折腾了一两周了, 问题始终没有解决, 只能来这里求助了, 希望知道的朋友帮忙下!
下面开始说需求:
公司有两个系统, 我们就称之为聊天系统和业务系统吧, 聊天系统是因为业务系统需要沟通才存在, 聊天系统本身是没有用户, 用户都是来自业务系统.
这两个系统都需要保存数据到数据库, 因为聊天系统需要保存聊天记录, 业务系统也有业务数据需要保存, 两个系统用的框架都是spring boot,而且都是使用 mybatis, 当然了, 出于安全的需要, 就用到了 spring security, 本来是想成立一个用户中心, 但是公司除了这两个系统外,还有其他系统, 这样牵连比较大, 所以没有成立用户中心, 但聊天系统和业务系统本身是需要数据交互的.
所以, 引入 spring security 了以后, 我就想到 SSO 单点登录, 网上了解了下, spring security 实现单点登录的方式还有好多种方式的, 比如用到 CAS, JWT 等等, 我就选择使用 @EnableOAuth2Sso 注解这个方式来实现单点登录, 但是我折腾了好久, 问题始终没有解决.
出现的问题是:
聊天系统(客户端)启动时, 会自动向业务系统(授权端)发起一个 get 请求: oauth/token_key,
业务系统也能收到这个 get 请求, 但它却重定向去获取 static/index.html, 这是业务系统的首页, 但由于前后端分离, 前端采用 vue 来开发, 所以不存在这个页面, 报 404 错误!
请注意: 这个 get 请求的地址在聊天系统(客户端)的 application.properties 文件中配置, key 为: security.oauth2.resource.jwt.key-uri
我产生的疑问是:
1) 聊天系统发起这个 get 请求的时候, 不应该去获取 index.html, 我也不知道发起这个 get 请求的目的是什么, 但他不应该去登录或者请求首页.
2) 网上看到文章, 聊天系统作为客户端, 使用 @EnableOAuth2Sso 来实现单点登录的时候, 聊天系统是不需要配置 security.oauth2.resource.jwt.key-uri 的, 但是我不配置就报错.报错如下:
Description:
Method springSecurityFilterChain in
org.springframework.security.config.annotation.web.configuration.WebSecurityConfiguration
required a bean of type 'org.springframework.boot.autoconfigure.security.oauth2.resource.UserInfoRestTemplateFactory' that could not be found.
The following candidates were found but could not be injected:
- Bean method 'userInfoRestTemplateFactory' in 'ResourceServerTokenServicesConfiguration' not loaded because @ConditionalOnMissingBean (types: org.springframework.security.oauth2.config.annotation.web.configuration.AuthorizationServerEndpointsConfiguration; SearchStrategy: all) found beans of type 'org.springframework.security.oauth2.config.annotation.web.configuration.AuthorizationServerEndpointsConfiguration' org.springframework.security.oauth2.config.annotation.web.configuration.AuthorizationServerEndpointsConfiguration
Action:
Consider revisiting the entries above or defining a bean of type 'org.springframework.boot.autoconfigure.security.oauth2.resource.UserInfoRestTemplateFactory' in your configuration.
Disconnected from the target VM, address: '127.0.0.1:9125', transport: 'socket'
Process finished with exit code 1
下面给出聊天系统(客户端) spring security 的安全配置:
@Configuration
//@EnableWebSecurity()
@EnableOAuth2Sso
public class SecurityConfiguration extends WebSecurityConfigurerAdapter {
@Resource
private DataSource dataSource;
@Bean
@Override protected UserDetailsService userDetailsService() {
JdbcUserDetailsManager manager = getUserDetailsService();
manager.setDataSource(dataSource);
return manager;
}
public static JdbcUserDetailsManager getUserDetailsService() {
JdbcUserDetailsManager manager = new JdbcUserDetailsManager();
manager.setUsersByUsernameQuery("select login_name AS username, password,'1' AS enabled from im_user where login_name=?");
manager.setAuthoritiesByUsernameQuery("select login_name AS username, 'user' AS authority from im_user where login_name=?");
return manager;
}
@Bean
PasswordEncoder passwordEncoder() {
return PasswordEncoderFactories.createDelegatingPasswordEncoder();
}
/**
* 这一步的配置是必不可少的,否则SpringBoot会自动配置一个 AuthenticationManager,覆盖掉内存中的用户
*/
@Bean
@Override public AuthenticationManager authenticationManagerBean() throws Exception {
return super.authenticationManagerBean();
}
@Override
protected void configure(HttpSecurity http) throws Exception {
http.authorizeRequests().anyRequest().authenticated().and().csrf().disable();
}
}
业务系统(资源/授权)服务器的 spring security 安全配置如下:
@Order(1)
@Configuration
@EnableWebSecurity(debug=true)
public class SecurityConfiguration extends WebSecurityConfigurerAdapter {
@Autowired
SysUserDetailService userDetailService;
// 上传图片所在的路径
@Value("${UPLOAD_STATIC_PATH}")
private String UPLOAD_STATIC_PATH;
@Override
protected void configure(AuthenticationManagerBuilder auth) throws Exception {
auth.userDetailsService(userDetailService)
.passwordEncoder(passwordEncoder());
}
@Bean
PasswordEncoder passwordEncoder() {
return PasswordEncoderFactories.createDelegatingPasswordEncoder();
}
/**
* 这一步的配置是必不可少的,否则SpringBoot会自动配置一个 AuthenticationManager,覆盖掉内存中的用户
*/
@Bean
@Override public AuthenticationManager authenticationManagerBean() throws Exception {
return super.authenticationManagerBean();
}
@Override
public void configure(WebSecurity web) throws Exception {
String[] ignoreList = {
UPLOAD_STATIC_PATH, "static/index.html", "favicon.ico", "/static/**"
};
web.ignoring().antMatchers(ignoreList);
}
@Override
protected void configure(HttpSecurity http) throws Exception {
String[] permits = {"/oauth/**", "/oauths/**", "/lgn"};
http.authorizeRequests()
.antMatchers(permits).permitAll()
.and()
.formLogin()
.loginPage("/lgn")
.loginProcessingUrl("/user/lgn")
.successHandler((request, response, authentication) -> {
RequestDispatcher dispatcher = request.getRequestDispatcher("/user/loginSuccess");
dispatcher.forward(request, response);
})
.failureHandler((request, response, authentication) -> {
RequestDispatcher dispatcher = request.getRequestDispatcher("/user/loginError");
dispatcher.forward(request, response);
})
.permitAll()
.and()
.authorizeRequests().anyRequest().authenticated()
.and()
.csrf()
.disable();
http.logout()
.logoutUrl("/user/exit")
.logoutSuccessHandler(
new LogoutSuccessHandler() {
@Override
public void onLogoutSuccess(HttpServletRequest request, HttpServletResponse response, Authentication authentication) throws IOException, ServletException {
RequestDispatcher dispatcher = request.getRequestDispatcher("/user/exitSuccess");
dispatcher.forward(request, response);
}
});
}
}
下面给出业务系统的授权及资源配置:
@Configuration
@EnableAuthorizationServer()
public class AuthorizationServerConfig extends AuthorizationServerConfigurerAdapter {
@Resource
AuthenticationManager authenticationManager;
@Resource
private UserDetailsService userDetailsService;
public final static String clientId = "aaa";
public final static String scopes = "select";
public final static String rawPassword = "bbb";
@Override
public void configure(ClientDetailsServiceConfigurer clients) throws Exception {
String finalSecret = "{bcrypt}" + new BCryptPasswordEncoder().encode(rawPassword);
clients.inMemory().withClient(clientId)
.authorizedGrantTypes("password", "refresh_token", "authorization_code")
.autoApprove(true)
.scopes(scopes, "user")
.authorities("oauth2")
.secret(finalSecret)
.accessTokenValiditySeconds(7200)
;
}
@Bean
public TokenStore getTokenStore() {
return new InMemoryTokenStore();
}
@Override
public void configure(AuthorizationServerEndpointsConfigurer endpoints) {
endpoints.authenticationManager(authenticationManager)
.tokenStore(getTokenStore())
.userDetailsService(userDetailsService)
.allowedTokenEndpointRequestMethods(HttpMethod.GET, HttpMethod.POST)
;
endpoints.tokenServices(tokenServices());
}
@Override
public void configure(AuthorizationServerSecurityConfigurer oauthServer) {
// oauthServer.allowFormAuthenticationForClients();
oauthServer.allowFormAuthenticationForClients()
.tokenKeyAccess("permitAll()")
.checkTokenAccess("isAuthenticated()");
}
@Bean
public DefaultTokenServices tokenServices() {
final DefaultTokenServices defaultTokenServices = new DefaultTokenServices();
defaultTokenServices.setTokenStore(getTokenStore());
return defaultTokenServices;
}
@Configuration
@EnableResourceServer
protected static class ResourceServerConfiguration extends ResourceServerConfigurerAdapter {
@Override
public void configure(ResourceServerSecurityConfigurer resources) {}
@Override
public void configure(HttpSecurity http) throws Exception {
String[] permits = {"/oauth/**", "/oauths/**", "/user/lgn"};
http
.authorizeRequests()
.antMatchers("/api/**")
.authenticated().and()
.authorizeRequests().antMatchers(permits).permitAll().and()
.cors().and()
.rememberMe().and()
.csrf().disable();
}
}
}
另外还有一点 @EnableResourceServer 注解已经加在业务系统(授权/资源端)的 spring boot 启动类.
