Warning: file_get_contents(/data/phpspider/zhask/data//catemap/9/spring-boot/5.json): failed to open stream: No such file or directory in /data/phpspider/zhask/libs/function.php on line 167

Warning: Invalid argument supplied for foreach() in /data/phpspider/zhask/libs/tag.function.php on line 1116

Notice: Undefined index: in /data/phpspider/zhask/libs/function.php on line 180

Warning: array_chunk() expects parameter 1 to be array, null given in /data/phpspider/zhask/libs/function.php on line 181
Google chrome SpringBoot 2 http基本安全性在chrome上始终为401,但在postman上始终为200_Google Chrome_Spring Boot_Spring Security_Cors - Fatal编程技术网
Fatal编程技术网
  • google-chrome/
  • Google chrome SpringBoot 2 http基本安全性在chrome上始终为401,但在postman上始终为200

Google chrome SpringBoot 2 http基本安全性在chrome上始终为401,但在postman上始终为200

google-chrome spring-boot spring-security cors

Google chrome SpringBoot 2 http基本安全性在chrome上始终为401,但在postman上始终为200,google-chrome,spring-boot,spring-security,cors,Google Chrome,Spring Boot,Spring Security,Cors,当使用http基本安全性向我的spring boot应用程序发送请求时,我成功了 companyuser@gmail.com==Y29tcGFueXVzZXJAZ21haWwuY29tOm0xMjM= 以下是服务器上的日志: 15:14:58.359 [http-nio-8082-exec-10] DEBUG o.s.security.web.FilterChainProxy - /auth/user at position 1 of 12 in additional filter chain

当使用http基本安全性向我的spring boot应用程序发送请求时,我成功了

companyuser@gmail.com==Y29tcGFueXVzZXJAZ21haWwuY29tOm0xMjM=

以下是服务器上的日志:

