0
我試圖讓我的網站的主頁無需授權,但是,當我訪問它時,Spring不斷要求登錄。如何不要求索引授權?
我在我的SecurityConfig中配置它來允許這個,但它仍然不起作用。
SecurityConfig.java
package com.config;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.authentication.dao.DaoAuthenticationProvider;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
import org.springframework.security.crypto.password.PasswordEncoder;
import security.MyUserDetailsService;
@Configuration
@EnableWebSecurity
public class SecurityConfig extends WebSecurityConfigurerAdapter{
@Autowired
private MyUserDetailsService userDetailsService;
@Override
protected void configure(HttpSecurity http) throws Exception {
http
.authorizeRequests()
.antMatchers("/").permitAll()
.anyRequest().authenticated()
.and()
.formLogin()
.loginPage("/login")
.defaultSuccessUrl("/", true)
.permitAll()
.and()
.logout()
.permitAll();
}
@Autowired
protected void configureGlobal(AuthenticationManagerBuilder auth) throws Exception {
auth.authenticationProvider(authenticationProvider());
}
@Bean
public DaoAuthenticationProvider authenticationProvider() {
DaoAuthenticationProvider authProvider = new DaoAuthenticationProvider();
authProvider.setUserDetailsService(userDetailsService);
authProvider.setPasswordEncoder(encoder());
return authProvider;
}
@Bean
public PasswordEncoder encoder() {
return new BCryptPasswordEncoder(11);
}
}
我也有我加入到看它是否會解決的事情,一個初始化類,但我認爲這是在春季啓動不必要的。
初始化程序
package com.config;
import org.springframework.security.web.context.AbstractSecurityWebApplicationInitializer;
public class SecurityInitializer extends AbstractSecurityWebApplicationInitializer{
public SecurityInitializer() {
super(SecurityConfig.class);
}
}
我能夠發送POST到/登錄不進行認證,當我在配置禁用CSRF保護它挑選一個,所以我不認爲這是春沒有找到問題組態。
這裏是原木春
:: Spring Boot :: (v1.5.4.RELEASE)
2017-07-19 03:09:22.347 INFO 7832 --- [ restartedMain] com.mp.DemoApplication : Starting DemoApplication on Meade with PID 7832 (C:\Users\markp\git\Abbraa\target\classes started by markp in C:\Users\markp\git\Abbraa)
2017-07-19 03:09:22.348 INFO 7832 --- [ restartedMain] com.mp.DemoApplication : No active profile set, falling back to default profiles: default
2017-07-19 03:09:22.771 INFO 7832 --- [ restartedMain] ationConfigEmbeddedWebApplicationContext : Refreshing org.springframework.boot[email protected]39cff043: startup date [Wed Jul 19 03:09:22 CDT 2017]; root of context hierarchy
2017-07-19 03:09:24.027 INFO 7832 --- [ restartedMain] o.s.b.f.s.DefaultListableBeanFactory : Overriding bean definition for bean 'scopedTarget.oauth2ClientContext' with a different definition: replacing [Root bean: class [null]; scope=session; abstract=false; lazyInit=false; autowireMode=3; dependencyCheck=0; autowireCandidate=false; primary=false; factoryBeanName=org.springframework.security.oauth2.config.annotation.web.configuration.OAuth2ClientConfiguration$OAuth2ClientContextConfiguration; factoryMethodName=oauth2ClientContext; initMethodName=null; destroyMethodName=(inferred); defined in org.springframework.security.oauth2.config.annotation.web.configuration.OAuth2ClientConfiguration$OAuth2ClientContextConfiguration] with [Root bean: class [null]; scope=session; abstract=false; lazyInit=false; autowireMode=3; dependencyCheck=0; autowireCandidate=false; primary=false; factoryBeanName=org.springframework.boot.autoconfigure.security.oauth2.client.OAuth2RestOperationsConfiguration$SessionScopedConfiguration$ClientContextConfiguration; factoryMethodName=oauth2ClientContext; initMethodName=null; destroyMethodName=(inferred); defined in class path resource [org/springframework/boot/autoconfigure/security/oauth2/client/OAuth2RestOperationsConfiguration$SessionScopedConfiguration$ClientContextConfiguration.class]]
2017-07-19 03:09:24.394 WARN 7832 --- [ restartedMain] o.s.c.a.ConfigurationClassPostProcessor : Cannot enhance @Configuration bean definition 'beanNamePlaceholderRegistryPostProcessor' since its singleton instance has been created too early. The typical cause is a non-static @Bean method with a BeanDefinitionRegistryPostProcessor return type: Consider declaring such methods as 'static'.
