Spring Boot Security /Login gibt 404 zurück, wenn sie vom Postman postenJava

Java-Forum
Post Reply Previous topicNext topic
Anonymous
 Spring Boot Security /Login gibt 404 zurück, wenn sie vom Postman posten

Post by Anonymous »

Ich habe ein grundlegendes Handbuch zur Implementierung von OAuth2 -Token -basierten Sicherheit auf REST -Endpunkten einer Spring -Boot -Anwendung, < /p>
Ich habe 2 Apps ATM gefolgt. http://127.0.0.1:8080/oauth2/Autorization/client-app
[*] Das lenkt mich zu http://127.0.0.1:9000/login [*] After-Login und Redirect zurück, ich habe das Generatierungs-Log. In,
[*] Ich habe diesen Code genommen und über Postman generiere ein OAuth2 -Token unter http://127.0.0.1:9000/oauth2/Token mit:
  • In der Autorisierung, in der das Client -Name und das Geheimnis, das ich konfiguriert habe, in dem Client -Namen, das ich konfiguriert habe. = Authorization_code, redirect_uri = http://127.0.0.1:8080/authorized

bis zu diesem Punkt ist alles, was alles ist. /> Jetzt versuche ich, einen Beitrag vom Postman zu diesem http://127.0.0.1:9000/login zu tätigen. src = "https://i.static.net/jwzsds2c.jpg"/>
Und dies ist die Antwort der Anforderung,