聊天系统(客户端)启动报错如下:
java.lang.Object.wait(Native Method)
java.lang.ref.ReferenceQueue.remove(ReferenceQueue.java:143)
com.mysql.jdbc.AbandonedConnectionCleanupThread.run(AbandonedConnectionCleanupThread.java:40)
2020-09-19 11:37:21.673 ERROR 10832 --- [ main] o.s.boot.SpringApplication : Application run failed
org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'UserController': Injection of resource dependencies failed; nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'startTioRunner': Injection of resource dependencies failed; nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'tioWsMsgHandler': Injection of resource dependencies failed; nested exception is org.springframework.beans.factory.UnsatisfiedDependencyException: Error creating bean with name 'jwtTokenServices' defined in class path resource [org/springframework/boot/autoconfigure/security/oauth2/resource/ResourceServerTokenServicesConfiguration$JwtTokenServicesConfiguration.class]: Unsatisfied dependency expressed through method 'jwtTokenServices' parameter 0; nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'jwtTokenStore' defined in class path resource [org/springframework/boot/autoconfigure/security/oauth2/resource/ResourceServerTokenServicesConfiguration$JwtTokenServicesConfiguration.class]: Bean instantiation via factory method failed; nested exception is org.springframework.beans.BeanInstantiationException: Failed to instantiate [org.springframework.security.oauth2.provider.token.TokenStore]: Factory method 'jwtTokenStore' threw exception; nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'jwtTokenEnhancer' defined in class path resource [org/springframework/boot/autoconfigure/security/oauth2/resource/ResourceServerTokenServicesConfiguration$JwtTokenServicesConfiguration.class]: Bean instantiation via factory method failed; nested exception is org.springframework.beans.BeanInstantiationException: Failed to instantiate [org.springframework.security.oauth2.provider.token.store.JwtAccessTokenConverter]: Factory method 'jwtTokenEnhancer' threw exception; nested exception is org.springframework.web.client.HttpClientErrorException$NotFound: 404 null
at org.springframework.context.annotation.CommonAnnotationBeanPostProcessor.postProcessProperties(CommonAnnotationBeanPostProcessor.java:324)
at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.populateBean(AbstractAutowireCapableBeanFactory.java:1378)
at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.doCreateBean(AbstractAutowireCapableBeanFactory.java:575)
at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.createBean(AbstractAutowireCapableBeanFactory.java:498)
at org.springframework.beans.factory.support.AbstractBeanFactory.lambda$doGetBean$0(AbstractBeanFactory.java:320)
at org.springframework.beans.factory.support.DefaultSingletonBeanRegistry.getSingleton(DefaultSingletonBeanRegistry.java:222)
at org.springframework.beans.factory.support.AbstractBeanFactory.doGetBean(AbstractBeanFactory.java:318)
at org.springframework.beans.factory.support.AbstractBeanFactory.getBean(AbstractBeanFactory.java:199)
at org.springframework.beans.factory.support.DefaultListableBeanFactory.preInstantiateSingletons(DefaultListableBeanFactory.java:846)
at org.springframework.context.support.AbstractApplicationContext.finishBeanFactoryInitialization(AbstractApplicationContext.java:863)
at org.springframework.context.support.AbstractApplicationContext.refresh(AbstractApplicationContext.java:546)
at org.springframework.boot.web.servlet.context.ServletWebServerApplicationContext.refresh(ServletWebServerApplicationContext.java:142)
at org.springframework.boot.SpringApplication.refresh(SpringApplication.java:775)
at org.springframework.boot.SpringApplication.refreshContext(SpringApplication.java:397)
at org.springframework.boot.SpringApplication.run(SpringApplication.java:316)
at org.springframework.boot.SpringApplication.run(SpringApplication.java:1260)
at org.springframework.boot.SpringApplication.run(SpringApplication.java:1248)
at com.VServerApplication.main(VServerApplication.java:24)
Caused by: org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'startTioRunner': Injection of resource dependencies failed; nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'tioWsMsgHandler': Injection of resource dependencies failed; nested exception is org.springframework.beans.factory.UnsatisfiedDependencyException: Error creating bean with name 'jwtTokenServices' defined in class path resource [org/springframework/boot/autoconfigure/security/oauth2/resource/ResourceServerTokenServicesConfiguration$JwtTokenServicesConfiguration.class]: Unsatisfied dependency expressed through method 'jwtTokenServices' parameter 0; nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'jwtTokenStore' defined in class path resource [org/springframework/boot/autoconfigure/security/oauth2/resource/ResourceServerTokenServicesConfiguration$JwtTokenServicesConfiguration.class]: Bean instantiation via factory method failed; nested exception is org.springframework.beans.BeanInstantiationException: Failed to instantiate [org.springframework.security.oauth2.provider.token.TokenStore]: Factory method 'jwtTokenStore' threw exception; nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'jwtTokenEnhancer' defined in class path resource [org/springframework/boot/autoconfigure/security/oauth2/resource/ResourceServerTokenServicesConfiguration$JwtTokenServicesConfiguration.class]: Bean instantiation via factory method failed; nested exception is org.springframework.beans.BeanInstantiationException: Failed to instantiate [org.springframework.security.oauth2.provider.token.store.JwtAccessTokenConverter]: Factory method 'jwtTokenEnhancer' threw exception; nested exception is org.springframework.web.client.HttpClientErrorException$NotFound: 404 null
at org.springframework.context.annotation.CommonAnnotationBeanPostProcessor.postProcessProperties(CommonAnnotationBeanPostProcessor.java:324)
at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.populateBean(AbstractAutowireCapableBeanFactory.java:1378)
at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.doCreateBean(AbstractAutowireCapableBeanFactory.java:575)
at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.createBean(AbstractAutowireCapableBeanFactory.java:498)
at org.springframework.beans.factory.support.AbstractBeanFactory.lambda$doGetBean$0(AbstractBeanFactory.java:320)
at org.springframework.beans.factory.support.DefaultSingletonBeanRegistry.getSingleton(DefaultSingletonBeanRegistry.java:222)
at org.springframework.beans.factory.support.AbstractBeanFactory.doGetBean(AbstractBeanFactory.java:318)
at org.springframework.beans.factory.support.AbstractBeanFactory.getBean(AbstractBeanFactory.java:204)
at org.springframework.context.annotation.CommonAnnotationBeanPostProcessor.autowireResource(CommonAnnotationBeanPostProcessor.java:525)
at org.springframework.context.annotation.CommonAnnotationBeanPostProcessor.getResource(CommonAnnotationBeanPostProcessor.java:496)
