1
我試圖通過遵循教程here在Spring Security中實現OpenId,但我似乎無法使其工作。當我測試我的實現時,它似乎發現OpenId提供程序的URL,但它永遠不會將我重定向到該提供程序的登錄頁面。相反,我用我的「您輸入了無效的用戶名或密碼!」返回到我的登錄頁面。錯誤。Spring-Security OpenId不會工作
這裏是我的記錄說什麼,當我嘗試,比如登錄,[email protected]:
[qtp760167714-19] INFO org.openid4java.discovery.Discovery - Starting discovery on URL identifier: http://aol.com/
[qtp760167714-19] WARN org.apache.http.client.protocol.ResponseProcessCookies - Cookie rejected: "[version: 0][name: JSESSIONID][value: C326ACEE663C4C976739D4E51A500DA7][domain: www.aol.com][path: /aol][expiry: null]". Illegal path attribute "/aol". Path of origin: "/"
[qtp760167714-19] WARN org.apache.http.client.protocol.ResponseProcessCookies - Cookie rejected: "[version: 0][name: JSESSIONID][value: D07CE2D83B0A58663C6EAA557FCFAD14][domain: www.aol.com][path: /aol][expiry: null]". Illegal path attribute "/aol". Path of origin: "/"
我第二次嘗試登錄不同的東西到控制檯:
[qtp760167714-21] INFO org.openid4java.discovery.Discovery - Starting discovery on URL identifier: http://aol.com/
[qtp760167714-21] INFO org.openid4java.util.HttpCache - Returning cached HEAD response for http://aol.com/
[qtp760167714-21] INFO org.openid4java.util.HttpCache - Returning cached GET response for http://aol.com/
[qtp760167714-21] INFO org.openid4java.util.HttpCache - Returning cached GET response for https://api.screenname.aol.com/auth/openid/xrds
用者myOpenID帳戶試圖給它稍微不同的訊息:
[qtp760167714-16] INFO org.openid4java.discovery.Discovery - Starting discovery on URL identifier: http://coraythan.myopenid.com/
了第二遍:
[qtp1540619773-25] INFO org.openid4java.discovery.Discovery - Starting discovery on URL identifier: http://coraythan.myopenid.com/
[qtp1540619773-25] INFO org.openid4java.util.HttpCache - Returning cached HEAD response for http://coraythan.myopenid.com/
[qtp1540619773-25] INFO org.openid4java.util.HttpCache - Returning cached GET response for http://coraythan.myopenid.com/?xrds=1
使用「google登錄」選項給出了同樣的問題。它看起來與我從OpenId看到的完全相同,但是與谷歌相反。
奇怪的是,試圖用雅虎電子郵件登錄更糟,因爲拋出堆棧跟蹤!棧跟蹤似乎是從OpenId4Java(Spring Security Openid使用的支持openid實現)拋出的。
一個雅虎電子郵件一些什麼樣的堆棧跟蹤看起來就像是:
[qtp665820578-23] INFO org.openid4java.discovery.Discovery - Starting discovery on URL identifier: http://yahoo.com/
2013-03-02 18:58:27.060:WARN:oejs.ServletHandler:Error for /j_spring_openid_security_check
java.lang.NoClassDefFoundError: org/cyberneko/html/HTMLTagBalancingListener
at java.lang.ClassLoader.defineClass1(Native Method)
at java.lang.ClassLoader.defineClass(ClassLoader.java:791)
at java.security.SecureClassLoader.defineClass(SecureClassLoader.java:142)
at java.net.URLClassLoader.defineClass(URLClassLoader.java:449)
at java.net.URLClassLoader.access$100(URLClassLoader.java:71)
at java.net.URLClassLoader$1.run(URLClassLoader.java:361)
at java.net.URLClassLoader$1.run(URLClassLoader.java:355)
at java.security.AccessController.doPrivileged(Native Method)
at java.net.URLClassLoader.findClass(URLClassLoader.java:354)
at org.eclipse.jetty.webapp.WebAppClassLoader.loadClass(WebAppClassLoader.java:421)
at org.eclipse.jetty.webapp.WebAppClassLoader.loadClass(WebAppClassLoader.java:383)
at org.openid4java.discovery.yadis.CyberNekoDOMYadisHtmlParser.parseDocument(CyberNekoDOMYadisHtmlParser.java:99)
at org.openid4java.discovery.yadis.CyberNekoDOMYadisHtmlParser.getHtmlMeta(CyberNekoDOMYadisHtmlParser.java:42)
at org.openid4java.discovery.yadis.YadisResolver.getHtmlMeta(YadisResolver.java:325)