Code: Select all

 {
"timestamp": "...",
"status": 404,
"error": "Not Found",
"trace": "org.springframework.web.servlet.resource.NoResourceFoundException:  N o   s t a t i c   r e s o u r c e   . \ r \ n \ t a t   o r g . s p r i n g f r a m e w o r k . w e b . s e r v l e t . r e s o u r c e . R e s o u r c e H t t p R e q u e s t H a n d l e r . h a n d l e R e q u e s t ( R e s o u r c e H t t p R e q u e s t H a n d l e r . j a v a : 5 8 5 ) \ r \ n \ t a t   o r g . s p r i n g f r a m e w o r k . w e b . s e r v l e t . m v c . H t t p R e q u e s t H a n d l e r A d a p t e r . h a n d l e ( H t t p R e q u e s t H a n d l e r A d a p t e r . j a v a : 5 2 ) \ r \ n \ t a t   o r g . s p r i n g f r a m e w o r k . w e b . s e r v l e t . D i s p a t c h e r S e r v l e t . d o D i s p a t c h ( D i s p a t c h e r S e r v l e t . j a v a : 1 0 8 9 ) \ r \ n \ t a t   o r g . s p r i n g f r a m e w o r k . w e b . s e r v l e t . D i s p a t c h e r S e r v l e t . d o S e r v i c e ( D i s p a t c h e r S e r v l e t . j a v a : 9 7 9 ) \ r \ n \ t a t   o r g . s p r i n g f r a m e w o r k . w e b . s e r v l e t . F r a m e w o r k S e r v l e t . p r o c e s s R e q u e s t ( F r a m e w o r k S e r v l e t . j a v a : 1 0 1 4 ) \ r \ n \ t a t   o r g . s p r i n g f r a m e w o r k . w e b . s e r v l e t . F r a m e w o r k S e r v l e t . d o G e t ( F r a m e w o r k S e r v l e t . j a v a : 9 0 3 ) \ r \ n \ t a t   j a k a r t a . s e r v l e t . h t t p . H t t p S e r v l e t . s e r v i c e ( H t t p S e r v l e t . j a v a : 5 6 4 ) \ r \ n \ t a t   o r g . s p r i n g f r a m e w o r k . w e b . s e r v l e t . F r a m e w o r k S e r v l e t . s e r v i c e ( F r a m e w o r k S e r v l e t . j a v a : 8 8 5 ) \ r \ n \ t a t   j a k a r t a . s e r v l e t . h t t p . H t t p S e r v l e t . s e r v i c e ( H t t p S e r v l e t . j a v a : 6 5 8 ) \ r \ n \ t a t   o r g . a p a c h e . c a t a l i n a . c o r e . A p p l i c a t i o n F i l t e r C h a i n . i n t e r n a l D o F i l t e r ( A p p l i c a t i o n F i l t e r C h a i n . j a v a : 1 9 5 ) \ r \ n \ t a t   o r g . a p a c h e . c a t a l i n a . c o r e . A p p l i c a t i o n F i l t e r C h a i n . d o F i l t e r ( A p p l i c a t i o n F i l t e r C h a i n . j a v a : 1 4 0 ) \ r \ n \ t a t   o r g . a p a c h e . t o m c a t . w e b s o c k e t . s e r v e r . W s F i l t e r . d o F i l t e r ( W s F i l t e r . j a v a : 5 1 ) \ r \ n \ t a t   o r g . a p a c h e . c a t a l i n a . c o r e . A p p l i c a t i o n F i l t e r C h a i n . i n t e r n a l D o F i l t e r ( A p p l i c a t i o n F i l t e r C h a i n . j a v a : 1 6 4 ) \ r \ n \ t a t   o r g . a p a c h e . c a t a l i n a . c o r e . A p p l i c a t i o n F i l t e r C h a i n . d o F i l t e r ( A p p l i c a t i o n F i l t e r C h a i n . j a v a : 1 4 0 ) \ r \ n \ t a t   o r g . s p r i n g f r a m e w o r k . w e b . f i l t e r . C o m p o s i t e F i l t e r $ V i r t u a l F i l t e r C h a i n . d o F i l t e r ( C o m p o s i t e F i l t e r . j a v a : 1 0 8 ) \ r \ n \ t a t   o r g . s p r i n g f r a m e w o r k . s e c u r i t y . w e b . F i l t e r C h a i n P r o x y . l a m b d a $ d o F i l t e r I n t e r n a l $ 3 ( F i l t e r C h a i n P r o x y . j a v a : 2 3 1 ) \ r \ n \ t a t   o r g . s p r i n g f r a m e w o r k . s e c u r i t y . w e b . F i l t e r C h a i n P r o x y $ V i r t u a l F i l t e r C h a i n . d o F i l t e r ( F i l t e r C h a i n P r o x y . j a v a : 3 6 5 ) \ r \ n \ t a t   o r g . s p r i n g f r a m e w o r k . s e c u r i t y . w e b . a c c e s s . i n t e r c e p t . A u t h o r i z a t i o n F i l t e r . d o F i l t e r ( A u t h o r i z a t i o n F i l t e r . j a v a : 1 0 1 ) \ r \ n \ t a t   o r g . s p r i n g f r a m e w o r k . s e c u r i t y . w e b . F i l t e r C h a i n P r o x y $ V i r t u a l F i l t e r C h a i n . d o F i l t e r ( F i l t e r C h a i n P r o x y . j a v a : 3 7 4 ) \ r \ n \ t a t   o r g . s p r i n g f r a m e w o r k . s e c u r i t y . w e b . a c c e s s . E x c e p t i o n T r a n s l a t i o n F i l t e r . d o F i l t e r ( E x c e p t i o n T r a n s l a t i o n F i l t e r . j a v a : 1 2 6 ) \ r \ n \ t a t   o r g . s p r i n g f r a m e w o r k . s e c u r i t y . w e b . a c c e s s . E x c e p t i o n T r a n s l a t i o n F i l t e r . d o F i l t e r ( E x c e p t i o n T r a n s l a t i o n F i l t e r . j a v a : 1 2 0 ) \ r \ n \ t a t   o r g . s p r i n g f r a m e w o r k . s e c u r i t y . w e b . F i l t e r C h a i n P r o x y $ V i r t u a l F i l t e r C h a i n . d o F i l t e r ( F i l t e r C h a i n P r o x y . j a v a : 3 7 4 ) \ r \ n \ t a t   o r g . s p r i n g f r a m e w o r k . s e c u r i t y . w e b . a u t h e n t i c a t i o n . A n o n y m o u s A u t h e n t i c a t i o n F i l t e r . d o F i l t e r ( A n o n y m o u s A u t h e n t i c a t i o n F i l t e r . j a v a : 1 0 0 ) \ r \ n \ t a t   o r g . s p r i n g f r a m