at org.springframework.context.annotation.CommonAnnotationBeanPostProcessor$ResourceElement.getResourceToInject(CommonAnnotationBeanPostProcessor.java:630)
at org.springframework.beans.factory.annotation.InjectionMetadata$InjectedElement.inject(InjectionMetadata.java:180)
at org.springframework.beans.factory.annotation.InjectionMetadata.inject(InjectionMetadata.java:90)
at org.springframework.context.annotation.CommonAnnotationBeanPostProcessor.postProcessProperties(CommonAnnotationBeanPostProcessor.java:321)
... 17 common frames omitted
Caused by: org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'tioWsMsgHandler': Injection of resource dependencies failed; nested exception is org.springframework.beans.factory.UnsatisfiedDependencyException: Error creating bean with name 'jwtTokenServices' defined in class path resource [org/springframework/boot/autoconfigure/security/oauth2/resource/ResourceServerTokenServicesConfiguration$JwtTokenServicesConfiguration.class]: Unsatisfied dependency expressed through method 'jwtTokenServices' parameter 0; nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'jwtTokenStore' defined in class path resource [org/springframework/boot/autoconfigure/security/oauth2/resource/ResourceServerTokenServicesConfiguration$JwtTokenServicesConfiguration.class]: Bean instantiation via factory method failed; nested exception is org.springframework.beans.BeanInstantiationException: Failed to instantiate [org.springframework.security.oauth2.provider.token.TokenStore]: Factory method 'jwtTokenStore' threw exception; nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'jwtTokenEnhancer' defined in class path resource [org/springframework/boot/autoconfigure/security/oauth2/resource/ResourceServerTokenServicesConfiguration$JwtTokenServicesConfiguration.class]: Bean instantiation via factory method failed; nested exception is org.springframework.beans.BeanInstantiationException: Failed to instantiate [org.springframework.security.oauth2.provider.token.store.JwtAccessTokenConverter]: Factory method 'jwtTokenEnhancer' threw exception; nested exception is org.springframework.web.client.HttpClientErrorException$NotFound: 404 null
at org.springframework.context.annotation.CommonAnnotationBeanPostProcessor.postProcessProperties(CommonAnnotationBeanPostProcessor.java:324)
at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.populateBean(AbstractAutowireCapableBeanFactory.java:1378)
at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.doCreateBean(AbstractAutowireCapableBeanFactory.java:575)
at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.createBean(AbstractAutowireCapableBeanFactory.java:498)
at org.springframework.beans.factory.support.AbstractBeanFactory.lambda$doGetBean$0(AbstractBeanFactory.java:320)
at org.springframework.beans.factory.support.DefaultSingletonBeanRegistry.getSingleton(DefaultSingletonBeanRegistry.java:222)
at org.springframework.beans.factory.support.AbstractBeanFactory.doGetBean(AbstractBeanFactory.java:318)
at org.springframework.beans.factory.support.AbstractBeanFactory.getBean(AbstractBeanFactory.java:204)
at org.springframework.context.annotation.CommonAnnotationBeanPostProcessor.autowireResource(CommonAnnotationBeanPostProcessor.java:525)
at org.springframework.context.annotation.CommonAnnotationBeanPostProcessor.getResource(CommonAnnotationBeanPostProcessor.java:496)
at org.springframework.context.annotation.CommonAnnotationBeanPostProcessor$ResourceElement.getResourceToInject(CommonAnnotationBeanPostProcessor.java:630)
at org.springframework.beans.factory.annotation.InjectionMetadata$InjectedElement.inject(InjectionMetadata.java:180)
at org.springframework.beans.factory.annotation.InjectionMetadata.inject(InjectionMetadata.java:90)
at org.springframework.context.annotation.CommonAnnotationBeanPostProcessor.postProcessProperties(CommonAnnotationBeanPostProcessor.java:321)
... 30 common frames omitted
Caused by: org.springframework.beans.factory.UnsatisfiedDependencyException: Error creating bean with name 'jwtTokenServices' defined in class path resource [org/springframework/boot/autoconfigure/security/oauth2/resource/ResourceServerTokenServicesConfiguration$JwtTokenServicesConfiguration.class]: Unsatisfied dependency expressed through method 'jwtTokenServices' parameter 0; nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'jwtTokenStore' defined in class path resource [org/springframework/boot/autoconfigure/security/oauth2/resource/ResourceServerTokenServicesConfiguration$JwtTokenServicesConfiguration.class]: Bean instantiation via factory method failed; nested exception is org.springframework.beans.BeanInstantiationException: Failed to instantiate [org.springframework.security.oauth2.provider.token.TokenStore]: Factory method 'jwtTokenStore' threw exception; nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'jwtTokenEnhancer' defined in class path resource [org/springframework/boot/autoconfigure/security/oauth2/resource/ResourceServerTokenServicesConfiguration$JwtTokenServicesConfiguration.class]: Bean instantiation via factory method failed; nested exception is org.springframework.beans.BeanInstantiationException: Failed to instantiate [org.springframework.security.oauth2.provider.token.store.JwtAccessTokenConverter]: Factory method 'jwtTokenEnhancer' threw exception; nested exception is org.springframework.web.client.HttpClientErrorException$NotFound: 404 null
at org.springframework.beans.factory.support.ConstructorResolver.createArgumentArray(ConstructorResolver.java:769)
at org.springframework.beans.factory.support.ConstructorResolver.instantiateUsingFactoryMethod(ConstructorResolver.java:509)
at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.instantiateUsingFactoryMethod(AbstractAutowireCapableBeanFactory.java:1288)
at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.createBeanInstance(AbstractAutowireCapableBeanFactory.java:1127)
at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.doCreateBean(AbstractAutowireCapableBeanFactory.java:538)
at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.createBean(AbstractAutowireCapableBeanFactory.java:498)
at org.springframework.beans.factory.support.AbstractBeanFactory.lambda$doGetBean$0(AbstractBeanFactory.java:320)
at org.springframework.beans.factory.support.DefaultSingletonBeanRegistry.getSingleton(DefaultSingletonBeanRegistry.java:222)
at org.springframework.beans.factory.support.AbstractBeanFactory.doGetBean(AbstractBeanFactory.java:318)
at org.springframework.beans.factory.support.AbstractBeanFactory.getBean(AbstractBeanFactory.java:199)
at org.springframework.beans.factory.config.DependencyDescriptor.resolveCandidate(DependencyDescriptor.java:277)
at org.springframework.beans.factory.support.DefaultListableBeanFactory.doResolveDependency(DefaultListableBeanFactory.java:1244)
at org.springframework.beans.factory.support.DefaultListableBeanFactory.resolveDependency(DefaultListableBeanFactory.java:1164)
at org.springframework.context.annotation.CommonAnnotationBeanPostProcessor.autowireResource(CommonAnnotationBeanPostProcessor.java:518)