at org.openid4java.discovery.yadis.YadisResolver.retrieveXrdsLocation(YadisResolver.java:453)
at org.openid4java.discovery.yadis.YadisResolver.discover(YadisResolver.java:252)
at org.openid4java.discovery.yadis.YadisResolver.discover(YadisResolver.java:232)
at org.openid4java.discovery.yadis.YadisResolver.discover(YadisResolver.java:166)
at org.openid4java.discovery.Discovery.discover(Discovery.java:147)
at org.openid4java.discovery.Discovery.discover(Discovery.java:129)
at org.openid4java.consumer.ConsumerManager.discover(ConsumerManager.java:542)
at org.springframework.security.openid.OpenID4JavaConsumer.beginConsumption(OpenID4JavaConsumer.java:103)
at org.springframework.security.openid.OpenIDAuthenticationFilter.attemptAuthentication(OpenIDAuthenticationFilter.java:123)
at org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter.doFilter(AbstractAuthenticationProcessingFilter.java:195)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342)
[...]
Caused by:
java.lang.ClassNotFoundException: org.cyberneko.html.HTMLTagBalancingListener
at org.codehaus.plexus.classworlds.strategy.SelfFirstStrategy.loadClass(SelfFirstStrategy.java:50)
at org.codehaus.plexus.classworlds.realm.ClassRealm.loadClass(ClassRealm.java:244)
at org.codehaus.plexus.classworlds.realm.ClassRealm.loadClass(ClassRealm.java:230)
at org.eclipse.jetty.webapp.WebAppClassLoader.loadClass(WebAppClassLoader.java:430)
at org.eclipse.jetty.webapp.WebAppClassLoader.loadClass(WebAppClassLoader.java:383)
at java.lang.ClassLoader.defineClass1(Native Method)
at java.lang.ClassLoader.defineClass(ClassLoader.java:791)
at java.security.SecureClassLoader.defineClass(SecureClassLoader.java:142)
at java.net.URLClassLoader.defineClass(URLClassLoader.java:449)
at java.net.URLClassLoader.access$100(URLClassLoader.java:71)
at java.net.URLClassLoader$1.run(URLClassLoader.java:361)
at java.net.URLClassLoader$1.run(URLClassLoader.java:355)
at java.security.AccessController.doPrivileged(Native Method)
at java.net.URLClassLoader.findClass(URLClassLoader.java:354)
at org.eclipse.jetty.webapp.WebAppClassLoader.loadClass(WebAppClassLoader.java:421)
at org.eclipse.jetty.webapp.WebAppClassLoader.loadClass(WebAppClassLoader.java:383)
at org.openid4java.discovery.yadis.CyberNekoDOMYadisHtmlParser.parseDocument(CyberNekoDOMYadisHtmlParser.java:99)
at org.openid4java.discovery.yadis.CyberNekoDOMYadisHtmlParser.getHtmlMeta(CyberNekoDOMYadisHtmlParser.java:42)
at org.openid4java.discovery.yadis.YadisResolver.getHtmlMeta(YadisResolver.java:325)
at org.openid4java.discovery.yadis.YadisResolver.retrieveXrdsLocation(YadisResolver.java:453)
at org.openid4java.discovery.yadis.YadisResolver.discover(YadisResolver.java:252)
at org.openid4java.discovery.yadis.YadisResolver.discover(YadisResolver.java:232)
at org.openid4java.discovery.yadis.YadisResolver.discover(YadisResolver.java:166)
at org.openid4java.discovery.Discovery.discover(Discovery.java:147)
at org.openid4java.discovery.Discovery.discover(Discovery.java:129)
at org.openid4java.consumer.ConsumerManager.discover(ConsumerManager.java:542)
at org.springframework.security.openid.OpenID4JavaConsumer.beginConsumption(OpenID4JavaConsumer.java:103)
at org.springframework.security.openid.OpenIDAuthenticationFilter.attemptAuthentication(OpenIDAuthenticationFilter.java:123)