e w o r k . s e c u r i t y . w e b . F i l t e r C h a i n P r o x y $ V i r t u a l F i l t e r C h a i n . d o F i l t e r ( F i l t e r C h a i n P r o x y . j a v a : 3 7 4 ) \ r \ n \ t a t   o r g . s p r i n g f r a m e w o r k . s e c u r i t y . w e b . s e r v l e t a p i . S e c u r i t y C o n t e x t H o l d e r A w a r e R e q u e s t F i l t e r . d o F i l t e r ( S e c u r i t y C o n t e x t H o l d e r A w a r e R e q u e s t F i l t e r . j a v a : 1 7 9 ) \ r \ n \ t a t   o r g . s p r i n g f r a m e w o r k . s e c u r i t y . w e b . F i l t e r C h a i n P r o x y $ V i r t u a l F i l t e r C h a i n . d o F i l t e r ( F i l t e r C h a i n P r o x y . j a v a : 3 7 4 ) \ r \ n \ t a t   o r g . s p r i n g f r a m e w o r k . s e c u r i t y . w e b . s a v e d r e q u e s t . R e q u e s t C a c h e A w a r e F i l t e r . d o F i l t e r ( R e q u e s t C a c h e A w a r e F i l t e r . j a v a : 6 3 ) \ r \ n \ t a t   o r g . s p r i n g f r a m e w o r k . s e c u r i t y . w e b . F i l t e r C h a i n P r o x y $ V i r t u a l F i l t e r C h a i n . d o F i l t e r ( F i l t e r C h a i n P r o x y . j a v a : 3 7 4 ) \ r \ n \ t a t   o r g . s p r i n g f r a m e w o r k . s e c u r i t y . w e b . a u t h e n t i c a t i o n . u i . D e f a u l t L o g o u t P a g e G e n e r a t i n g F i l t e r . d o F i l t e r I n t e r n a l ( D e f a u l t L o g o u t P a g e G e n e r a t i n g F i l t e r . j a v a : 5 8 ) \ r \ n \ t a t   o r g . s p r i n g f r a m e w o r k . w e b . f i l t e r . O n c e P e r R e q u e s t F i l t e r . d o F i l t e r ( O n c e P e r R e q u e s t F i l t e r . j a v a : 1 1 6 ) \ r \ n \ t a t   o r g . s p r i n g f r a m e w o r k . s e c u r i t y . w e b . F i l t e r C h a i n P r o x y $ V i r t u a l F i l t e r C h a i n . d o F i l t e r ( F i l t e r C h a i n P r o x y . j a v a : 3 7 4 ) \ r \ n \ t a t   o r g . s p r i n g f r a m e w o r k . s e c u r i t y . w e b . a u t h e n t i c a t i o n . u i . D e f a u l t L o g i n P a g e G e n e r a t i n g F i l t e r . d o F i l t e r ( D e f a u l t L o g i n P a g e G e n e r a t i n g F i l t e r . j a v a : 2 2 0 ) \ r \ n \ t a t   o r g . s p r i n g f r a m e w o r k . s e c u r i t y . w e b . a u t h e n t i c a t i o n . u i . D e f a u l t L o g i n P a g e G e n e r a t i n g F i l t e r . d o F i l t e r ( D e f a u l t L o g i n P a g e G e n e r a t i n g F i l t e r . j a v a : 2 0 6 ) \ r \ n \ t a t   o r g . s p r i n g f r a m e w o r k . s e c u r i t y . w e b . F i l t e r C h a i n P r o x y $ V i r t u a l F i l t e r C h a i n . d o F i l t e r ( F i l t e r C h a i n P r o x y . j a v a : 3 7 4 ) \ r \ n \ t a t   o r g . s p r i n g f r a m e w o r k . s e c u r i t y . w e b . a u t h e n t i c a t i o n . u i . D e f a u l t R e s o u r c e s F i l t e r . d o F i l t e r ( D e f a u l t R e s o u r c e s F i l t e r . j a v a : 7 2 ) \ r \ n \ t a t   o r g . s p r i n g f r a m e w o r k . s e c u r i t y . w e b . F i l t e r C h a i n P r o x y $ V i r t u a l F i l t e r C h a i n . d o F i l t e r ( F i l t e r C h a i n P r o x y . j a v a : 3 7 4 ) \ r \ n \ t a t   o r g . s p r i n g f r a m e w o r k . s e c u r i t y . w e b . a u t h e n t i c a t i o n . A b s t r a c t A u t h e n t i c a t i o n P r o c e s s i n g F i l t e r . d o F i l t e r ( A b s t r a c t A u t h e n t i c a t i o n P r o c e s s i n g F i l t e r . j a v a : 2 2 7 ) \ r \ n \ t a t   o r g . s p r i n g f r a m e w o r k . s e c u r i t y . w e b . a u t h e n t i c a t i o n . A b s t r a c t A u t h e n t i c a t i o n P r o c e s s i n g F i l t e r . d o F i l t e r ( A b s t r a c t A u t h e n t i c a t i o n P r o c e s s i n g F i l t e r . j a v a : 2 2 1 ) \ r \ n \ t a t   o r g . s p r i n g f r a m e w o r k . s e c u r i t y . w e b . F i l t e r C h a i n P r o x y $ V i r t u a l F i l t e r C h a i n . d o F i l t e r ( F i l t e r C h a i n P r o x y . j a v a : 3 7 4 ) \ r \ n \ t a t   o r g . s p r i n g f r a m e w o r k . s e c u r i t y . w e b . a u t h e n t i c a t i o n . l o g o u t . L o g o u t F i l t e r . d o F i l t e r ( L o g o u t F i l t e r . j a v a : 1 0 7 ) \ r \ n \ t a t   o r g . s p r i n g f r a m e w o r k . s e c u r i t y . w e b . a u t h e n t i c a t i o n . l o g o u t . L o g o u t F i l t e r . d o F i l t e r ( L o g o u t F i l t e r . j a v a : 9 3 ) \ r \ n \ t a t   o r g . s p r i n g f r a m e w o r k . s e c u r i t y . w e b . F i l t e r C h a i n P r o x y $ V i r t u a l F i l t e r C h a i n . d o F i l t e r ( F i l t e r C h a i n P r o x y . j a v a : 3 7 4 ) \ r \ n \ t a t   o r g . s p r i n g f r a m e w o r k . s e c u r i t y . w e b . h e a d e r . H e a d e r W r i t e r F i l t e r . d o H e a d e r s A f t e r ( H e a d e r W r i t e r F i l t e r . j a v a : 9 0 ) \ r \ n \ t a t   o r g . s p r i n g f r a m e w o r k . s e c u r i t y . w e b . h e a d e r . H e a d e r W r i t e r F i l t e r . d o F