Java spring security未调用loadUserByUsername()方法
我是Spring security的新手,刚刚开始学习它。我想使用一个自定义用户类,所以我尝试实现UserDetailsService接口并重写loadUserByUsername方法以返回自定义用户对象。但spring安全性并没有调用loadUserByUsername,所以用户并没有得到身份验证,而是被重定向到登录页面。 我不知道出了什么问题 代码: 用户类 这里怎么了?为什么不调用loadUserByUsername? 调试日志Java spring security未调用loadUserByUsername()方法,java,spring,spring-boot,spring-security,spring-data-jpa,Java,Spring,Spring Boot,Spring Security,Spring Data Jpa,我是Spring security的新手,刚刚开始学习它。我想使用一个自定义用户类,所以我尝试实现UserDetailsService接口并重写loadUserByUsername方法以返回自定义用户对象。但spring安全性并没有调用loadUserByUsername,所以用户并没有得到身份验证,而是被重定向到登录页面。 我不知道出了什么问题 代码: 用户类 这里怎么了?为什么不调用loadUserByUsername? 调试日志 请尝试修改如下 .and().formLogin()
请尝试修改如下
.and().formLogin()
.loginPage("/login")
.loginProcessingUrl("/login")
.failureUrl("/login?error=true")
.defaultSuccessUrl("/default") // add page where to navigate after login
.usernameParameter("username") // make sure your form has correct params
.passwordParameter("password") // make sure your form has correct params
.permitAll() // allow access
@GetMapping(value = "/login")
public ModelAndView login(@RequestParam(value = "error", required = false) String error,
@RequestParam(value = "logout", required = false) String logout) {
logger.info("Login(error): {}", error);
logger.info("Login(logout): {}", logout);
ModelAndView model = new ModelAndView();
if (error != null) {
model.addObject("error", "Invalid username/password");
}
if (logout != null) {
model.addObject("message", "Logged out");
}
model.setViewName("login");
return model;
}
@GetMapping("/default")
public String defaultAfterLogin(HttpServletRequest httpServletRequest) {
return "redirect:/";
}
我也面临同样的问题,我可以在下面的日志中看到 休眠:选择user0.id作为id1\u 0\u,user0\u.is\u active作为is\u activiv2\u 0\u,user0\u.password作为password3\u 0\u,user0\u.roles作为roles4\u 0\u,user0\u.user\u name作为user\u nam5\u 0\u来自user0\u其中user0\u.user\u name= 表示loadUserByUserName正在数据库中搜索用户名为的用户。 我用数据库中的userName列创建了userName 当我从user中选择*时,其中user_name=; 它将返回user_name=null 这就是为什么它没有授权用户,并且无法在数据库中找到用户。 我用与userName列相同的值更新了该列,它成功了。
你击中哪个端点?您希望出现什么样的行为?尝试添加@Override@Bean public AuthenticationManager authenticationManagerBean抛出异常{return super.authenticationManagerBean;}@fg78nc当我尝试访问/home时,它会按预期重定向到登录页面,但当我提交具有有效用户名和密码的登录表单时,仍然是重定向到登录页面。我本想点击主页。@fg78nc添加了authenticationManagerBean,仍然不工作。请参阅下面我的答案,因为它不适合注释。没有工作伙伴,仍然是相同的结果。。每次提交表单时,都会调用登录方法3次,并更新问题以包括html表单和登录controller@Arjun尝试将.csrf.disable添加到表单中的http.1 add method=POST。2您不应该从GetAuthories返回null。将其更改为@Override public collection您还可以添加{noop}前缀
public interface UserRepository extends JpaRepository<User, Long>{
User findByUsername(String username);
List<User> findByName(String name);
}
@Controller
public class MainController {
@RequestMapping(value= {"/login"})
public String login() {
System.out.println("login called");
return "login";
}
@RequestMapping(value={"/",/home"})
public String homeReturner(HttpServletRequest request,Model model) {
System.out.println("home returner called");
model.addAttribute("name", request.getAttribute("name"));
return "home";
}
}
@Entity
public class User implements UserDetails {
@Id
@GeneratedValue(strategy=GenerationType.AUTO)
private Integer id;
private String name;
private String username;
private String password;
public Integer getId() {
return id;
}
public void setId(Integer id) {
this.id = id;
}
public String getName() {
return name;
}
public void setName(String name) {
this.name = name;
}
public String getUsername() {
return username;
}
public void setUsername(String userName) {
this.username = userName;
}
public String getPassword() {