at org.springframework.context.annotation.CommonAnnotationBeanPostProcessor.getResource(CommonAnnotationBeanPostProcessor.java:496)
at org.springframework.context.annotation.CommonAnnotationBeanPostProcessor$ResourceElement.getResourceToInject(CommonAnnotationBeanPostProcessor.java:630)
at org.springframework.beans.factory.annotation.InjectionMetadata$InjectedElement.inject(InjectionMetadata.java:180)
at org.springframework.beans.factory.annotation.InjectionMetadata.inject(InjectionMetadata.java:90)
at org.springframework.context.annotation.CommonAnnotationBeanPostProcessor.postProcessProperties(CommonAnnotationBeanPostProcessor.java:321)
... 43 common frames omitted
Caused by: org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'jwtTokenStore' defined in class path resource [org/springframework/boot/autoconfigure/security/oauth2/resource/ResourceServerTokenServicesConfiguration$JwtTokenServicesConfiguration.class]: Bean instantiation via factory method failed; nested exception is org.springframework.beans.BeanInstantiationException: Failed to instantiate [org.springframework.security.oauth2.provider.token.TokenStore]: Factory method 'jwtTokenStore' threw exception; nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'jwtTokenEnhancer' defined in class path resource [org/springframework/boot/autoconfigure/security/oauth2/resource/ResourceServerTokenServicesConfiguration$JwtTokenServicesConfiguration.class]: Bean instantiation via factory method failed; nested exception is org.springframework.beans.BeanInstantiationException: Failed to instantiate [org.springframework.security.oauth2.provider.token.store.JwtAccessTokenConverter]: Factory method 'jwtTokenEnhancer' threw exception; nested exception is org.springframework.web.client.HttpClientErrorException$NotFound: 404 null
at org.springframework.beans.factory.support.ConstructorResolver.instantiate(ConstructorResolver.java:627)
at org.springframework.beans.factory.support.ConstructorResolver.instantiateUsingFactoryMethod(ConstructorResolver.java:456)
at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.instantiateUsingFactoryMethod(AbstractAutowireCapableBeanFactory.java:1288)
at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.createBeanInstance(AbstractAutowireCapableBeanFactory.java:1127)
at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.doCreateBean(AbstractAutowireCapableBeanFactory.java:538)
at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.createBean(AbstractAutowireCapableBeanFactory.java:498)
at org.springframework.beans.factory.support.AbstractBeanFactory.lambda$doGetBean$0(AbstractBeanFactory.java:320)
at org.springframework.beans.factory.support.DefaultSingletonBeanRegistry.getSingleton(DefaultSingletonBeanRegistry.java:222)
at org.springframework.beans.factory.support.AbstractBeanFactory.doGetBean(AbstractBeanFactory.java:318)
at org.springframework.beans.factory.support.AbstractBeanFactory.getBean(AbstractBeanFactory.java:199)
at org.springframework.beans.factory.config.DependencyDescriptor.resolveCandidate(DependencyDescriptor.java:277)
at org.springframework.beans.factory.support.DefaultListableBeanFactory.doResolveDependency(DefaultListableBeanFactory.java:1244)
at org.springframework.beans.factory.support.DefaultListableBeanFactory.resolveDependency(DefaultListableBeanFactory.java:1164)
at org.springframework.beans.factory.support.ConstructorResolver.resolveAutowiredArgument(ConstructorResolver.java:857)
at org.springframework.beans.factory.support.ConstructorResolver.createArgumentArray(ConstructorResolver.java:760)
... 61 common frames omitted
Caused by: org.springframework.beans.BeanInstantiationException: Failed to instantiate [org.springframework.security.oauth2.provider.token.TokenStore]: Factory method 'jwtTokenStore' threw exception; nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'jwtTokenEnhancer' defined in class path resource [org/springframework/boot/autoconfigure/security/oauth2/resource/ResourceServerTokenServicesConfiguration$JwtTokenServicesConfiguration.class]: Bean instantiation via factory method failed; nested exception is org.springframework.beans.BeanInstantiationException: Failed to instantiate [org.springframework.security.oauth2.provider.token.store.JwtAccessTokenConverter]: Factory method 'jwtTokenEnhancer' threw exception; nested exception is org.springframework.web.client.HttpClientErrorException$NotFound: 404 null
at org.springframework.beans.factory.support.SimpleInstantiationStrategy.instantiate(SimpleInstantiationStrategy.java:185)
at org.springframework.beans.factory.support.ConstructorResolver.instantiate(ConstructorResolver.java:622)
... 75 common frames omitted
Caused by: org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'jwtTokenEnhancer' defined in class path resource [org/springframework/boot/autoconfigure/security/oauth2/resource/ResourceServerTokenServicesConfiguration$JwtTokenServicesConfiguration.class]: Bean instantiation via factory method failed; nested exception is org.springframework.beans.BeanInstantiationException: Failed to instantiate [org.springframework.security.oauth2.provider.token.store.JwtAccessTokenConverter]: Factory method 'jwtTokenEnhancer' threw exception; nested exception is org.springframework.web.client.HttpClientErrorException$NotFound: 404 null
at org.springframework.beans.factory.support.ConstructorResolver.instantiate(ConstructorResolver.java:627)
at org.springframework.beans.factory.support.ConstructorResolver.instantiateUsingFactoryMethod(ConstructorResolver.java:456)
at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.instantiateUsingFactoryMethod(AbstractAutowireCapableBeanFactory.java:1288)
at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.createBeanInstance(AbstractAutowireCapableBeanFactory.java:1127)
at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.doCreateBean(AbstractAutowireCapableBeanFactory.java:538)
at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.createBean(AbstractAutowireCapableBeanFactory.java:498)
at org.springframework.beans.factory.support.AbstractBeanFactory.lambda$doGetBean$0(AbstractBeanFactory.java:320)
at org.springframework.beans.factory.support.DefaultSingletonBeanRegistry.getSingleton(DefaultSingletonBeanRegistry.java:222)
at org.springframework.beans.factory.support.AbstractBeanFactory.doGetBean(AbstractBeanFactory.java:318)
at org.springframework.beans.factory.support.AbstractBeanFactory.getBean(AbstractBeanFactory.java:199)
at org.springframework.context.annotation.ConfigurationClassEnhancer$BeanMethodInterceptor.resolveBeanReference(ConfigurationClassEnhancer.java:394)
at org.springframework.context.annotation.ConfigurationClassEnhancer$BeanMethodInterceptor.intercept(ConfigurationClassEnhancer.java:366)
at org.springframework.boot.autoconfigure.security.oauth2.resource.ResourceServerTokenServicesConfiguration$JwtTokenServicesConfiguration$$EnhancerBySpringCGLIB$$3a097132.jwtTokenEnhancer(<generated>)
at org.springframework.boot.autoconfigure.security.oauth2.resource.ResourceServerTokenServicesConfiguration$JwtTokenServicesConfiguration.jwtTokenStore(ResourceServerTokenServicesConfiguration.java:267)
