發送POST請求下面是catalina.out.For日誌某種原因,用戶設置爲匿名。
07:24:30.697 [http-nio-8080-exec-5] DEBUG org.springframework.security.web.util.matcher.MediaTypeRequestMatcher - httpRequestMediaTypes=[]
07:24:30.697 [http-nio-8080-exec-5] DEBUG org.springframework.security.web.util.matcher.MediaTypeRequestMatcher - Did not match any media types
07:24:30.697 [http-nio-8080-exec-5] DEBUG org.springframework.security.web.util.matcher.NegatedRequestMatcher - matches = true
07:24:30.697 [http-nio-8080-exec-5] DEBUG org.springframework.security.web.util.matcher.AndRequestMatcher - Trying to match using MediaTypeRequestMatcher [contentNegotiationSt[email protected]4aef9839, matchingMediaTypes=[application/atom+xml, application/x-www-form-urlencoded, application/json, application/octet-stream, application/xml, multipart/form-data, text/xml], useEquals=false, ignoredMediaTypes=[*/*]]
07:24:30.697 [http-nio-8080-exec-5] DEBUG org.springframework.security.web.util.matcher.MediaTypeRequestMatcher - httpRequestMediaTypes=[]
07:24:30.697 [http-nio-8080-exec-5] DEBUG org.springframework.security.web.util.matcher.MediaTypeRequestMatcher - Did not match any media types
07:24:30.697 [http-nio-8080-exec-5] DEBUG org.springframework.security.web.util.matcher.AndRequestMatcher - Did not match
07:24:30.697 [http-nio-8080-exec-5] DEBUG org.springframework.security.web.util.matcher.OrRequestMatcher - No matches found
07:24:30.697 [http-nio-8080-exec-5] DEBUG org.springframework.security.web.authentication.DelegatingAuthenticationEntryPoint - No match found. Using default entry point org.springframewor[email protected]5b00667d
07:24:30.697 [http-nio-8080-exec-5] DEBUG org.springframework.security.web.context.SecurityContextPersistenceFilter - SecurityContextHolder now cleared, as request processing completed
07:25:00.633 [http-nio-8080-exec-6] DEBUG org.springframework.security.web.util.matcher.OrRequestMatcher - Trying to match using Ant [pattern='/oauth/token']
07:25:00.634 [http-nio-8080-exec-6] DEBUG org.springframework.security.web.util.matcher.AntPathRequestMatcher - Checking match of request : '/oauth/token'; against '/oauth/token'
07:25:00.634 [http-nio-8080-exec-6] DEBUG org.springframework.security.web.util.matcher.OrRequestMatcher - matched
07:25:00.634 [http-nio-8080-exec-6] DEBUG org.springframework.security.web.FilterChainProxy - /oauth/token?grant_type=password&username=xx&password=xx at position 1 of 11 in additional filter chain; firing Filter: 'WebAsyncManagerIntegrationFilter'
07:25:00.634 [http-nio-8080-exec-6] DEBUG org.springframework.security.web.FilterChainProxy - /oauth/token?grant_type=password&username=xx&password=xx at position 2 of 11 in additional filter chain; firing Filter: 'SecurityContextPersistenceFilter'
07:25:00.634 [http-nio-8080-exec-6] DEBUG org.springframework.security.web.FilterChainProxy - /oauth/token?grant_type=password&username=xx&password=xx at position 3 of 11 in additional filter chain; firing Filter: 'HeaderWriterFilter'
07:25:00.634 [http-nio-8080-exec-6] DEBUG org.springframework.security.web.header.writers.HstsHeaderWriter - Not injecting HSTS header since it did not match the requestMatcher org.springframework.se[email protected]af3e6d
07:25:00.635 [http-nio-8080-exec-6] DEBUG org.springframework.security.web.FilterChainProxy - /oauth/token?grant_type=password&username=xx&password=xx at position 4 of 11 in additional filter chain; firing Filter: 'LogoutFilter'
07:25:00.635 [http-nio-8080-exec-6] DEBUG org.springframework.security.web.util.matcher.OrRequestMatcher - Trying to match using Ant [pattern='/logout', GET]
07:25:00.635 [http-nio-8080-exec-6] DEBUG org.springframework.security.web.util.matcher.AntPathRequestMatcher - Request 'OPTIONS /oauth/token' doesn't match 'GET /logout
07:25:00.635 [http-nio-8080-exec-6] DEBUG org.springframework.security.web.util.matcher.OrRequestMatcher - Trying to match using Ant [pattern='/logout', POST]
07:25:00.635 [http-nio-8080-exec-6] DEBUG org.springframework.security.web.util.matcher.AntPathRequestMatcher - Request 'OPTIONS /oauth/token' doesn't match 'POST /logout
07:25:00.635 [http-nio-8080-exec-6] DEBUG org.springframework.security.web.util.matcher.OrRequestMatcher - Trying to match using Ant [pattern='/logout', PUT]