15:14:58.359 [http-nio-8082-exec-10] DEBUG o.s.security.web.FilterChainProxy - /auth/user at position 1 of 12 in additional filter chain; firing Filter: 'WebAsyncManagerIntegrationFilter'
15:14:58.359 [http-nio-8082-exec-10] DEBUG o.s.security.web.FilterChainProxy - /auth/user at position 2 of 12 in additional filter chain; firing Filter: 'SecurityContextPersistenceFilter'
15:14:58.359 [http-nio-8082-exec-10] DEBUG o.s.s.w.c.HttpSessionSecurityContextRepository - Obtained a valid SecurityContext from SPRING_SECURITY_CONTEXT: 'org.springframework.security.core.context.SecurityContextImpl@1b9df029: Authentication: org.springframework.security.authentication.UsernamePasswordAuthenticationToken@1b9df029: Principal: org.springframework.security.core.userdetails.User@44ceb5b9: Username: companyuser@gmail.com; Password: [PROTECTED]; Enabled: true; AccountNonExpired: true; credentialsNonExpired: true; AccountNonLocked: true; Granted Authorities: COMPANY_ADMIN,COMPANY_USER; Credentials: [PROTECTED]; Authenticated: true; Details: org.springframework.security.web.authentication.WebAuthenticationDetails@380f4: RemoteIpAddress: 0:0:0:0:0:0:0:1; SessionId: 576768B8D272582DD22DE41579E13BC6; Granted Authorities: COMPANY_ADMIN, COMPANY_USER'
15:14:58.360 [http-nio-8082-exec-10] DEBUG o.s.security.web.FilterChainProxy - /auth/user at position 3 of 12 in additional filter chain; firing Filter: 'HeaderWriterFilter'
15:14:58.360 [http-nio-8082-exec-10] DEBUG o.s.security.web.FilterChainProxy - /auth/user at position 4 of 12 in additional filter chain; firing Filter: 'CsrfFilter'
15:14:58.360 [http-nio-8082-exec-10] DEBUG o.s.security.web.FilterChainProxy - /auth/user at position 5 of 12 in additional filter chain; firing Filter: 'LogoutFilter'
15:14:58.360 [http-nio-8082-exec-10] DEBUG o.s.s.w.u.m.AntPathRequestMatcher - Request 'GET /auth/user' doesn't match 'POST /logout'
15:14:58.360 [http-nio-8082-exec-10] DEBUG o.s.security.web.FilterChainProxy - /auth/user at position 6 of 12 in additional filter chain; firing Filter: 'BasicAuthenticationFilter'
15:14:58.360 [http-nio-8082-exec-10] DEBUG o.s.s.w.a.w.BasicAuthenticationFilter - Basic Authentication Authorization header found for user 'companyuser@gmail.com'
15:14:58.360 [http-nio-8082-exec-10] DEBUG o.s.security.web.FilterChainProxy - /auth/user at position 7 of 12 in additional filter chain; firing Filter: 'RequestCacheAwareFilter'
15:14:58.360 [http-nio-8082-exec-10] DEBUG o.s.s.w.s.HttpSessionRequestCache - saved request doesn't match
15:14:58.360 [http-nio-8082-exec-10] DEBUG o.s.security.web.FilterChainProxy - /auth/user at position 8 of 12 in additional filter chain; firing Filter: 'SecurityContextHolderAwareRequestFilter'
15:14:58.360 [http-nio-8082-exec-10] DEBUG o.s.security.web.FilterChainProxy - /auth/user at position 9 of 12 in additional filter chain; firing Filter: 'AnonymousAuthenticationFilter'