2017-07-19 03:09:24.764 INFO 7832 --- [ restartedMain] eEncryptablePropertySourcesPostProcessor : Post-processing PropertySource instances
2017-07-19 03:09:24.792 INFO 7832 --- [ restartedMain] c.u.j.c.StringEncryptorConfiguration : String Encryptor custom Bean not found with name 'jasyptStringEncryptor'. Initializing String Encryptor based on properties with name 'jasyptStringEncryptor'
2017-07-19 03:09:24.801 INFO 7832 --- [ restartedMain] eEncryptablePropertySourcesPostProcessor : Converting PropertySource commandLineArgs [org.springframework.core.env.SimpleCommandLinePropertySource] to EncryptableEnumerablePropertySourceWrapper
2017-07-19 03:09:24.801 INFO 7832 --- [ restartedMain] eEncryptablePropertySourcesPostProcessor : Converting PropertySource servletConfigInitParams [org.springframework.core.env.PropertySource$StubPropertySource] to EncryptablePropertySourceWrapper
2017-07-19 03:09:24.802 INFO 7832 --- [ restartedMain] eEncryptablePropertySourcesPostProcessor : Converting PropertySource servletContextInitParams [org.springframework.core.env.PropertySource$StubPropertySource] to EncryptablePropertySourceWrapper
2017-07-19 03:09:24.802 INFO 7832 --- [ restartedMain] eEncryptablePropertySourcesPostProcessor : Converting PropertySource systemProperties [org.springframework.core.env.MapPropertySource] to EncryptableMapPropertySourceWrapper
2017-07-19 03:09:24.802 INFO 7832 --- [ restartedMain] eEncryptablePropertySourcesPostProcessor : Converting PropertySource systemEnvironment [org.springframework.core.env.SystemEnvironmentPropertySource] to EncryptableMapPropertySourceWrapper
2017-07-19 03:09:24.803 INFO 7832 --- [ restartedMain] eEncryptablePropertySourcesPostProcessor : Converting PropertySource random [org.springframework.boot.context.config.RandomValuePropertySource] to EncryptablePropertySourceWrapper
2017-07-19 03:09:24.803 INFO 7832 --- [ restartedMain] eEncryptablePropertySourcesPostProcessor : Converting PropertySource applicationConfig: [classpath:/application.properties] [org.springframework.core.env.PropertiesPropertySource] to EncryptableMapPropertySourceWrapper
2017-07-19 03:09:24.803 INFO 7832 --- [ restartedMain] eEncryptablePropertySourcesPostProcessor : Converting PropertySource refresh [org.springframework.core.env.MapPropertySource] to EncryptableMapPropertySourceWrapper
2017-07-19 03:09:25.629 INFO 7832 --- [ restartedMain] s.b.c.e.t.TomcatEmbeddedServletContainer : Tomcat initialized with port(s): 8080 (http)
2017-07-19 03:09:25.644 INFO 7832 --- [ restartedMain] o.apache.catalina.core.StandardService : Starting service [Tomcat]
2017-07-19 03:09:25.645 INFO 7832 --- [ restartedMain] org.apache.catalina.core.StandardEngine : Starting Servlet Engine: Apache Tomcat/8.5.15
2017-07-19 03:09:25.900 INFO 7832 --- [ost-startStop-1] o.a.c.c.C.[Tomcat].[localhost].[/] : Initializing Spring embedded WebApplicationContext
2017-07-19 03:09:25.900 INFO 7832 --- [ost-startStop-1] o.s.web.context.ContextLoader : Root WebApplicationContext: initialization completed in 3133 ms
2017-07-19 03:09:26.249 INFO 7832 --- [ost-startStop-1] o.s.b.w.servlet.FilterRegistrationBean : Mapping filter: 'characterEncodingFilter' to: [/*]
2017-07-19 03:09:26.250 INFO 7832 --- [ost-startStop-1] o.s.b.w.servlet.FilterRegistrationBean : Mapping filter: 'hiddenHttpMethodFilter' to: [/*]
2017-07-19 03:09:26.250 INFO 7832 --- [ost-startStop-1] o.s.b.w.servlet.FilterRegistrationBean : Mapping filter: 'httpPutFormContentFilter' to: [/*]