at org.springframework.boot.autoconfigure.security.oauth2.resource.ResourceServerTokenServicesConfiguration$JwtTokenServicesConfiguration$$EnhancerBySpringCGLIB$$3a097132.CGLIB$jwtTokenStore$2(<generated>)
at org.springframework.boot.autoconfigure.security.oauth2.resource.ResourceServerTokenServicesConfiguration$JwtTokenServicesConfiguration$$EnhancerBySpringCGLIB$$3a097132$$FastClassBySpringCGLIB$$f723e408.invoke(<generated>)
at org.springframework.cglib.proxy.MethodProxy.invokeSuper(MethodProxy.java:244)
at org.springframework.context.annotation.ConfigurationClassEnhancer$BeanMethodInterceptor.intercept(ConfigurationClassEnhancer.java:363)
at org.springframework.boot.autoconfigure.security.oauth2.resource.ResourceServerTokenServicesConfiguration$JwtTokenServicesConfiguration$$EnhancerBySpringCGLIB$$3a097132.jwtTokenStore(<generated>)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:498)
at org.springframework.beans.factory.support.SimpleInstantiationStrategy.instantiate(SimpleInstantiationStrategy.java:154)
... 76 common frames omitted
Caused by: org.springframework.beans.BeanInstantiationException: Failed to instantiate [org.springframework.security.oauth2.provider.token.store.JwtAccessTokenConverter]: Factory method 'jwtTokenEnhancer' threw exception; nested exception is org.springframework.web.client.HttpClientErrorException$NotFound: 404 null
at org.springframework.beans.factory.support.SimpleInstantiationStrategy.instantiate(SimpleInstantiationStrategy.java:185)
at org.springframework.beans.factory.support.ConstructorResolver.instantiate(ConstructorResolver.java:622)
... 99 common frames omitted
Caused by: org.springframework.web.client.HttpClientErrorException$NotFound: 404 null
at org.springframework.web.client.HttpClientErrorException.create(HttpClientErrorException.java:85)
at org.springframework.web.client.DefaultResponseErrorHandler.handleError(DefaultResponseErrorHandler.java:122)
at org.springframework.web.client.DefaultResponseErrorHandler.handleError(DefaultResponseErrorHandler.java:102)
at org.springframework.web.client.ResponseErrorHandler.handleError(ResponseErrorHandler.java:63)
at org.springframework.web.client.RestTemplate.handleResponse(RestTemplate.java:777)
at org.springframework.web.client.RestTemplate.doExecute(RestTemplate.java:735)
at org.springframework.web.client.RestTemplate.execute(RestTemplate.java:669)
at org.springframework.web.client.RestTemplate.exchange(RestTemplate.java:578)
at org.springframework.boot.autoconfigure.security.oauth2.resource.ResourceServerTokenServicesConfiguration$JwtTokenServicesConfiguration.getKeyFromServer(ResourceServerTokenServicesConfiguration.java:310)
at org.springframework.boot.autoconfigure.security.oauth2.resource.ResourceServerTokenServicesConfiguration$JwtTokenServicesConfiguration.jwtTokenEnhancer(ResourceServerTokenServicesConfiguration.java:275)
at org.springframework.boot.autoconfigure.security.oauth2.resource.ResourceServerTokenServicesConfiguration$JwtTokenServicesConfiguration$$EnhancerBySpringCGLIB$$3a097132.CGLIB$jwtTokenEnhancer$0(<generated>)
at org.springframework.boot.autoconfigure.security.oauth2.resource.ResourceServerTokenServicesConfiguration$JwtTokenServicesConfiguration$$EnhancerBySpringCGLIB$$3a097132$$FastClassBySpringCGLIB$$f723e408.invoke(<generated>)
at org.springframework.cglib.proxy.MethodProxy.invokeSuper(MethodProxy.java:244)
at org.springframework.context.annotation.ConfigurationClassEnhancer$BeanMethodInterceptor.intercept(ConfigurationClassEnhancer.java:363)
at org.springframework.boot.autoconfigure.security.oauth2.resource.ResourceServerTokenServicesConfiguration$JwtTokenServicesConfiguration$$EnhancerBySpringCGLIB$$3a097132.jwtTokenEnhancer(<generated>)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:498)
at org.springframework.beans.factory.support.SimpleInstantiationStrategy.instantiate(SimpleInstantiationStrategy.java:154)
... 100 common frames omitted
Disconnected from the target VM, address: '127.0.0.1:9209', transport: 'socket'
Process finished with exit code 1
业务系统收到 get 请求, 报错如下:
2020-09-19 11:37:21.236 DEBUG 13408 --- [nio-8090-exec-1] o.a.coyote.http11.Http11InputBuffer : Received [GET /oauth/token_key HTTP/1.1
Accept: application/json, application/*+json
Authorization: Basic eGhJbTp4aC1pbS1zeXM=
User-Agent: Java/1.8.0_101
Host: localhost:8090
Connection: keep-alive
]
2020-09-19 11:37:21.267 DEBUG 13408 --- [nio-8090-exec-1] org.apache.tomcat.util.http.Parameters : Set query string encoding to UTF-8
2020-09-19 11:37:21.267 DEBUG 13408 --- [nio-8090-exec-1] o.a.c.authenticator.AuthenticatorBase : Security checking request GET /oauth/token_key
2020-09-19 11:37:21.267 DEBUG 13408 --- [nio-8090-exec-1] org.apache.catalina.realm.RealmBase : No applicable constraints defined
2020-09-19 11:37:21.283 DEBUG 13408 --- [nio-8090-exec-1] o.a.c.a.jaspic.AuthConfigFactoryImpl : Loading persistent provider registrations from [C:\Users\weizhijin\AppData\Local\Temp\tomcat.1718251064941918955.8090\conf\jaspic-providers.xml]
2020-09-19 11:37:21.283 DEBUG 13408 --- [nio-8090-exec-1] o.a.c.authenticator.AuthenticatorBase : Not subject to any constraint
2020-09-19 11:37:21.283 INFO 13408 --- [nio-8090-exec-1] o.a.c.c.C.[Tomcat].[localhost].[/] : Initializing Spring DispatcherServlet 'dispatcherServlet'
2020-09-19 11:37:21.283 INFO 13408 --- [nio-8090-exec-1] o.s.web.servlet.DispatcherServlet : Initializing Servlet 'dispatcherServlet'
2020-09-19 11:37:21.283 DEBUG 13408 --- [nio-8090-exec-1] o.s.web.servlet.DispatcherServlet : Detected StandardServletMultipartResolver
2020-09-19 11:37:21.298 DEBUG 13408 --- [nio-8090-exec-1] o.s.web.servlet.DispatcherServlet : enableLoggingRequestDetails='false': request parameters and headers will be masked to prevent unsafe logging of potentially sensitive data
2020-09-19 11:37:21.298 INFO 13408 --- [nio-8090-exec-1] o.s.web.servlet.DispatcherServlet : Completed initialization in 15 ms
2020-09-19 11:37:21.298 DEBUG 13408 --- [nio-8090-exec-1] o.s.s.w.u.matcher.AntPathRequestMatcher : Checking match of request : '/oauth/token_key'; against '/upload/**'
2020-09-19 11:37:21.298 DEBUG 13408 --- [nio-8090-exec-1] o.s.s.w.u.matcher.AntPathRequestMatcher : Checking match of request : '/oauth/token_key'; against 'static/index.html'
2020-09-19 11:37:21.298 DEBUG 13408 --- [nio-8090-exec-1] o.s.s.w.u.matcher.AntPathRequestMatcher : Checking match of request : '/oauth/token_key'; against 'favicon.ico'
2020-09-19 11:37:21.298 DEBUG 13408 --- [nio-8090-exec-1] o.s.s.w.u.matcher.AntPathRequestMatcher : Checking match of request : '/oauth/token_key'; against '/static/**'
2020-09-19 11:37:21.298 DEBUG 13408 --- [nio-8090-exec-1] o.s.s.w.u.matcher.AntPathRequestMatcher : Checking match of request : '/oauth/token_key'; against '/fabu'
2020-09-19 11:37:21.298 DEBUG 13408 --- [nio-8090-exec-1] o.s.s.w.u.matcher.AntPathRequestMatcher : Checking match of request : '/oauth/token_key'; against '/tongcheng'
2020-09-19 11:37:21.298 DEBUG 13408 --- [nio-8090-exec-1] o.s.s.w.u.matcher.AntPathRequestMatcher : Checking match of request : '/oauth/token_key'; against '/edit'