15:14:58.361 [http-nio-8082-exec-10] DEBUG o.s.s.w.a.AnonymousAuthenticationFilter - SecurityContextHolder not populated with anonymous token, as it already contained: 'org.springframework.security.authentication.UsernamePasswordAuthenticationToken@1b9df029: Principal: org.springframework.security.core.userdetails.User@44ceb5b9: Username: companyuser@gmail.com; Password: [PROTECTED]; Enabled: true; AccountNonExpired: true; credentialsNonExpired: true; AccountNonLocked: true; Granted Authorities: COMPANY_ADMIN,COMPANY_USER; Credentials: [PROTECTED]; Authenticated: true; Details: org.springframework.security.web.authentication.WebAuthenticationDetails@380f4: RemoteIpAddress: 0:0:0:0:0:0:0:1; SessionId: 576768B8D272582DD22DE41579E13BC6; Granted Authorities: COMPANY_ADMIN, COMPANY_USER'
15:14:58.361 [http-nio-8082-exec-10] DEBUG o.s.security.web.FilterChainProxy - /auth/user at position 10 of 12 in additional filter chain; firing Filter: 'SessionManagementFilter'
15:14:58.361 [http-nio-8082-exec-10] DEBUG o.s.security.web.FilterChainProxy - /auth/user at position 11 of 12 in additional filter chain; firing Filter: 'ExceptionTranslationFilter'
15:14:58.361 [http-nio-8082-exec-10] DEBUG o.s.security.web.FilterChainProxy - /auth/user at position 12 of 12 in additional filter chain; firing Filter: 'FilterSecurityInterceptor'
15:14:58.361 [http-nio-8082-exec-10] DEBUG o.s.s.w.u.m.AntPathRequestMatcher - Checking match of request : '/auth/user'; against '/securityNone'
15:14:58.361 [http-nio-8082-exec-10] DEBUG o.s.s.w.a.i.FilterSecurityInterceptor - Secure object: FilterInvocation: URL: /auth/user; Attributes: [authenticated]
15:14:58.361 [http-nio-8082-exec-10] DEBUG o.s.s.w.a.i.FilterSecurityInterceptor - Previously Authenticated: org.springframework.security.authentication.UsernamePasswordAuthenticationToken@1b9df029: Principal: org.springframework.security.core.userdetails.User@44ceb5b9: Username: companyuser@gmail.com; Password: [PROTECTED]; Enabled: true; AccountNonExpired: true; credentialsNonExpired: true; AccountNonLocked: true; Granted Authorities: COMPANY_ADMIN,COMPANY_USER; Credentials: [PROTECTED]; Authenticated: true; Details: org.springframework.security.web.authentication.WebAuthenticationDetails@380f4: RemoteIpAddress: 0:0:0:0:0:0:0:1; SessionId: 576768B8D272582DD22DE41579E13BC6; Granted Authorities: COMPANY_ADMIN, COMPANY_USER
15:14:58.361 [http-nio-8082-exec-10] DEBUG o.s.s.access.vote.AffirmativeBased - Voter: org.springframework.security.web.access.expression.WebExpressionVoter@60df6881, returned: 1
15:14:58.361 [http-nio-8082-exec-10] DEBUG o.s.s.w.a.i.FilterSecurityInterceptor - Authorization successful
15:14:58.361 [http-nio-8082-exec-10] DEBUG o.s.s.w.a.i.FilterSecurityInterceptor - RunAsManager did not change Authentication object
15:14:58.361 [http-nio-8082-exec-10] DEBUG o.s.security.web.FilterChainProxy - /auth/user reached end of additional filter chain; proceeding with original chain
15:14:58.366 [http-nio-8082-exec-10] DEBUG o.s.s.w.h.writers.HstsHeaderWriter - Not injecting HSTS header since it did not match the requestMatcher org.springframework.security.web.header.writers.HstsHeaderWriter$SecureRequestMatcher@c0f06f8
15:14:58.369 [http-nio-8082-exec-10] DEBUG o.s.s.w.a.ExceptionTranslationFilter - Chain processed normally
15:14:58.369 [http-nio-8082-exec-10] DEBUG o.s.s.w.c.SecurityContextPersistenceFilter - SecurityContextHolder now cleared, as request processing completed