i l t e r I n t e r n a l ( H e a d e r W r i t e r F i l t e r . j a v a : 7 5 ) \ r \ n \ t a t   o r g . s p r i n g f r a m e w o r k . w e b . f i l t e r . O n c e P e r R e q u e s t F i l t e r . d o F i l t e r ( O n c e P e r R e q u e s t F i l t e r . j a v a : 1 1 6 ) \ r \ n \ t a t   o r g . s p r i n g f r a m e w o r k . s e c u r i t y . w e b . F i l t e r C h a i n P r o x y $ V i r t u a l F i l t e r C h a i n . d o F i l t e r ( F i l t e r C h ainProxy.java:374)\r\n\tat org.springframework.security.web.context.SecurityContextHolderFilter.doFilter(SecurityContextHolderFilter.java:82)\r\n\tat org.springframework.security.web.context.SecurityContextHolderFilter.doFilter(SecurityContextHolderFilter.java:69)\r\n\tat org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:374)\r\n\tat org.springframework.security.web.context.request.async.WebAsyncManagerIntegrationFilter.doFilterInternal(WebAsyncManagerIntegrationFilter.java:62)\r\n\tat org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:116)\r\n\tat org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:374)\r\n\tat org.springframework.security.web.session.DisableEncodeUrlFilter.doFilterInternal(DisableEncodeUrlFilter.java:42)\r\n\tat org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:116)\r\n\tat org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:374)\r\n\tat org.springframework.security.web.FilterChainProxy.doFilterInternal(FilterChainProxy.java:233)\r\n\tat org.springframework.security.web.FilterChainProxy.doFilter(FilterChainProxy.java:191)\r\n\tat org.springframework.web.filter.CompositeFilter$VirtualFilterChain.doFilter(CompositeFilter.java:113)\r\n\tat org.springframework.web.servlet.handler.HandlerMappingIntrospector.lambda$createCacheFilter$3(HandlerMappingIntrospector.java:243)\r\n\tat org.springframework.web.filter.CompositeFilter$VirtualFilterChain.doFilter(CompositeFilter.java:113)\r\n\tat org.springframework.web.filter.CompositeFilter.doFilter(CompositeFilter.java:74)\r\n\tat org.springframework.security.config.annotation.web.configuration.WebMvcSecurityConfiguration$CompositeFilterChainProxy.doFilter(WebMvcSecurityConfiguration.java:238)\r\n\tat org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:362)\r\n\tat org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:278)\r\n\tat org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:164)\r\n\tat org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:140)\r\n\tat org.springframework.web.filter.RequestContextFilter.doFilterInternal(RequestContextFilter.java:100)\r\n\tat org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:116)\r\n\tat org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:164)\r\n\tat org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:140)\r\n\tat org.springframework.web.filter.FormContentFilter.doFilterInternal(FormContentFilter.java:93)\r\n\tat org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:116)\r\n\tat org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:164)\r\n\tat org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:140)\r\n\tat org.springframework.web.filter.CharacterEncodingFilter.doFilterInternal(CharacterEncodingFilter.java:201)\r\n\tat org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:116)\r\n\tat org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:164)\r\n\tat org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:140)\r\n\tat org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:167)\r\n\tat org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:90)\r\n\tat org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:483)\r\n\tat org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:115)\r\n\tat org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:93)\r\n\tat org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:74)\r\n\tat org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:344)\r\n\tat org.apache.coyote.http11.Http11Processor.service(Http11Processor.java:397)\r\n\tat org.apache.coyote.AbstractProcessorLight.process(AbstractProcessorLight.java:63)\r\n\tat org.apache.coyote.AbstractProtocol$ConnectionHandler.process(AbstractProtocol.java:905)\r\n\tat org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1743)\r\n\tat org.apache.tomcat.util.net.SocketProcessorBase.run(SocketProcessorBase.java:52)\r\n\tat org.apache.tomcat.util.threads.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1190)\r\n\tat org.apache.tomcat.util.threads.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:659)\r\n\tat org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:63)\r\n\tat java.base/java.lang.Thread.run(Thread.java:1583)\r\n",
"message":  "No static resource .",
"path": "/"
}
< /code>
Dies ist der unprotante Teil meiner Spring Security Configuration -Klasse: < /p>
@Bean
@Order(1)
SecurityFilterChain authorizationServerSecurityFilterChain(HttpSecurity http) throws Exception {
OAuth2AuthorizationServerConfigurer authorizationServerConfigurer = OAuth2AuthorizationServerConfigurer
.authorizationServer();