return password;
}
public void setPassword(String password) {
this.password = password;
}
@Override
public Collection<? extends GrantedAuthority> getAuthorities() {
// TODO Auto-generated method stub
return null;
}
@Override
public boolean isAccountNonExpired() {
// TODO Auto-generated method stub
return true;
}
@Override
public boolean isAccountNonLocked() {
// TODO Auto-generated method stub
return true;
}
@Override
public boolean isCredentialsNonExpired() {
// TODO Auto-generated method stub
return true;
}
@Override
public boolean isEnabled() {
// TODO Auto-generated method stub
return true;
}
}
<form action="/signin">
<input type="text" name="username" placeholder="Email"> <input type="password" name="password" placeholder="Password"> <button type="submit">Sign in</button><br>
<input type="checkbox" name=""> <label>Remember me.</label> <input type="checkbox" name=""><label>Forgot password?</label>
</form>
@Controller
public class LoginController {
@Autowired
private UserRepository userRepository;
@GetMapping(path="/signin")
public String signin() {
System.out.print("signin called");
return "home";
}
}
2018-07-04 21:59:19.249 DEBUG 7128 --- [nio-8080-exec-4] o.s.s.w.util.matcher.AndRequestMatcher : Trying to match using NegatedRequestMatcher [requestMatcher=Ant [pattern='/**/favicon.ico']]
2018-07-04 21:59:19.250 DEBUG 7128 --- [nio-8080-exec-4] o.s.s.w.u.matcher.AntPathRequestMatcher : Checking match of request : '/favicon.ico'; against '/**/favicon.ico'
2018-07-04 21:59:19.251 DEBUG 7128 --- [nio-8080-exec-4] o.s.s.w.u.matcher.NegatedRequestMatcher : matches = false
2018-07-04 21:59:19.252 DEBUG 7128 --- [nio-8080-exec-4] o.s.s.w.util.matcher.AndRequestMatcher : Did not match
2018-07-04 21:59:19.252 DEBUG 7128 --- [nio-8080-exec-4] o.s.s.w.s.HttpSessionRequestCache : Request not saved as configured RequestMatcher did not match
2018-07-04 21:59:19.252 DEBUG 7128 --- [nio-8080-exec-4] o.s.s.w.a.ExceptionTranslationFilter : Calling Authentication entry point.
2018-07-04 21:59:19.253 DEBUG 7128 --- [nio-8080-exec-4] o.s.s.web.DefaultRedirectStrategy : Redirecting to 'http://localhost:8080/login'
2018-07-04 21:59:19.254 DEBUG 7128 --- [nio-8080-exec-4] o.s.s.w.header.writers.HstsHeaderWriter : Not injecting HSTS header since it did not match the requestMatcher org.springframework.security.web.header.writers.HstsHeaderWriter$SecureRequestMatcher@7a1d6f3f
2018-07-04 21:59:19.254 DEBUG 7128 --- [nio-8080-exec-4] w.c.HttpSessionSecurityContextRepository : SecurityContext is empty or contents are anonymous - context will not be stored in HttpSession.
2018-07-04 21:59:19.257 DEBUG 7128 --- [nio-8080-exec-4] s.s.w.c.SecurityContextPersistenceFilter : SecurityContextHolder now cleared, as request processing completed
2018-07-04 21:59:19.298 DEBUG 7128 --- [nio-8080-exec-3] o.s.security.web.FilterChainProxy : /login at position 1 of 11 in additional filter chain; firing Filter: 'WebAsyncManagerIntegrationFilter'
2018-07-04 21:59:19.298 DEBUG 7128 --- [nio-8080-exec-3] o.s.security.web.FilterChainProxy : /login at position 2 of 11 in additional filter chain; firing Filter: 'SecurityContextPersistenceFilter'
2018-07-04 21:59:19.298 DEBUG 7128 --- [nio-8080-exec-3] w.c.HttpSessionSecurityContextRepository : HttpSession returned null object for SPRING_SECURITY_CONTEXT
2018-07-04 21:59:19.298 DEBUG 7128 --- [nio-8080-exec-3] w.c.HttpSessionSecurityContextRepository : No SecurityContext was available from the HttpSession: org.apache.catalina.session.StandardSessionFacade@22d63ce1. A new one will be created.