15:10:36.205 [http-nio-8082-exec-4] DEBUG o.s.security.web.FilterChainProxy - /auth/user at position 1 of 12 in additional filter chain; firing Filter: 'WebAsyncManagerIntegrationFilter'
15:10:36.206 [http-nio-8082-exec-4] DEBUG o.s.security.web.FilterChainProxy - /auth/user at position 2 of 12 in additional filter chain; firing Filter: 'SecurityContextPersistenceFilter'
15:10:36.206 [http-nio-8082-exec-4] DEBUG o.s.s.w.c.HttpSessionSecurityContextRepository - No HttpSession currently exists
15:10:36.206 [http-nio-8082-exec-4] DEBUG o.s.s.w.c.HttpSessionSecurityContextRepository - No SecurityContext was available from the HttpSession: null. A new one will be created.
15:10:36.206 [http-nio-8082-exec-4] DEBUG o.s.security.web.FilterChainProxy - /auth/user at position 3 of 12 in additional filter chain; firing Filter: 'HeaderWriterFilter'
15:10:36.206 [http-nio-8082-exec-4] DEBUG o.s.security.web.FilterChainProxy - /auth/user at position 4 of 12 in additional filter chain; firing Filter: 'CsrfFilter'
15:10:36.206 [http-nio-8082-exec-4] DEBUG o.s.security.web.FilterChainProxy - /auth/user at position 5 of 12 in additional filter chain; firing Filter: 'LogoutFilter'
15:10:36.206 [http-nio-8082-exec-4] DEBUG o.s.s.w.u.m.AntPathRequestMatcher - Request 'OPTIONS /auth/user' doesn't match 'POST /logout'
15:10:36.206 [http-nio-8082-exec-4] DEBUG o.s.security.web.FilterChainProxy - /auth/user at position 6 of 12 in additional filter chain; firing Filter: 'BasicAuthenticationFilter'
15:10:36.207 [http-nio-8082-exec-4] DEBUG o.s.security.web.FilterChainProxy - /auth/user at position 7 of 12 in additional filter chain; firing Filter: 'RequestCacheAwareFilter'
15:10:36.207 [http-nio-8082-exec-4] DEBUG o.s.s.w.s.HttpSessionRequestCache - saved request doesn't match
15:10:36.207 [http-nio-8082-exec-4] DEBUG o.s.security.web.FilterChainProxy - /auth/user at position 8 of 12 in additional filter chain; firing Filter: 'SecurityContextHolderAwareRequestFilter'
15:10:36.207 [http-nio-8082-exec-4] DEBUG o.s.security.web.FilterChainProxy - /auth/user at position 9 of 12 in additional filter chain; firing Filter: 'AnonymousAuthenticationFilter'
15:10:36.207 [http-nio-8082-exec-4] DEBUG o.s.s.w.a.AnonymousAuthenticationFilter - Populated SecurityContextHolder with anonymous token: 'org.springframework.security.authentication.AnonymousAuthenticationToken@eb36b2ff: Principal: anonymousUser; Credentials: [PROTECTED]; Authenticated: true; Details: org.springframework.security.web.authentication.WebAuthenticationDetails@b364: RemoteIpAddress: 0:0:0:0:0:0:0:1; SessionId: null; Granted Authorities: ROLE_ANONYMOUS'
15:10:36.207 [http-nio-8082-exec-4] DEBUG o.s.security.web.FilterChainProxy - /auth/user at position 10 of 12 in additional filter chain; firing Filter: 'SessionManagementFilter'
15:10:36.207 [http-nio-8082-exec-4] DEBUG o.s.security.web.FilterChainProxy - /auth/user at position 11 of 12 in additional filter chain; firing Filter: 'ExceptionTranslationFilter'
15:10:36.208 [http-nio-8082-exec-4] DEBUG o.s.security.web.FilterChainProxy - /auth/user at position 12 of 12 in additional filter chain; firing Filter: 'FilterSecurityInterceptor'
15:10:36.208 [http-nio-8082-exec-4] DEBUG o.s.s.w.u.m.AntPathRequestMatcher - Checking match of request : '/auth/user'; against '/securityNone'
15:10:36.208 [http-nio-8082-exec-4] DEBUG o.s.s.w.a.i.FilterSecurityInterceptor - Secure object: FilterInvocation: URL: /auth/user; Attributes: [authenticated]
15:10:36.208 [http-nio-8082-exec-4] DEBUG o.s.s.w.a.i.FilterSecurityInterceptor - Previously Authenticated: org.springframework.security.authentication.AnonymousAuthenticationToken@eb36b2ff: Principal: anonymousUser; Credentials: [PROTECTED]; Authenticated: true; Details: org.springframework.security.web.authentication.WebAuthenticationDetails@b364: RemoteIpAddress: 0:0:0:0:0:0:0:1; SessionId: null; Granted Authorities: ROLE_ANONYMOUS
15:10:36.208 [http-nio-8082-exec-4] DEBUG o.s.s.access.vote.AffirmativeBased - Voter: org.springframework.security.web.access.expression.WebExpressionVoter@60df6881, returned: -1
15:10:36.214 [http-nio-8082-exec-4] DEBUG o.s.s.w.a.ExceptionTranslationFilter - Access is denied (user is anonymous); redirecting to authentication entry point
org.springframework.security.access.AccessDeniedException: Access is denied
当我在chrome上尝试同样的方法时,我得到了401:

以下是服务器上的日志:

15:14:58.359 [http-nio-8082-exec-10] DEBUG o.s.security.web.FilterChainProxy - /auth/user at position 1 of 12 in additional filter chain; firing Filter: 'WebAsyncManagerIntegrationFilter'
15:14:58.359 [http-nio-8082-exec-10] DEBUG o.s.security.web.FilterChainProxy - /auth/user at position 2 of 12 in additional filter chain; firing Filter: 'SecurityContextPersistenceFilter'
15:14:58.359 [http-nio-8082-exec-10] DEBUG o.s.s.w.c.HttpSessionSecurityContextRepository - Obtained a valid SecurityContext from SPRING_SECURITY_CONTEXT: 'org.springframework.security.core.context.SecurityContextImpl@1b9df029: Authentication: org.springframework.security.authentication.UsernamePasswordAuthenticationToken@1b9df029: Principal: org.springframework.security.core.userdetails.User@44ceb5b9: Username: companyuser@gmail.com; Password: [PROTECTED]; Enabled: true; AccountNonExpired: true; credentialsNonExpired: true; AccountNonLocked: true; Granted Authorities: COMPANY_ADMIN,COMPANY_USER; Credentials: [PROTECTED]; Authenticated: true; Details: org.springframework.security.web.authentication.WebAuthenticationDetails@380f4: RemoteIpAddress: 0:0:0:0:0:0:0:1; SessionId: 576768B8D272582DD22DE41579E13BC6; Granted Authorities: COMPANY_ADMIN, COMPANY_USER'
15:14:58.360 [http-nio-8082-exec-10] DEBUG o.s.security.web.FilterChainProxy - /auth/user at position 3 of 12 in additional filter chain; firing Filter: 'HeaderWriterFilter'
15:14:58.360 [http-nio-8082-exec-10] DEBUG o.s.security.web.FilterChainProxy - /auth/user at position 4 of 12 in additional filter chain; firing Filter: 'CsrfFilter'
15:14:58.360 [http-nio-8082-exec-10] DEBUG o.s.security.web.FilterChainProxy - /auth/user at position 5 of 12 in additional filter chain; firing Filter: 'LogoutFilter'
15:14:58.360 [http-nio-8082-exec-10] DEBUG o.s.s.w.u.m.AntPathRequestMatcher - Request 'GET /auth/user' doesn't match 'POST /logout'
15:14:58.360 [http-nio-8082-exec-10] DEBUG o.s.security.web.FilterChainProxy - /auth/user at position 6 of 12 in additional filter chain; firing Filter: 'BasicAuthenticationFilter'
15:14:58.360 [http-nio-8082-exec-10] DEBUG o.s.s.w.a.w.BasicAuthenticationFilter - Basic Authentication Authorization header found for user 'companyuser@gmail.com'
15:14:58.360 [http-nio-8082-exec-10] DEBUG o.s.security.web.FilterChainProxy - /auth/user at position 7 of 12 in additional filter chain; firing Filter: 'RequestCacheAwareFilter'
15:14:58.360 [http-nio-8082-exec-10] DEBUG o.s.s.w.s.HttpSessionRequestCache - saved request doesn't match
15:14:58.360 [http-nio-8082-exec-10] DEBUG o.s.security.web.FilterChainProxy - /auth/user at position 8 of 12 in additional filter chain; firing Filter: 'SecurityContextHolderAwareRequestFilter'
15:14:58.360 [http-nio-8082-exec-10] DEBUG o.s.security.web.FilterChainProxy - /auth/user at position 9 of 12 in additional filter chain; firing Filter: 'AnonymousAuthenticationFilter'