http.securityMatcher(authorizationServerConfigurer.getEndpointsMatcher()).with(authorizationServerConfigurer,
(authorizationServer) -> authorizationServer.oidc(Customizer.withDefaults())
).authorizeHttpRequests((authorize) -> authorize //

// HERE :)

.anyRequest().authenticated())
// Redirect to the login page when not authenticated from the
// authorization endpoint
.exceptionHandling((exceptions) -> exceptions//
.defaultAuthenticationEntryPointFor( //
new LoginUrlAuthenticationEntryPoint("/login"),
new MediaTypeRequestMatcher(MediaType.TEXT_HTML, MediaType.APPLICATION_JSON)));

return http.build();
}

@Bean
@Order(2)
SecurityFilterChain defaultSecurityFilterChain(HttpSecurity http) throws Exception {
http.authorizeHttpRequests((authorize) -> authorize.anyRequest().authenticated()).csrf(CsrfConfigurer::disable)
// Form login handles the redirect to the login page from the
// authorization server filter chain
.formLogin(Customizer.withDefaults());

return http.build();
}

@Bean
UserDetailsService userDetailsService() {
UserDetails userDetails = User.builder() // .withDefaultPasswordEncoder()
.username("user") //
.password("{noop}123") //
.roles("USER") //
.build();

return new InMemoryUserDetailsManager(userDetails);
}

private static final String CLIENT_ID = "client-app";
private static final String CLIENT_SECRET = "secret12345";

@Bean
RegisteredClientRepository registeredClientRepository() {
RegisteredClient oidcClient = RegisteredClient.withId(UUID.randomUUID().toString()).clientId(CLIENT_ID)
.clientSecret("{noop}" + CLIENT_SECRET)
.clientAuthenticationMethod(ClientAuthenticationMethod.CLIENT_SECRET_BASIC)
.authorizationGrantType(AuthorizationGrantType.AUTHORIZATION_CODE)
.authorizationGrantType(AuthorizationGrantType.REFRESH_TOKEN)
.redirectUri("http://127.0.0.1:8080/login/oauth2/code/" + CLIENT_ID)
.redirectUri("http://127.0.0.1:8080/authorized") //
.postLogoutRedirectUri("http://127.0.0.1:8080/logout") //
.scope(OidcScopes.OPENID) //
.scope(OidcScopes.PROFILE) //
.scope("read") //
.scope("write") //
.clientSettings(ClientSettings.builder().requireAuthorizationConsent(true).build()).build();

return new InMemoryRegisteredClientRepository(oidcClient);
}
< /code>
Ich habe versucht, die nicht gesicherten Pfade ohne Wirkung zu dem hinzuzufügen, kurz vor dem .Anlequest () authenticated ()): < /p>
            .requestMatchers("/login").permitAll() //
Da es sich um eine Spring -Boot -Anwendung handelt, habe ich keine XML -Konfigurationsdateien, wie einige andere Lösungen erwähnt.>
Top
Post Reply Previous topicNext topic

Quick Reply

Change Text Case: 
   
  • Similar Topics
    Replies
    Views
    Last post

Return to “Java”