07:25:00.635 [http-nio-8080-exec-6] DEBUG org.springframework.security.web.util.matcher.AntPathRequestMatcher - Request 'OPTIONS /oauth/token' doesn't match 'PUT /logout
07:25:00.635 [http-nio-8080-exec-6] DEBUG org.springframework.security.web.util.matcher.OrRequestMatcher - Trying to match using Ant [pattern='/logout', DELETE]
07:25:00.635 [http-nio-8080-exec-6] DEBUG org.springframework.security.web.util.matcher.AntPathRequestMatcher - Request 'OPTIONS /oauth/token' doesn't match 'DELETE /logout
07:25:00.635 [http-nio-8080-exec-6] DEBUG org.springframework.security.web.util.matcher.OrRequestMatcher - No matches found
07:25:00.635 [http-nio-8080-exec-6] DEBUG org.springframework.security.web.FilterChainProxy - /oauth/token?grant_type=password&username=xx&password=xx at position 5 of 11 in additional filter chain; firing Filter: 'BasicAuthenticationFilter'
07:25:00.635 [http-nio-8080-exec-6] DEBUG org.springframework.security.web.FilterChainProxy - /oauth/token?grant_type=password&username=xx.com&password=xx at position 6 of 11 in additional filter chain; firing Filter: 'RequestCacheAwareFilter'
07:25:00.635 [http-nio-8080-exec-6] DEBUG org.springframework.security.web.FilterChainProxy - /oauth/token?grant_type=password&username=xx&password=xx at position 7 of 11 in additional filter chain; firing Filter: 'SecurityContextHolderAwareRequestFilter'
07:25:00.636 [http-nio-8080-exec-6] DEBUG org.springframework.security.web.FilterChainProxy - /oauth/token?grant_type=password&username=xx&password=xx at position 8 of 11 in additional filter chain; firing Filter: 'AnonymousAuthenticationFilter'
07:25:00.636 [http-nio-8080-exec-6] DEBUG org.springframework.security.web.authentication.AnonymousAuthenticationFilter - Populated SecurityContextHolder with anonymous token: 'org.sprin[email protected]905571d8: Principal: anonymousUser; Credentials: [PROTECTED]; Authenticated: true; Details: org.sprin[email protected]0: RemoteIpAddress: 89.78.223.237; SessionId: null; Granted Authorities: ROLE_ANONYMOUS'
07:25:00.636 [http-nio-8080-exec-6] DEBUG org.springframework.security.web.FilterChainProxy - /oauth/token?grant_type=password&username=xx&password=xx at position 9 of 11 in additional filter chain; firing Filter: 'SessionManagementFilter'
07:25:00.636 [http-nio-8080-exec-6] DEBUG org.springframework.security.web.FilterChainProxy - /oauth/token?grant_type=password&username=xx&password=xx at position 10 of 11 in additional filter chain; firing Filter: 'ExceptionTranslationFilter'
07:25:00.636 [http-nio-8080-exec-6] DEBUG org.springframework.security.web.FilterChainProxy - /oauth/token?grant_type=password&username=xx&password=xx at position 11 of 11 in additional filter chain; firing Filter: 'FilterSecurityInterceptor'
07:25:00.636 [http-nio-8080-exec-6] DEBUG org.springframework.security.web.util.matcher.AntPathRequestMatcher - Checking match of request : '/oauth/token'; against '/oauth/token'
07:25:00.636 [http-nio-8080-exec-6] DEBUG org.springframework.security.web.access.intercept.FilterSecurityInterceptor - Secure object: FilterInvocation: URL: /oauth/token?grant_type=password&username=xx.com&password=xx; Attributes: [fullyAuthenticated]
07:25:00.636 [http-nio-8080-exec-6] DEBUG org.springframework.security.web.access.intercept.FilterSecurityInterceptor - Previously Authenticated: org.sprin[email protected]905571d8: Principal: anonymousUser; Credentials: [PROTECTED]; Authenticated: true; Details: org.sprin[email protected]0: RemoteIpAddress: 89.78.223.237; SessionId: null; Granted Authorities: ROLE_ANONYMOUS
07:25:00.636 [http-nio-8080-exec-6] DEBUG org.springframework.security.access.vote.AffirmativeBased - Voter: org.sp[email protected]27afca98, returned: -1
07:25:00.637 [http-nio-8080-exec-6] DEBUG org.springframework.security.web.access.ExceptionTranslationFilter - Access is denied (user is anonymous); redirecting to authentication entry point
org.springframework.security.access.AccessDeniedException: Access is denied
at org.springframework.security.access.vote.AffirmativeBased.decide(AffirmativeBased.java:84)
at org.springframework.security.access.intercept.AbstractSecurityInterceptor.beforeInvocation(AbstractSecurityInterceptor.java:233)
at org.springframework.security.web.access.intercept.FilterSecurityInterceptor.invoke(FilterSecurityInterceptor.java:124)