15:14:58.361 [http-nio-8082-exec-10] DEBUG o.s.s.w.a.AnonymousAuthenticationFilter - SecurityContextHolder not populated with anonymous token, as it already contained: 'org.springframework.security.authentication.UsernamePasswordAuthenticationToken@1b9df029: Principal: org.springframework.security.core.userdetails.User@44ceb5b9: Username: companyuser@gmail.com; Password: [PROTECTED]; Enabled: true; AccountNonExpired: true; credentialsNonExpired: true; AccountNonLocked: true; Granted Authorities: COMPANY_ADMIN,COMPANY_USER; Credentials: [PROTECTED]; Authenticated: true; Details: org.springframework.security.web.authentication.WebAuthenticationDetails@380f4: RemoteIpAddress: 0:0:0:0:0:0:0:1; SessionId: 576768B8D272582DD22DE41579E13BC6; Granted Authorities: COMPANY_ADMIN, COMPANY_USER'
15:14:58.361 [http-nio-8082-exec-10] DEBUG o.s.security.web.FilterChainProxy - /auth/user at position 10 of 12 in additional filter chain; firing Filter: 'SessionManagementFilter'
15:14:58.361 [http-nio-8082-exec-10] DEBUG o.s.security.web.FilterChainProxy - /auth/user at position 11 of 12 in additional filter chain; firing Filter: 'ExceptionTranslationFilter'
15:14:58.361 [http-nio-8082-exec-10] DEBUG o.s.security.web.FilterChainProxy - /auth/user at position 12 of 12 in additional filter chain; firing Filter: 'FilterSecurityInterceptor'
15:14:58.361 [http-nio-8082-exec-10] DEBUG o.s.s.w.u.m.AntPathRequestMatcher - Checking match of request : '/auth/user'; against '/securityNone'
15:14:58.361 [http-nio-8082-exec-10] DEBUG o.s.s.w.a.i.FilterSecurityInterceptor - Secure object: FilterInvocation: URL: /auth/user; Attributes: [authenticated]
15:14:58.361 [http-nio-8082-exec-10] DEBUG o.s.s.w.a.i.FilterSecurityInterceptor - Previously Authenticated: org.springframework.security.authentication.UsernamePasswordAuthenticationToken@1b9df029: Principal: org.springframework.security.core.userdetails.User@44ceb5b9: Username: companyuser@gmail.com; Password: [PROTECTED]; Enabled: true; AccountNonExpired: true; credentialsNonExpired: true; AccountNonLocked: true; Granted Authorities: COMPANY_ADMIN,COMPANY_USER; Credentials: [PROTECTED]; Authenticated: true; Details: org.springframework.security.web.authentication.WebAuthenticationDetails@380f4: RemoteIpAddress: 0:0:0:0:0:0:0:1; SessionId: 576768B8D272582DD22DE41579E13BC6; Granted Authorities: COMPANY_ADMIN, COMPANY_USER
15:14:58.361 [http-nio-8082-exec-10] DEBUG o.s.s.access.vote.AffirmativeBased - Voter: org.springframework.security.web.access.expression.WebExpressionVoter@60df6881, returned: 1
15:14:58.361 [http-nio-8082-exec-10] DEBUG o.s.s.w.a.i.FilterSecurityInterceptor - Authorization successful
15:14:58.361 [http-nio-8082-exec-10] DEBUG o.s.s.w.a.i.FilterSecurityInterceptor - RunAsManager did not change Authentication object
15:14:58.361 [http-nio-8082-exec-10] DEBUG o.s.security.web.FilterChainProxy - /auth/user reached end of additional filter chain; proceeding with original chain
15:14:58.366 [http-nio-8082-exec-10] DEBUG o.s.s.w.h.writers.HstsHeaderWriter - Not injecting HSTS header since it did not match the requestMatcher org.springframework.security.web.header.writers.HstsHeaderWriter$SecureRequestMatcher@c0f06f8
15:14:58.369 [http-nio-8082-exec-10] DEBUG o.s.s.w.a.ExceptionTranslationFilter - Chain processed normally
15:14:58.369 [http-nio-8082-exec-10] DEBUG o.s.s.w.c.SecurityContextPersistenceFilter - SecurityContextHolder now cleared, as request processing completed

