SecurityContextHolder with anonymous token: 'org.springframework.security.authentication.AnonymousAuthenticationToken@6bc44a5c: Principal: anonymousUser; Credentials: [PROTECTED]; Authenticated: true; Details: org.springframework.security.web.authentication.WebAuthenticationDetails@fffc7f0c: RemoteIpAddress: 0:0:0:0:0:0:0:1; SessionId: 7AE9900602736997387E290E40F7986C; Granted Authorities: ROLE_ANONYMOUS'
2019-06-25 10:58:52.967 DEBUG 4166 --- [io-8080-exec-10] o.s.security.web.FilterChainProxy : /error?code=[redacted]&state=[redacted] at position 13 of 15 in additional filter chain; firing Filter: 'SessionManagementFilter'
2019-06-25 10:58:52.967 DEBUG 4166 --- [io-8080-exec-10] o.s.security.web.FilterChainProxy : /error?code=[redacted]&state=[redacted] at position 14 of 15 in additional filter chain; firing Filter: 'ExceptionTranslationFilter'
2019-06-25 10:58:52.967 DEBUG 4166 --- [io-8080-exec-10] o.s.security.web.FilterChainProxy : /error?code=[redacted]&state=[redacted] at position 15 of 15 in additional filter chain; firing Filter: 'FilterSecurityInterceptor'
2019-06-25 10:58:52.967 DEBUG 4166 --- [io-8080-exec-10] o.s.security.web.FilterChainProxy : /error?code=[redacted]&state=[redacted] reached end of additional filter chain; proceeding with original chain
2019-06-25 10:58:52.970 DEBUG 4166 --- [io-8080-exec-10] o.s.s.w.a.ExceptionTranslationFilter : Chain processed normally
2019-06-25 10:58:52.970 DEBUG 4166 --- [io-8080-exec-10] s.s.w.c.SecurityContextPersistenceFilter : SecurityContextHolder now cleared, as request processing completed
0 个答案:
没有答案
相关问题
- Spring-boot oauth2 / oauth / token 404
- 在oauth2身份验证成功和匿名令牌
- Spring Boot 2 OAuth2启动器更改
- Spring Security OAUTH2的Spring启动2在成功登录后显示403错误
- 迁移到Spring Boot 2.x后,运行状况检查失败并显示404错误
- Springboot 2 Oauth2
- 单个Spring Boot应用程序中的SAML和Oauth2
- Spring Boot 2 Oauth2
- 认证后的OAuth2的Spring Boot 2-404
- 成功登录后,Spring Security Basic身份验证将返回404
最新问题
- 我写了这段代码,但我无法理解我的错误
- 我无法从一个代码实例的列表中删除 None 值,但我可以在另一个实例中。为什么它适用于一个细分市场而不适用于另一个细分市场?
- 是否有可能使 loadstring 不可能等于打印?卢阿
- java中的random.expovariate()
- Appscript 通过会议在 Google 日历中发送电子邮件和创建活动
- 为什么我的 Onclick 箭头功能在 React 中不起作用?
- 在此代码中是否有使用“this”的替代方法?
- 在 SQL Server 和 PostgreSQL 上查询,我如何从第一个表获得第二个表的可视化
- 每千个数字得到
- 更新了城市边界 KML 文件的来源?