at org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter.doFilter(AbstractAuthenticationProcessingFilter.java:195)
這裏是我的春天安全的xml:
<!-- This is where we configure Spring-Security -->
<security:http auto-config="true" access-denied-page="/accessDenied">
<!-- TODO fix all these URLs open to anyone -->
<security:intercept-url pattern="/" access="IS_AUTHENTICATED_ANONYMOUSLY" />
<security:intercept-url pattern="/logout" access="IS_AUTHENTICATED_ANONYMOUSLY" />
<security:intercept-url pattern="/accessDenied" access="IS_AUTHENTICATED_ANONYMOUSLY" />
<security:intercept-url pattern="/VAADIN/*" access="IS_AUTHENTICATED_ANONYMOUSLY" />
<!-- Admin only URLs -->
<security:intercept-url pattern="/admin/*" access="ROLE_ADMIN" />
<!-- Logged in User only URLs -->
<security:intercept-url pattern="/**" access="IS_AUTHENTICATED_ANONYMOUSLY" />
<security:intercept-url pattern="/endpoint/*" access="IS_AUTHENTICATED_ANONYMOUSLY" />
<security:intercept-url pattern="/game/*" access="IS_AUTHENTICATED_ANONYMOUSLY" />
<security:openid-login
login-page="/"
authentication-failure-url="/?error=true"
default-target-url="/game" />
<security:logout
invalidate-session="true"
logout-success-url="/"
logout-url="/logout" />
</security:http>
<!-- Declare an authentication-manager to use a custom userDetailsService -->
<security:authentication-manager>
<security:authentication-provider
user-service-ref="userDetailsService">
<security:password-encoder ref="passwordEncoder" />
</security:authentication-provider>
</security:authentication-manager>
<!-- Use a Md5 encoder since the user's passwords are stored as Md5 in the
database -->
<bean
class="org.springframework.security.authentication.encoding.Md5PasswordEncoder"
id="passwordEncoder" />
<!-- An in-memory list of users. No need to access an external database
layer. See Spring Security 3.1 Reference 5.2.1 In-Memory Authentication -->
<!-- john's password is admin, while jane;s password is user -->
<security:user-service id="userDetailsService">
<!-- user name is based on the returned OpenID identifier from Google -->
<security:user
name="https://www.google.com/accounts/o8/id?id=AItxxioJSDLFJLjxcksdfjOpAASDFosSSoJ0E"
password="" authorities="ROLE_USER, ROLE_ADMIN" />
</security:user-service>
我有以下servlet映射和春季安全過濾器在我的web.xml中:
<!-- spring gets everything else -->
<servlet-mapping>
<servlet-name>springServlet</servlet-name>
<url-pattern>/</url-pattern>
</servlet-mapping>
<!-- Spring Security -->
<filter>
<filter-name>springSecurityFilterChain</filter-name>
<filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
</filter>
<filter-mapping>
<filter-name>springSecurityFilterChain</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
如果有任何其他信息我可以提供,我會gl廣告到!我真的想要這個工作,但我不知道我做錯了什麼。
謝謝!
奇怪的是,如果我嘗試切換post方法的URL輸入值(這是OpenId4Java執行的發現),我可以得到大不相同的結果。例如,「https://accounts.gibberish/」只會導致控制檯一遍又一遍記錄「執行發現」。 「https://accounts.google。com/o/openid2/auth「會導致與myOpenId和」https://www.google.com/accounts/o8/id「相同的確切內容,但會導致」https://accounts.google.com/「 stacktrace,錯誤爲「java.lang.NoClassDefFoundError:org/cyberneko/html/HTMLTagBalancingListener」 – CorayThan 2013-03-03 08:48:27
此外,我的程序啓動顯示:[main] WARN org.openid4java.server.RealmVerifier - RP發現/域驗證已禁用;我不我認爲這是問題 – CorayThan 2013-03-03 10:31:12
它看起來像你的classpath缺少nekohtml jar。爲什麼不使用最新的Spring Security發行版附帶的OpenID示例?它應該是最新的並且保持不變。 – 2013-03-03 22:20:02