2020-09-19 11:37:21.298 DEBUG 13408 --- [nio-8090-exec-1] o.s.s.w.u.matcher.AntPathRequestMatcher : Checking match of request : '/oauth/token_key'; against '/xiuchang'
2020-09-19 11:37:21.298 DEBUG 13408 --- [nio-8090-exec-1] o.s.s.w.u.matcher.AntPathRequestMatcher : Checking match of request : '/oauth/token_key'; against '/ruzhu'
2020-09-19 11:37:21.298 DEBUG 13408 --- [nio-8090-exec-1] o.s.s.w.u.matcher.AntPathRequestMatcher : Checking match of request : '/oauth/token_key'; against '/login'
2020-09-19 11:37:21.298 DEBUG 13408 --- [nio-8090-exec-1] o.s.s.w.u.matcher.AntPathRequestMatcher : Checking match of request : '/oauth/token_key'; against '/paotui'
2020-09-19 11:37:21.298 DEBUG 13408 --- [nio-8090-exec-1] o.s.s.w.u.matcher.AntPathRequestMatcher : Checking match of request : '/oauth/token_key'; against '/index'
2020-09-19 11:37:21.298 DEBUG 13408 --- [nio-8090-exec-1] o.s.s.w.u.matcher.AntPathRequestMatcher : Checking match of request : '/oauth/token_key'; against '/todayMsg/list'
2020-09-19 11:37:21.298 DEBUG 13408 --- [nio-8090-exec-1] o.s.s.w.u.matcher.AntPathRequestMatcher : Checking match of request : '/oauth/token_key'; against '/post/list'
2020-09-19 11:37:21.298 DEBUG 13408 --- [nio-8090-exec-1] o.s.s.w.u.matcher.AntPathRequestMatcher : Checking match of request : '/oauth/token_key'; against '/busn/list/*'
2020-09-19 11:37:21.298 DEBUG 13408 --- [nio-8090-exec-1] o.s.s.w.u.matcher.AntPathRequestMatcher : Checking match of request : '/oauth/token_key'; against '/file/temp'
2020-09-19 11:37:21.298 DEBUG 13408 --- [nio-8090-exec-1] o.s.s.w.u.matcher.AntPathRequestMatcher : Checking match of request : '/oauth/token_key'; against '/user/nearby'
2020-09-19 11:37:21.298 DEBUG 13408 --- [nio-8090-exec-1] o.s.s.w.u.matcher.AntPathRequestMatcher : Checking match of request : '/oauth/token_key'; against '/user/getInfo'
2020-09-19 11:37:21.298 DEBUG 13408 --- [nio-8090-exec-1] o.s.s.w.u.matcher.AntPathRequestMatcher : Checking match of request : '/oauth/token_key'; against '/user/sign'
2020-09-19 11:37:21.298 DEBUG 13408 --- [nio-8090-exec-1] o.s.s.w.u.matcher.AntPathRequestMatcher : Checking match of request : '/oauth/token_key'; against '/user/dvrysign'
2020-09-19 11:37:21.298 DEBUG 13408 --- [nio-8090-exec-1] o.s.s.w.u.matcher.AntPathRequestMatcher : Checking match of request : '/oauth/token_key'; against '/user/mersign'
2020-09-19 11:37:21.298 DEBUG 13408 --- [nio-8090-exec-1] o.s.s.w.u.matcher.AntPathRequestMatcher : Checking match of request : '/oauth/token_key'; against '/category/list/*'
2020-09-19 11:37:21.298 DEBUG 13408 --- [nio-8090-exec-1] o.s.s.web.util.matcher.OrRequestMatcher : Trying to match using Ant [pattern='/oauth/token']
2020-09-19 11:37:21.298 DEBUG 13408 --- [nio-8090-exec-1] o.s.s.w.u.matcher.AntPathRequestMatcher : Checking match of request : '/oauth/token_key'; against '/oauth/token'
2020-09-19 11:37:21.298 DEBUG 13408 --- [nio-8090-exec-1] o.s.s.web.util.matcher.OrRequestMatcher : Trying to match using Ant [pattern='/oauth/token_key']
2020-09-19 11:37:21.298 DEBUG 13408 --- [nio-8090-exec-1] o.s.s.w.u.matcher.AntPathRequestMatcher : Checking match of request : '/oauth/token_key'; against '/oauth/token_key'
2020-09-19 11:37:21.298 DEBUG 13408 --- [nio-8090-exec-1] o.s.s.web.util.matcher.OrRequestMatcher : matched
2020-09-19 11:37:21.298 INFO 13408 --- [nio-8090-exec-1] Spring Security Debugger :
************************************************************
Request received for GET '/oauth/token_key':
org.apache.catalina.connector.RequestFacade@6c7a85e1
servletPath:/oauth/token_key
pathInfo:null
headers:
accept: application/json, application/*+json
authorization: Basic eGhJbTp4aC1pbS1zeXM=
user-agent: Java/1.8.0_101
host: localhost:8090
connection: keep-alive
Security filter chain: [
WebAsyncManagerIntegrationFilter
SecurityContextPersistenceFilter
HeaderWriterFilter
LogoutFilter
ClientCredentialsTokenEndpointFilter
BasicAuthenticationFilter
RequestCacheAwareFilter
SecurityContextHolderAwareRequestFilter
AnonymousAuthenticationFilter
SessionManagementFilter
ExceptionTranslationFilter
FilterSecurityInterceptor
]
************************************************************
2020-09-19 11:37:21.314 DEBUG 13408 --- [nio-8090-exec-1] o.s.s.w.u.matcher.AntPathRequestMatcher : Checking match of request : '/oauth/token_key'; against '/upload/**'
2020-09-19 11:37:21.314 DEBUG 13408 --- [nio-8090-exec-1] o.s.s.w.u.matcher.AntPathRequestMatcher : Checking match of request : '/oauth/token_key'; against 'static/index.html'
2020-09-19 11:37:21.314 DEBUG 13408 --- [nio-8090-exec-1] o.s.s.w.u.matcher.AntPathRequestMatcher : Checking match of request : '/oauth/token_key'; against 'favicon.ico'
2020-09-19 11:37:21.314 DEBUG 13408 --- [nio-8090-exec-1] o.s.s.w.u.matcher.AntPathRequestMatcher : Checking match of request : '/oauth/token_key'; against '/static/**'
2020-09-19 11:37:21.314 DEBUG 13408 --- [nio-8090-exec-1] o.s.s.w.u.matcher.AntPathRequestMatcher : Checking match of request : '/oauth/token_key'; against '/fabu'
2020-09-19 11:37:21.314 DEBUG 13408 --- [nio-8090-exec-1] o.s.s.w.u.matcher.AntPathRequestMatcher : Checking match of request : '/oauth/token_key'; against '/tongcheng'
2020-09-19 11:37:21.314 DEBUG 13408 --- [nio-8090-exec-1] o.s.s.w.u.matcher.AntPathRequestMatcher : Checking match of request : '/oauth/token_key'; against '/edit'
2020-09-19 11:37:21.314 DEBUG 13408 --- [nio-8090-exec-1] o.s.s.w.u.matcher.AntPathRequestMatcher : Checking match of request : '/oauth/token_key'; against '/xiuchang'
2020-09-19 11:37:21.314 DEBUG 13408 --- [nio-8090-exec-1] o.s.s.w.u.matcher.AntPathRequestMatcher : Checking match of request : '/oauth/token_key'; against '/ruzhu'
2020-09-19 11:37:21.314 DEBUG 13408 --- [nio-8090-exec-1] o.s.s.w.u.matcher.AntPathRequestMatcher : Checking match of request : '/oauth/token_key'; against '/login'
2020-09-19 11:37:21.314 DEBUG 13408 --- [nio-8090-exec-1] o.s.s.w.u.matcher.AntPathRequestMatcher : Checking match of request : '/oauth/token_key'; against '/paotui'
2020-09-19 11:37:21.314 DEBUG 13408 --- [nio-8090-exec-1] o.s.s.w.u.matcher.AntPathRequestMatcher : Checking match of request : '/oauth/token_key'; against '/index'
2020-09-19 11:37:21.314 DEBUG 13408 --- [nio-8090-exec-1] o.s.s.w.u.matcher.AntPathRequestMatcher : Checking match of request : '/oauth/token_key'; against '/todayMsg/list'
2020-09-19 11:37:21.314 DEBUG 13408 --- [nio-8090-exec-1] o.s.s.w.u.matcher.AntPathRequestMatcher : Checking match of request : '/oauth/token_key'; against '/post/list'
2020-09-19 11:37:21.314 DEBUG 13408 --- [nio-8090-exec-1] o.s.s.w.u.matcher.AntPathRequestMatcher : Checking match of request : '/oauth/token_key'; against '/busn/list/*'
2020-09-19 11:37:21.314 DEBUG 13408 --- [nio-8090-exec-1] o.s.s.w.u.matcher.AntPathRequestMatcher : Checking match of request : '/oauth/token_key'; against '/file/temp'
2020-09-19 11:37:21.314 DEBUG 13408 --- [nio-8090-exec-1] o.s.s.w.u.matcher.AntPathRequestMatcher : Checking match of request : '/oauth/token_key'; against '/user/nearby'