2017-07-19 03:09:26.251 INFO 7832 --- [ost-startStop-1] o.s.b.w.servlet.FilterRegistrationBean : Mapping filter: 'OAuth2ClientContextFilter' to: [/*]
2017-07-19 03:09:26.251 INFO 7832 --- [ost-startStop-1] o.s.b.w.servlet.FilterRegistrationBean : Mapping filter: 'requestContextFilter' to: [/*]
2017-07-19 03:09:26.253 INFO 7832 --- [ost-startStop-1] .s.DelegatingFilterProxyRegistrationBean : Mapping filter: 'springSecurityFilterChain' to: [/*]
2017-07-19 03:09:26.253 INFO 7832 --- [ost-startStop-1] o.s.b.w.servlet.ServletRegistrationBean : Mapping servlet: 'dispatcherServlet' to [/]
2017-07-19 03:09:26.254 INFO 7832 --- [ost-startStop-1] o.s.b.w.servlet.ServletRegistrationBean : Mapping servlet: 'webServlet' to [/h2-console/*]
2017-07-19 03:09:27.168 INFO 7832 --- [ restartedMain] j.LocalContainerEntityManagerFactoryBean : Building JPA container EntityManagerFactory for persistence unit 'default'
2017-07-19 03:09:27.191 INFO 7832 --- [ restartedMain] o.hibernate.jpa.internal.util.LogHelper : HHH000204: Processing PersistenceUnitInfo [
name: default
...]
2017-07-19 03:09:27.281 INFO 7832 --- [ restartedMain] org.hibernate.Version : HHH000412: Hibernate Core {5.0.12.Final}
2017-07-19 03:09:27.283 INFO 7832 --- [ restartedMain] org.hibernate.cfg.Environment : HHH000206: hibernate.properties not found
2017-07-19 03:09:27.286 INFO 7832 --- [ restartedMain] org.hibernate.cfg.Environment : HHH000021: Bytecode provider name : javassist
2017-07-19 03:09:27.341 INFO 7832 --- [ restartedMain] o.hibernate.annotations.common.Version : HCANN000001: Hibernate Commons Annotations {5.0.1.Final}
2017-07-19 03:09:27.489 INFO 7832 --- [ restartedMain] org.hibernate.dialect.Dialect : HHH000400: Using dialect: org.hibernate.dialect.H2Dialect
2017-07-19 03:09:27.840 INFO 7832 --- [ restartedMain] org.hibernate.tool.hbm2ddl.SchemaExport : HHH000227: Running hbm2ddl schema export
2017-07-19 03:09:27.848 INFO 7832 --- [ restartedMain] org.hibernate.tool.hbm2ddl.SchemaExport : HHH000230: Schema export complete
2017-07-19 03:09:27.887 INFO 7832 --- [ restartedMain] j.LocalContainerEntityManagerFactoryBean : Initialized JPA EntityManagerFactory for persistence unit 'default'
2017-07-19 03:09:28.186 INFO 7832 --- [ restartedMain] b.a.s.AuthenticationManagerConfiguration :
Using default security password: b93e6b62-c3c6-41c6-b1fb-aff865c47624
2017-07-19 03:09:28.513 INFO 7832 --- [ restartedMain] .s.o.p.e.FrameworkEndpointHandlerMapping : Mapped "{[/oauth/authorize]}" onto public org.springframework.web.servlet.ModelAndView org.springframework.security.oauth2.provider.endpoint.AuthorizationEndpoint.authorize(java.util.Map<java.lang.String, java.lang.Object>,java.util.Map<java.lang.String, java.lang.String>,org.springframework.web.bind.support.SessionStatus,java.security.Principal)
2017-07-19 03:09:28.514 INFO 7832 --- [ restartedMain] .s.o.p.e.FrameworkEndpointHandlerMapping : Mapped "{[/oauth/authorize],methods=[POST],params=[user_oauth_approval]}" onto public org.springframework.web.servlet.View org.springframework.security.oauth2.provider.endpoint.AuthorizationEndpoint.approveOrDeny(java.util.Map<java.lang.String, java.lang.String>,java.util.Map<java.lang.String, ?>,org.springframework.web.bind.support.SessionStatus,java.security.Principal)
2017-07-19 03:09:28.515 INFO 7832 --- [ restartedMain] .s.o.p.e.FrameworkEndpointHandlerMapping : Mapped "{[/oauth/token],methods=[GET]}" onto public org.springframework.http.ResponseEntity<org.springframework.security.oauth2.common.OAuth2AccessToken> org.springframework.security.oauth2.provider.endpoint.TokenEndpoint.getAccessToken(java.security.Principal,java.util.Map<java.lang.String, java.lang.String>) throws org.springframework.web.HttpRequestMethodNotSupportedException