at org.springframework.security.web.access.intercept.FilterSecurityInterceptor.doFilter(FilterSecurityInterceptor.java:91)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:331)
at org.springframework.security.web.access.ExceptionTranslationFilter.doFilter(ExceptionTranslationFilter.java:114)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:331)
at org.springframework.security.web.session.SessionManagementFilter.doFilter(SessionManagementFilter.java:137)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:331)
at org.springframework.security.web.authentication.AnonymousAuthenticationFilter.doFilter(AnonymousAuthenticationFilter.java:111)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:331)
at org.springframework.security.web.servletapi.SecurityContextHolderAwareRequestFilter.doFilter(SecurityContextHolderAwareRequestFilter.java:170)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:331)
at org.springframework.security.web.savedrequest.RequestCacheAwareFilter.doFilter(RequestCacheAwareFilter.java:63)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:331)
at org.springframework.security.web.authentication.www.BasicAuthenticationFilter.doFilterInternal(BasicAuthenticationFilter.java:158)
at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:331)
at org.springframework.security.web.authentication.logout.LogoutFilter.doFilter(LogoutFilter.java:116)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:331)
at org.springframework.security.web.header.HeaderWriterFilter.doFilterInternal(HeaderWriterFilter.java:64)
at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:331)
at org.springframework.security.web.context.SecurityContextPersistenceFilter.doFilter(SecurityContextPersistenceFilter.java:105)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:331)
at org.springframework.security.web.context.request.async.WebAsyncManagerIntegrationFilter.doFilterInternal(WebAsyncManagerIntegrationFilter.java:56)
at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:331)
at org.springframework.security.web.FilterChainProxy.doFilterInternal(FilterChainProxy.java:214)
at org.springframework.security.web.FilterChainProxy.doFilter(FilterChainProxy.java:177)
at org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:346)
at org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:262)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:240)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:207)
at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:212)
at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:94)
at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:504)
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:141)
at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:79)
at org.apache.catalina.valves.AbstractAccessLogValve.invoke(AbstractAccessLogValve.java:620)
at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:88)
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:509)
at org.apache.coyote.http11.AbstractHttp11Processor.process(AbstractHttp11Processor.java:1104)
at org.apache.coyote.AbstractProtocol$AbstractConnectionHandler.process(AbstractProtocol.java:684)
at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1524)
at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.run(NioEndpoint.java:1480)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615)
at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61)
at java.lang.Thread.run(Thread.java:745)
07:25:00.637 [http-nio-8080-exec-6] DEBUG org.springframework.security.web.util.matcher.AndRequestMatcher - Trying to match using Ant [pattern='/**', GET]
07:25:00.637 [http-nio-8080-exec-6] DEBUG org.springframework.security.web.util.matcher.AntPathRequestMatcher - Request 'OPTIONS /oauth/token' doesn't match 'GET /**
07:25:00.637 [http-nio-8080-exec-6] DEBUG org.springframework.security.web.util.matcher.AndRequestMatcher - Did not match
07:25:00.637 [http-nio-8080-exec-6] DEBUG org.springframework.security.web.savedrequest.HttpSessionRequestCache - Request not saved as configured RequestMatcher did not match
07:25:00.637 [http-nio-8080-exec-6] DEBUG org.springframework.security.web.access.ExceptionTranslationFilter - Calling Authentication entry point.