2020-09-19 11:37:21.314 DEBUG 13408 --- [nio-8090-exec-1] o.s.s.w.u.matcher.AntPathRequestMatcher : Checking match of request : '/oauth/token_key'; against '/user/getInfo'
2020-09-19 11:37:21.314 DEBUG 13408 --- [nio-8090-exec-1] o.s.s.w.u.matcher.AntPathRequestMatcher : Checking match of request : '/oauth/token_key'; against '/user/sign'
2020-09-19 11:37:21.314 DEBUG 13408 --- [nio-8090-exec-1] o.s.s.w.u.matcher.AntPathRequestMatcher : Checking match of request : '/oauth/token_key'; against '/user/dvrysign'
2020-09-19 11:37:21.314 DEBUG 13408 --- [nio-8090-exec-1] o.s.s.w.u.matcher.AntPathRequestMatcher : Checking match of request : '/oauth/token_key'; against '/user/mersign'
2020-09-19 11:37:21.314 DEBUG 13408 --- [nio-8090-exec-1] o.s.s.w.u.matcher.AntPathRequestMatcher : Checking match of request : '/oauth/token_key'; against '/category/list/*'
2020-09-19 11:37:21.314 DEBUG 13408 --- [nio-8090-exec-1] o.s.s.web.util.matcher.OrRequestMatcher : Trying to match using Ant [pattern='/oauth/token']
2020-09-19 11:37:21.314 DEBUG 13408 --- [nio-8090-exec-1] o.s.s.w.u.matcher.AntPathRequestMatcher : Checking match of request : '/oauth/token_key'; against '/oauth/token'
2020-09-19 11:37:21.314 DEBUG 13408 --- [nio-8090-exec-1] o.s.s.web.util.matcher.OrRequestMatcher : Trying to match using Ant [pattern='/oauth/token_key']
2020-09-19 11:37:21.314 DEBUG 13408 --- [nio-8090-exec-1] o.s.s.w.u.matcher.AntPathRequestMatcher : Checking match of request : '/oauth/token_key'; against '/oauth/token_key'
2020-09-19 11:37:21.314 DEBUG 13408 --- [nio-8090-exec-1] o.s.s.web.util.matcher.OrRequestMatcher : matched
2020-09-19 11:37:21.314 DEBUG 13408 --- [nio-8090-exec-1] o.s.security.web.FilterChainProxy : /oauth/token_key at position 1 of 12 in additional filter chain; firing Filter: 'WebAsyncManagerIntegrationFilter'
2020-09-19 11:37:21.314 DEBUG 13408 --- [nio-8090-exec-1] o.s.security.web.FilterChainProxy : /oauth/token_key at position 2 of 12 in additional filter chain; firing Filter: 'SecurityContextPersistenceFilter'
2020-09-19 11:37:21.314 DEBUG 13408 --- [nio-8090-exec-1] o.s.security.web.FilterChainProxy : /oauth/token_key at position 3 of 12 in additional filter chain; firing Filter: 'HeaderWriterFilter'
2020-09-19 11:37:21.314 DEBUG 13408 --- [nio-8090-exec-1] o.s.security.web.FilterChainProxy : /oauth/token_key at position 4 of 12 in additional filter chain; firing Filter: 'LogoutFilter'
2020-09-19 11:37:21.314 DEBUG 13408 --- [nio-8090-exec-1] o.s.s.web.util.matcher.OrRequestMatcher : Trying to match using Ant [pattern='/logout', GET]
2020-09-19 11:37:21.314 DEBUG 13408 --- [nio-8090-exec-1] o.s.s.w.u.matcher.AntPathRequestMatcher : Checking match of request : '/oauth/token_key'; against '/logout'
2020-09-19 11:37:21.314 DEBUG 13408 --- [nio-8090-exec-1] o.s.s.web.util.matcher.OrRequestMatcher : Trying to match using Ant [pattern='/logout', POST]
2020-09-19 11:37:21.314 DEBUG 13408 --- [nio-8090-exec-1] o.s.s.w.u.matcher.AntPathRequestMatcher : Request 'GET /oauth/token_key' doesn't match 'POST /logout'
2020-09-19 11:37:21.314 DEBUG 13408 --- [nio-8090-exec-1] o.s.s.web.util.matcher.OrRequestMatcher : Trying to match using Ant [pattern='/logout', PUT]
2020-09-19 11:37:21.314 DEBUG 13408 --- [nio-8090-exec-1] o.s.s.w.u.matcher.AntPathRequestMatcher : Request 'GET /oauth/token_key' doesn't match 'PUT /logout'
2020-09-19 11:37:21.314 DEBUG 13408 --- [nio-8090-exec-1] o.s.s.web.util.matcher.OrRequestMatcher : Trying to match using Ant [pattern='/logout', DELETE]
2020-09-19 11:37:21.314 DEBUG 13408 --- [nio-8090-exec-1] o.s.s.w.u.matcher.AntPathRequestMatcher : Request 'GET /oauth/token_key' doesn't match 'DELETE /logout'
2020-09-19 11:37:21.314 DEBUG 13408 --- [nio-8090-exec-1] o.s.s.web.util.matcher.OrRequestMatcher : No matches found
2020-09-19 11:37:21.314 DEBUG 13408 --- [nio-8090-exec-1] o.s.security.web.FilterChainProxy : /oauth/token_key at position 5 of 12 in additional filter chain; firing Filter: 'ClientCredentialsTokenEndpointFilter'
2020-09-19 11:37:21.314 DEBUG 13408 --- [nio-8090-exec-1] org.apache.tomcat.util.http.Parameters : Set encoding to UTF-8
2020-09-19 11:37:21.314 DEBUG 13408 --- [nio-8090-exec-1] o.s.security.web.FilterChainProxy : /oauth/token_key at position 6 of 12 in additional filter chain; firing Filter: 'BasicAuthenticationFilter'
2020-09-19 11:37:21.330 DEBUG 13408 --- [nio-8090-exec-1] o.s.s.w.a.www.BasicAuthenticationFilter : Basic Authentication Authorization header found for user 'xhIm'
2020-09-19 11:37:21.330 DEBUG 13408 --- [nio-8090-exec-1] o.s.s.authentication.ProviderManager : Authentication attempt using org.springframework.security.authentication.dao.DaoAuthenticationProvider
2020-09-19 11:37:21.423 DEBUG 13408 --- [nio-8090-exec-1] o.s.b.f.s.DefaultListableBeanFactory : Creating shared instance of singleton bean 'scopedTarget.clientDetailsService'
2020-09-19 11:37:21.533 DEBUG 13408 --- [nio-8090-exec-1] o.s.s.w.a.www.BasicAuthenticationFilter : Authentication success: org.springframework.security.authentication.UsernamePasswordAuthenticationToken@3d30b2f5: Principal: org.springframework.security.core.userdetails.User@381c34: Username: xhIm; Password: [PROTECTED]; Enabled: true; AccountNonExpired: true; credentialsNonExpired: true; AccountNonLocked: true; Granted Authorities: oauth2; Credentials: [PROTECTED]; Authenticated: true; Details: org.springframework.security.web.authentication.WebAuthenticationDetails@957e: RemoteIpAddress: 127.0.0.1; SessionId: null; Granted Authorities: oauth2
2020-09-19 11:37:21.533 DEBUG 13408 --- [nio-8090-exec-1] o.s.security.web.FilterChainProxy : /oauth/token_key at position 7 of 12 in additional filter chain; firing Filter: 'RequestCacheAwareFilter'
2020-09-19 11:37:21.533 DEBUG 13408 --- [nio-8090-exec-1] o.s.s.w.s.HttpSessionRequestCache : saved request doesn't match
2020-09-19 11:37:21.533 DEBUG 13408 --- [nio-8090-exec-1] o.s.security.web.FilterChainProxy : /oauth/token_key at position 8 of 12 in additional filter chain; firing Filter: 'SecurityContextHolderAwareRequestFilter'
2020-09-19 11:37:21.533 DEBUG 13408 --- [nio-8090-exec-1] o.s.security.web.FilterChainProxy : /oauth/token_key at position 9 of 12 in additional filter chain; firing Filter: 'AnonymousAuthenticationFilter'
2020-09-19 11:37:21.533 DEBUG 13408 --- [nio-8090-exec-1] o.s.s.w.a.AnonymousAuthenticationFilter : SecurityContextHolder not populated with anonymous token, as it already contained: 'org.springframework.security.authentication.UsernamePasswordAuthenticationToken@3d30b2f5: Principal: org.springframework.security.core.userdetails.User@381c34: Username: xhIm; Password: [PROTECTED]; Enabled: true; AccountNonExpired: true; credentialsNonExpired: true; AccountNonLocked: true; Granted Authorities: oauth2; Credentials: [PROTECTED]; Authenticated: true; Details: org.springframework.security.web.authentication.WebAuthenticationDetails@957e: RemoteIpAddress: 127.0.0.1; SessionId: null; Granted Authorities: oauth2'
2020-09-19 11:37:21.533 DEBUG 13408 --- [nio-8090-exec-1] o.s.security.web.FilterChainProxy : /oauth/token_key at position 10 of 12 in additional filter chain; firing Filter: 'SessionManagementFilter'