2017-07-19 03:09:28.516 INFO 7832 --- [ restartedMain] .s.o.p.e.FrameworkEndpointHandlerMapping : Mapped "{[/oauth/token],methods=[POST]}" onto public org.springframework.http.ResponseEntity<org.springframework.security.oauth2.common.OAuth2AccessToken> org.springframework.security.oauth2.provider.endpoint.TokenEndpoint.postAccessToken(java.security.Principal,java.util.Map<java.lang.String, java.lang.String>) throws org.springframework.web.HttpRequestMethodNotSupportedException
2017-07-19 03:09:28.517 INFO 7832 --- [ restartedMain] .s.o.p.e.FrameworkEndpointHandlerMapping : Mapped "{[/oauth/check_token]}" onto public java.util.Map<java.lang.String, ?> org.springframework.security.oauth2.provider.endpoint.CheckTokenEndpoint.checkToken(java.lang.String)
2017-07-19 03:09:28.517 INFO 7832 --- [ restartedMain] .s.o.p.e.FrameworkEndpointHandlerMapping : Mapped "{[/oauth/confirm_access]}" onto public org.springframework.web.servlet.ModelAndView org.springframework.security.oauth2.provider.endpoint.WhitelabelApprovalEndpoint.getAccessConfirmation(java.util.Map<java.lang.String, java.lang.Object>,javax.servlet.http.HttpServletRequest) throws java.lang.Exception
2017-07-19 03:09:28.518 INFO 7832 --- [ restartedMain] .s.o.p.e.FrameworkEndpointHandlerMapping : Mapped "{[/oauth/error]}" onto public org.springframework.web.servlet.ModelAndView org.springframework.security.oauth2.provider.endpoint.WhitelabelErrorEndpoint.handleError(javax.servlet.http.HttpServletRequest)
2017-07-19 03:09:29.074 INFO 7832 --- [ restartedMain] a.OAuth2AuthorizationServerConfiguration : Initialized OAuth2 Client
security.oauth2.client.clientId = 8f83ba6f-ddd0-4584-989e-8bf15d9ca800
security.oauth2.client.secret = 90f22f41-57ea-4a35-b4aa-f2e2c228b9c5
2017-07-19 03:09:29.546 INFO 7832 --- [ restartedMain] s.w.s.m.m.a.RequestMappingHandlerAdapter : Looking for @ControllerAdvice: org.springframework.boot[email protected]39cff043: startup date [Wed Jul 19 03:09:22 CDT 2017]; root of context hierarchy
2017-07-19 03:09:29.655 INFO 7832 --- [ restartedMain] s.w.s.m.m.a.RequestMappingHandlerMapping : Mapped "{[/]}" onto public java.lang.String com.mp.MainController.index()
2017-07-19 03:09:29.656 INFO 7832 --- [ restartedMain] s.w.s.m.m.a.RequestMappingHandlerMapping : Mapped "{[/logon],methods=[POST]}" onto public java.lang.String com.mp.MainController.login(java.lang.String,java.lang.String)
2017-07-19 03:09:29.660 INFO 7832 --- [ restartedMain] s.w.s.m.m.a.RequestMappingHandlerMapping : Mapped "{[/error]}" onto public org.springframework.http.ResponseEntity<java.util.Map<java.lang.String, java.lang.Object>> org.springframework.boot.autoconfigure.web.BasicErrorController.error(javax.servlet.http.HttpServletRequest)
2017-07-19 03:09:29.661 INFO 7832 --- [ restartedMain] s.w.s.m.m.a.RequestMappingHandlerMapping : Mapped "{[/error],produces=[text/html]}" onto public org.springframework.web.servlet.ModelAndView org.springframework.boot.autoconfigure.web.BasicErrorController.errorHtml(javax.servlet.http.HttpServletRequest,javax.servlet.http.HttpServletResponse)
2017-07-19 03:09:29.738 INFO 7832 --- [ restartedMain] o.s.w.s.handler.SimpleUrlHandlerMapping : Mapped URL path [/webjars/**] onto handler of type [class org.springframework.web.servlet.resource.ResourceHttpRequestHandler]
2017-07-19 03:09:29.738 INFO 7832 --- [ restartedMain] o.s.w.s.handler.SimpleUrlHandlerMapping : Mapped URL path [/**] onto handler of type [class org.springframework.web.servlet.resource.ResourceHttpRequestHandler]