15:10:36.205 [http-nio-8082-exec-4] DEBUG o.s.security.web.FilterChainProxy - /auth/user at position 1 of 12 in additional filter chain; firing Filter: 'WebAsyncManagerIntegrationFilter'
15:10:36.206 [http-nio-8082-exec-4] DEBUG o.s.security.web.FilterChainProxy - /auth/user at position 2 of 12 in additional filter chain; firing Filter: 'SecurityContextPersistenceFilter'
15:10:36.206 [http-nio-8082-exec-4] DEBUG o.s.s.w.c.HttpSessionSecurityContextRepository - No HttpSession currently exists
15:10:36.206 [http-nio-8082-exec-4] DEBUG o.s.s.w.c.HttpSessionSecurityContextRepository - No SecurityContext was available from the HttpSession: null. A new one will be created.
15:10:36.206 [http-nio-8082-exec-4] DEBUG o.s.security.web.FilterChainProxy - /auth/user at position 3 of 12 in additional filter chain; firing Filter: 'HeaderWriterFilter'
15:10:36.206 [http-nio-8082-exec-4] DEBUG o.s.security.web.FilterChainProxy - /auth/user at position 4 of 12 in additional filter chain; firing Filter: 'CsrfFilter'
15:10:36.206 [http-nio-8082-exec-4] DEBUG o.s.security.web.FilterChainProxy - /auth/user at position 5 of 12 in additional filter chain; firing Filter: 'LogoutFilter'
15:10:36.206 [http-nio-8082-exec-4] DEBUG o.s.s.w.u.m.AntPathRequestMatcher - Request 'OPTIONS /auth/user' doesn't match 'POST /logout'
15:10:36.206 [http-nio-8082-exec-4] DEBUG o.s.security.web.FilterChainProxy - /auth/user at position 6 of 12 in additional filter chain; firing Filter: 'BasicAuthenticationFilter'
15:10:36.207 [http-nio-8082-exec-4] DEBUG o.s.security.web.FilterChainProxy - /auth/user at position 7 of 12 in additional filter chain; firing Filter: 'RequestCacheAwareFilter'
15:10:36.207 [http-nio-8082-exec-4] DEBUG o.s.s.w.s.HttpSessionRequestCache - saved request doesn't match
15:10:36.207 [http-nio-8082-exec-4] DEBUG o.s.security.web.FilterChainProxy - /auth/user at position 8 of 12 in additional filter chain; firing Filter: 'SecurityContextHolderAwareRequestFilter'
15:10:36.207 [http-nio-8082-exec-4] DEBUG o.s.security.web.FilterChainProxy - /auth/user at position 9 of 12 in additional filter chain; firing Filter: 'AnonymousAuthenticationFilter'
15:10:36.207 [http-nio-8082-exec-4] DEBUG o.s.s.w.a.AnonymousAuthenticationFilter - Populated SecurityContextHolder with anonymous token: 'org.springframework.security.authentication.AnonymousAuthenticationToken@eb36b2ff: Principal: anonymousUser; Credentials: [PROTECTED]; Authenticated: true; Details: org.springframework.security.web.authentication.WebAuthenticationDetails@b364: RemoteIpAddress: 0:0:0:0:0:0:0:1; SessionId: null; Granted Authorities: ROLE_ANONYMOUS'
15:10:36.207 [http-nio-8082-exec-4] DEBUG o.s.security.web.FilterChainProxy - /auth/user at position 10 of 12 in additional filter chain; firing Filter: 'SessionManagementFilter'
15:10:36.207 [http-nio-8082-exec-4] DEBUG o.s.security.web.FilterChainProxy - /auth/user at position 11 of 12 in additional filter chain; firing Filter: 'ExceptionTranslationFilter'
15:10:36.208 [http-nio-8082-exec-4] DEBUG o.s.security.web.FilterChainProxy - /auth/user at position 12 of 12 in additional filter chain; firing Filter: 'FilterSecurityInterceptor'
15:10:36.208 [http-nio-8082-exec-4] DEBUG o.s.s.w.u.m.AntPathRequestMatcher - Checking match of request : '/auth/user'; against '/securityNone'
15:10:36.208 [http-nio-8082-exec-4] DEBUG o.s.s.w.a.i.FilterSecurityInterceptor - Secure object: FilterInvocation: URL: /auth/user; Attributes: [authenticated]
15:10:36.208 [http-nio-8082-exec-4] DEBUG o.s.s.w.a.i.FilterSecurityInterceptor - Previously Authenticated: org.springframework.security.authentication.AnonymousAuthenticationToken@eb36b2ff: Principal: anonymousUser; Credentials: [PROTECTED]; Authenticated: true; Details: org.springframework.security.web.authentication.WebAuthenticationDetails@b364: RemoteIpAddress: 0:0:0:0:0:0:0:1; SessionId: null; Granted Authorities: ROLE_ANONYMOUS
15:10:36.208 [http-nio-8082-exec-4] DEBUG o.s.s.access.vote.AffirmativeBased - Voter: org.springframework.security.web.access.expression.WebExpressionVoter@60df6881, returned: -1
15:10:36.214 [http-nio-8082-exec-4] DEBUG o.s.s.w.a.ExceptionTranslationFilter - Access is denied (user is anonymous); redirecting to authentication entry point
org.springframework.security.access.AccessDeniedException: Access is denied
这是我的配置:

@Override
    protected void configure(HttpSecurity http) throws Exception {
        http.authorizeRequests()
                .antMatchers("/securityNone").permitAll()
                .anyRequest().authenticated()
                .and()
                .httpBasic()
                .authenticationEntryPoint(appAuthenticationEntryPoint);
    }
这是我的rest控制器:

@RestController
public class AuthController
{
    @CrossOrigin(origins = "http://localhost:4200")
    @RequestMapping(value = "/auth/user", method = RequestMethod.GET)
    public Principal user(Principal user)
    {
        return user;
    }
}
我确实在chrome中看到了这些错误:

知道我哪里出错了吗?

我启用了cors:

protected void configure(HttpSecurity http) throws Exception {
    http.authorizeRequests()
            .antMatchers("/securityNone").permitAll()
            .and()
            .httpBasic()
            .authenticationEntryPoint(appAuthenticationEntryPoint);
    http.cors();
}
它成功了。我发现此信息“在Spring安全级别启用CORS”

您应该在服务器端启用CORS,或者更好地通过UI服务器将请求路由到后端…Add.antMatchers(HttpMethod.OPTIONS,“/path/to/allow”).permitAll()