2020-09-19 11:37:21.533 DEBUG 13408 --- [nio-8090-exec-1] s.CompositeSessionAuthenticationStrategy : Delegating to org.springframework.security.web.authentication.session.ChangeSessionIdAuthenticationStrategy@5e1a986c
2020-09-19 11:37:21.533 DEBUG 13408 --- [nio-8090-exec-1] o.s.security.web.FilterChainProxy : /oauth/token_key at position 11 of 12 in additional filter chain; firing Filter: 'ExceptionTranslationFilter'
2020-09-19 11:37:21.533 DEBUG 13408 --- [nio-8090-exec-1] o.s.security.web.FilterChainProxy : /oauth/token_key at position 12 of 12 in additional filter chain; firing Filter: 'FilterSecurityInterceptor'
2020-09-19 11:37:21.533 DEBUG 13408 --- [nio-8090-exec-1] o.s.s.w.u.matcher.AntPathRequestMatcher : Checking match of request : '/oauth/token_key'; against '/oauth/token'
2020-09-19 11:37:21.533 DEBUG 13408 --- [nio-8090-exec-1] o.s.s.w.u.matcher.AntPathRequestMatcher : Checking match of request : '/oauth/token_key'; against '/oauth/token_key'
2020-09-19 11:37:21.533 DEBUG 13408 --- [nio-8090-exec-1] o.s.s.w.a.i.FilterSecurityInterceptor : Secure object: FilterInvocation: URL: /oauth/token_key; Attributes: [permitAll()]
2020-09-19 11:37:21.533 DEBUG 13408 --- [nio-8090-exec-1] o.s.s.w.a.i.FilterSecurityInterceptor : Previously Authenticated: org.springframework.security.authentication.UsernamePasswordAuthenticationToken@3d30b2f5: Principal: org.springframework.security.core.userdetails.User@381c34: Username: xhIm; Password: [PROTECTED]; Enabled: true; AccountNonExpired: true; credentialsNonExpired: true; AccountNonLocked: true; Granted Authorities: oauth2; Credentials: [PROTECTED]; Authenticated: true; Details: org.springframework.security.web.authentication.WebAuthenticationDetails@957e: RemoteIpAddress: 127.0.0.1; SessionId: null; Granted Authorities: oauth2
2020-09-19 11:37:21.533 DEBUG 13408 --- [nio-8090-exec-1] o.s.s.access.vote.AffirmativeBased : Voter: org.springframework.security.web.access.expression.WebExpressionVoter@1b0b08f9, returned: 1
2020-09-19 11:37:21.533 DEBUG 13408 --- [nio-8090-exec-1] o.s.s.w.a.i.FilterSecurityInterceptor : Authorization successful
2020-09-19 11:37:21.533 DEBUG 13408 --- [nio-8090-exec-1] o.s.s.w.a.i.FilterSecurityInterceptor : RunAsManager did not change Authentication object
2020-09-19 11:37:21.533 DEBUG 13408 --- [nio-8090-exec-1] o.s.security.web.FilterChainProxy : /oauth/token_key reached end of additional filter chain; proceeding with original chain
2020-09-19 11:37:21.533 DEBUG 13408 --- [nio-8090-exec-1] o.s.web.servlet.DispatcherServlet : GET "/oauth/token_key", parameters={}
2020-09-19 11:37:21.548 DEBUG 13408 --- [nio-8090-exec-1] o.s.w.s.handler.SimpleUrlHandlerMapping : Mapped to ResourceHttpRequestHandler ["classpath:/META-INF/resources/", "classpath:/resources/", "classpath:/static/", "classpath:/public/", "/"]
2020-09-19 11:37:21.548 DEBUG 13408 --- [nio-8090-exec-1] o.s.w.s.r.ResourceHttpRequestHandler : Resource not found
2020-09-19 11:37:21.548 DEBUG 13408 --- [nio-8090-exec-1] o.s.s.w.header.writers.HstsHeaderWriter : Not injecting HSTS header since it did not match the requestMatcher org.springframework.security.web.header.writers.HstsHeaderWriter$SecureRequestMatcher@6daa06c4
2020-09-19 11:37:21.548 DEBUG 13408 --- [nio-8090-exec-1] o.s.web.servlet.DispatcherServlet : Completed 404 NOT_FOUND
2020-09-19 11:37:21.548 DEBUG 13408 --- [nio-8090-exec-1] o.s.s.w.a.ExceptionTranslationFilter : Chain processed normally
2020-09-19 11:37:21.548 DEBUG 13408 --- [nio-8090-exec-1] s.s.w.c.SecurityContextPersistenceFilter : SecurityContextHolder now cleared, as request processing completed
2020-09-19 11:37:21.548 DEBUG 13408 --- [nio-8090-exec-1] o.a.c.c.C.[Tomcat].[localhost] : Processing ErrorPage[errorCode=404, location=/static/index.html]
2020-09-19 11:37:21.564 DEBUG 13408 --- [nio-8090-exec-1] o.s.s.w.u.matcher.AntPathRequestMatcher : Checking match of request : '/static/index.html'; against '/upload/**'
2020-09-19 11:37:21.564 DEBUG 13408 --- [nio-8090-exec-1] o.s.s.w.u.matcher.AntPathRequestMatcher : Checking match of request : '/static/index.html'; against 'static/index.html'
2020-09-19 11:37:21.564 DEBUG 13408 --- [nio-8090-exec-1] o.s.s.w.u.matcher.AntPathRequestMatcher : Checking match of request : '/static/index.html'; against 'favicon.ico'
2020-09-19 11:37:21.564 DEBUG 13408 --- [nio-8090-exec-1] o.s.s.w.u.matcher.AntPathRequestMatcher : Checking match of request : '/static/index.html'; against '/static/**'
2020-09-19 11:37:21.564 INFO 13408 --- [nio-8090-exec-1] Spring Security Debugger :
************************************************************
Request received for GET '/static/index.html':
org.apache.catalina.core.ApplicationHttpRequest@2984d4b5
servletPath:/static/index.html
pathInfo:null
headers:
accept: application/json, application/*+json
authorization: Basic eGhJbTp4aC1pbS1zeXM=
user-agent: Java/1.8.0_101
host: localhost:8090
connection: keep-alive
Security filter chain: [] empty (bypassed by security='none')
************************************************************
java.io.IOException: ?????????????????
at sun.nio.ch.SocketDispatcher.read0(Native Method) ~[na:1.8.0_101]
at sun.nio.ch.SocketDispatcher.read(SocketDispatcher.java:43) ~[na:1.8.0_101]
at sun.nio.ch.IOUtil.readIntoNativeBuffer(IOUtil.java:223) ~[na:1.8.0_101]
at sun.nio.ch.IOUtil.read(IOUtil.java:197) ~[na:1.8.0_101]
at sun.nio.ch.SocketChannelImpl.read(SocketChannelImpl.java:380) ~[na:1.8.0_101]
at org.apache.tomcat.util.net.NioChannel.read(NioChannel.java:163) ~[tomcat-embed-core-9.0.37.jar:9.0.37]
at org.apache.tomcat.util.net.NioEndpoint$NioSocketWrapper.fillReadBuffer(NioEndpoint.java:1228) ~[tomcat-embed-core-9.0.37.jar:9.0.37]
at org.apache.tomcat.util.net.NioEndpoint$NioSocketWrapper.read(NioEndpoint.java:1140) ~[tomcat-embed-core-9.0.37.jar:9.0.37]
at org.apache.coyote.http11.Http11InputBuffer.fill(Http11InputBuffer.java:780) ~[tomcat-embed-core-9.0.37.jar:9.0.37]
at org.apache.coyote.http11.Http11InputBuffer.parseRequestLine(Http11InputBuffer.java:356) ~[tomcat-embed-core-9.0.37.jar:9.0.37]
at org.apache.coyote.http11.Http11Processor.service(Http11Processor.java:260) ~[tomcat-embed-core-9.0.37.jar:9.0.37]
at org.apache.coyote.AbstractProcessorLight.process(AbstractProcessorLight.java:65) [tomcat-embed-core-9.0.37.jar:9.0.37]
at org.apache.coyote.AbstractProtocol$ConnectionHandler.process(AbstractProtocol.java:868) [tomcat-embed-core-9.0.37.jar:9.0.37]
at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1589) [tomcat-embed-core-9.0.37.jar:9.0.37]
at org.apache.tomcat.util.net.SocketProcessorBase.run(SocketProcessorBase.java:49) [tomcat-embed-core-9.0.37.jar:9.0.37]
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142) [na:1.8.0_101]
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617) [na:1.8.0_101]
at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61) [tomcat-embed-core-9.0.37.jar:9.0.37]
at java.lang.Thread.run(Thread.java:745) [na:1.8.0_101]
最后的问题:
我的配置有什么问题吗? 或者我应该怎么样做才能够实现单点登录?