2017-07-19 03:09:29.816 INFO 7832 --- [ restartedMain] o.s.w.s.handler.SimpleUrlHandlerMapping : Mapped URL path [/**/favicon.ico] onto handler of type [class org.springframework.web.servlet.resource.ResourceHttpRequestHandler]
2017-07-19 03:09:30.844 INFO 7832 --- [ restartedMain] o.s.s.web.DefaultSecurityFilterChain : Creating filter chain: OrRequestMatcher [requestMatchers=[Ant [pattern='/css/**'], Ant [pattern='/js/**'], Ant [pattern='/images/**'], Ant [pattern='/webjars/**'], Ant [pattern='/**/favicon.ico'], Ant [pattern='/error']]], []
2017-07-19 03:09:30.978 INFO 7832 --- [ restartedMain] o.s.s.web.DefaultSecurityFilterChain : Creating filter chain: OrRequestMatcher [requestMatchers=[Ant [pattern='/oauth/token'], Ant [pattern='/oauth/token_key'], Ant [pattern='/oauth/check_token']]], [org.springframework.secu[email protected]147facd0, org.spring[email protected]57681424, [email protected]ed5, org.[email protected]7abdb07c, org.springfram[email protected]69b1535d, org.sp[email protected]6fc31f04, org.springframework.[email protected]1388aafd, org.springfram[email protected]77b72eb9, o[email protected]26bc4252, org[email protected]b0ad272, org.springfr[email protected]6190b047]
2017-07-19 03:09:30.995 INFO 7832 --- [ restartedMain] o.s.s.web.DefaultSecurityFilterChain : Creating filter chain: Ant [pattern='/h2-console/**'], [org.springframework.secu[email protected]4464b064, org.spring[email protected]57affbac, [email protected]695, org.[email protected]7f423605, org.springfram[email protected]5798d0da, org.sp[email protected]24ff986, org.springframework.[email protected]110f44a4, org.springfram[email protected]6fb5646d, o[email protected]2079db43, org.sprin[email protected]72, org.springfr[email protected]e6e5393]
2017-07-19 03:09:31.017 INFO 7832 --- [ restartedMain] o.s.s.web.DefaultSecurityFilterChain : Creating filter chain: OrRequestMatcher [requestMatchers=[Ant [pattern='/**']]], [org.springframework.secu[email protected]26d80f5b, org.spring[email protected]243b400b, [email protected]82, org.[email protected]35f7f5a9, org.springfram[email protected]4b32c004, org.sp[email protected]a677b9e, org.springframework.[email protected]5ffd3b5e, org.springfram[email protected]22a0c587, o[email protected]8d5dbd, org[email protected]6bd8b55f, org.springfr[email protected]1b162e0f]
2017-07-19 03:09:31.236 INFO 7832 --- [ restartedMain] o.s.b.d.a.OptionalLiveReloadServer : LiveReload server is running on port 35729
2017-07-19 03:09:31.313 INFO 7832 --- [ restartedMain] o.s.j.e.a.AnnotationMBeanExporter : Registering beans for JMX exposure on startup
2017-07-19 03:09:31.431 INFO 7832 --- [ restartedMain] s.b.c.e.t.TomcatEmbeddedServletContainer : Tomcat started on port(s): 8080 (http)
2017-07-19 03:09:31.439 INFO 7832 --- [ restartedMain] com.mp.DemoApplication : Started DemoApplication in 9.556 seconds (JVM running for 10.373)
2017-07-19 03:09:42.498 INFO 7832 --- [nio-8080-exec-1] o.a.c.c.C.[Tomcat].[localhost].[/] : Initializing Spring FrameworkServlet 'dispatcherServlet'
2017-07-19 03:09:42.498 INFO 7832 --- [nio-8080-exec-1] o.s.web.servlet.DispatcherServlet : FrameworkServlet 'dispatcherServlet': initialization started
2017-07-19 03:09:42.540 INFO 7832 --- [nio-8080-exec-1] o.s.web.servlet.DispatcherServlet : FrameworkServlet 'dispatcherServlet': initialization completed in 41 ms
我想知道如果有什麼不對的,我做我的SecurityConfig.configure法的方式,或者還有另外一個原因,爲什麼它沒有允許訪問。
我相信這是OAuth2ClientContextFilter你是怎麼配置的OAuth? – jang00