07:25:00.637 [http-nio-8080-exec-6] DEBUG org.springframework.security.web.authentication.DelegatingAuthenticationEntryPoint - Trying to match using MediaTypeRequestMatcher [contentNegotiationSt[email protected]4aef9839, matchingMediaTypes=[application/atom+xml, application/x-www-form-urlencoded, application/json, application/octet-stream, application/xml, multipart/form-data, text/xml], useEquals=false, ignoredMediaTypes=[*/*]]
07:25:00.637 [http-nio-8080-exec-6] DEBUG org.springframework.security.web.util.matcher.MediaTypeRequestMatcher - httpRequestMediaTypes=[]
07:25:00.638 [http-nio-8080-exec-6] DEBUG org.springframework.security.web.util.matcher.MediaTypeRequestMatcher - Did not match any media types
07:25:00.638 [http-nio-8080-exec-6] DEBUG org.springframework.security.web.authentication.DelegatingAuthenticationEntryPoint - Trying to match using OrRequestMatcher [requestMatchers=[RequestHeaderRequestMatcher [expectedHeaderName=X-Requested-With, expectedHeaderValue=XMLHttpRequest], AndRequestMatcher [requestMatchers=[NegatedRequestMatcher [requestMatcher=MediaTypeRequestMatcher [contentNegotiationSt[email protected]4aef9839, matchingMediaTypes=[text/html], useEquals=false, ignoredMediaTypes=[]]], MediaTypeRequestMatcher [contentNegotiationSt[email protected]4aef9839, matchingMediaTypes=[application/atom+xml, application/x-www-form-urlencoded, application/json, application/octet-stream, application/xml, multipart/form-data, text/xml], useEquals=false, ignoredMediaTypes=[*/*]]]]]]
07:25:00.638 [http-nio-8080-exec-6] DEBUG org.springframework.security.web.util.matcher.OrRequestMatcher - Trying to match using RequestHeaderRequestMatcher [expectedHeaderName=X-Requested-With, expectedHeaderValue=XMLHttpRequest]
07:25:00.638 [http-nio-8080-exec-6] DEBUG org.springframework.security.web.util.matcher.OrRequestMatcher - Trying to match using AndRequestMatcher [requestMatchers=[NegatedRequestMatcher [requestMatcher=MediaTypeRequestMatcher [contentNegotiationSt[email protected]4aef9839, matchingMediaTypes=[text/html], useEquals=false, ignoredMediaTypes=[]]], MediaTypeRequestMatcher [contentNegotiationSt[email protected]4aef9839, matchingMediaTypes=[application/atom+xml, application/x-www-form-urlencoded, application/json, application/octet-stream, application/xml, multipart/form-data, text/xml], useEquals=false, ignoredMediaTypes=[*/*]]]]
07:25:00.638 [http-nio-8080-exec-6] DEBUG org.springframework.security.web.util.matcher.AndRequestMatcher - Trying to match using NegatedRequestMatcher [requestMatcher=MediaTypeRequestMatcher [contentNegotiationSt[email protected]4aef9839, matchingMediaTypes=[text/html], useEquals=false, ignoredMediaTypes=[]]]
07:25:00.638 [http-nio-8080-exec-6] DEBUG org.springframework.security.web.util.matcher.MediaTypeRequestMatcher - httpRequestMediaTypes=[]
07:25:00.638 [http-nio-8080-exec-6] DEBUG org.springframework.security.web.util.matcher.MediaTypeRequestMatcher - Did not match any media types
07:25:00.638 [http-nio-8080-exec-6] DEBUG org.springframework.security.web.util.matcher.NegatedRequestMatcher - matches = true
07:25:00.638 [http-nio-8080-exec-6] DEBUG org.springframework.security.web.util.matcher.AndRequestMatcher - Trying to match using MediaTypeRequestMatcher [contentNegotiationSt[email protected]4aef9839, matchingMediaTypes=[application/atom+xml, application/x-www-form-urlencoded, application/json, application/octet-stream, application/xml, multipart/form-data, text/xml], useEquals=false, ignoredMediaTypes=[*/*]]
07:25:00.638 [http-nio-8080-exec-6] DEBUG org.springframework.security.web.util.matcher.MediaTypeRequestMatcher - httpRequestMediaTypes=[]
07:25:00.638 [http-nio-8080-exec-6] DEBUG org.springframework.security.web.util.matcher.MediaTypeRequestMatcher - Did not match any media types
07:25:00.639 [http-nio-8080-exec-6] DEBUG org.springframework.security.web.util.matcher.AndRequestMatcher - Did not match
07:25:00.639 [http-nio-8080-exec-6] DEBUG org.springframework.security.web.util.matcher.OrRequestMatcher - No matches found
07:25:00.639 [http-nio-8080-exec-6] DEBUG org.springframework.security.web.authentication.DelegatingAuthenticationEntryPoint - No match found. Using default entry point org.springframewor[email protected]5b00667d
07:25:00.639 [http-nio-8080-exec-6] DEBUG org.springframework.security.web.context.SecurityContextPersistenceFilter - SecurityContextHolder now cleared, as request processing completed
您是否嘗試過使用@CrossOrigin(origins =「*」)'註釋您的安全配置? –
是的,我試過但沒有幫助... –