2018-07-04 21:59:19.299 DEBUG 7128 --- [nio-8080-exec-3] o.s.security.web.FilterChainProxy : /login at position 3 of 11 in additional filter chain; firing Filter: 'HeaderWriterFilter'
2018-07-04 21:59:19.300 DEBUG 7128 --- [nio-8080-exec-3] o.s.security.web.FilterChainProxy : /login at position 4 of 11 in additional filter chain; firing Filter: 'LogoutFilter'
2018-07-04 21:59:19.300 DEBUG 7128 --- [nio-8080-exec-3] o.s.s.w.u.matcher.AntPathRequestMatcher : Checking match of request : '/login'; against '/logout'
2018-07-04 21:59:19.301 DEBUG 7128 --- [nio-8080-exec-3] o.s.security.web.FilterChainProxy : /login at position 5 of 11 in additional filter chain; firing Filter: 'UsernamePasswordAuthenticationFilter'
2018-07-04 21:59:19.301 DEBUG 7128 --- [nio-8080-exec-3] o.s.s.w.u.matcher.AntPathRequestMatcher : Request 'GET /login' doesn't match 'POST /login
2018-07-04 21:59:19.302 DEBUG 7128 --- [nio-8080-exec-3] o.s.security.web.FilterChainProxy : /login at position 6 of 11 in additional filter chain; firing Filter: 'RequestCacheAwareFilter'
2018-07-04 21:59:19.302 DEBUG 7128 --- [nio-8080-exec-3] o.s.s.w.s.DefaultSavedRequest : pathInfo: both null (property equals)
2018-07-04 21:59:19.302 DEBUG 7128 --- [nio-8080-exec-3] o.s.s.w.s.DefaultSavedRequest : queryString: both null (property equals)
2018-07-04 21:59:19.303 DEBUG 7128 --- [nio-8080-exec-3] o.s.s.w.s.DefaultSavedRequest : requestURI: arg1=/home; arg2=/login (property not equals)
2018-07-04 21:59:19.303 DEBUG 7128 --- [nio-8080-exec-3] o.s.s.w.s.HttpSessionRequestCache : saved request doesn't match
2018-07-04 21:59:19.303 DEBUG 7128 --- [nio-8080-exec-3] o.s.security.web.FilterChainProxy : /login at position 7 of 11 in additional filter chain; firing Filter: 'SecurityContextHolderAwareRequestFilter'
2018-07-04 21:59:19.304 DEBUG 7128 --- [nio-8080-exec-3] o.s.security.web.FilterChainProxy : /login at position 8 of 11 in additional filter chain; firing Filter: 'AnonymousAuthenticationFilter'
2018-07-04 21:59:19.304 DEBUG 7128 --- [nio-8080-exec-3] o.s.s.w.a.AnonymousAuthenticationFilter : Populated SecurityContextHolder with anonymous token: 'org.springframework.security.authentication.AnonymousAuthenticationToken@3793fe54: Principal: anonymousUser; Credentials: [PROTECTED]; Authenticated: true; Details: org.springframework.security.web.authentication.WebAuthenticationDetails@fffde5d4: RemoteIpAddress: 0:0:0:0:0:0:0:1; SessionId: FB5BC6CF44B2064132ADF5A75EE463DD; Granted Authorities: ROLE_ANONYMOUS'
2018-07-04 21:59:19.306 DEBUG 7128 --- [nio-8080-exec-3] o.s.security.web.FilterChainProxy : /login at position 9 of 11 in additional filter chain; firing Filter: 'SessionManagementFilter'
2018-07-04 21:59:19.306 DEBUG 7128 --- [nio-8080-exec-3] o.s.security.web.FilterChainProxy : /login at position 10 of 11 in additional filter chain; firing Filter: 'ExceptionTranslationFilter'
2018-07-04 21:59:19.307 DEBUG 7128 --- [nio-8080-exec-3] o.s.security.web.FilterChainProxy : /login at position 11 of 11 in additional filter chain; firing Filter: 'FilterSecurityInterceptor'
2018-07-04 21:59:19.307 DEBUG 7128 --- [nio-8080-exec-3] o.s.s.w.u.matcher.AntPathRequestMatcher : Checking match of request : '/login'; against '/'
2018-07-04 21:59:19.308 DEBUG 7128 --- [nio-8080-exec-3] o.s.s.w.u.matcher.AntPathRequestMatcher : Checking match of request : '/login'; against '/login'
2018-07-04 21:59:19.308 DEBUG 7128 --- [nio-8080-exec-3] o.s.s.w.a.i.FilterSecurityInterceptor : Secure object: FilterInvocation: URL: /login; Attributes: [permitAll]
2018-07-04 21:59:19.308 DEBUG 7128 --- [nio-8080-exec-3] o.s.s.w.a.i.FilterSecurityInterceptor : Previously Authenticated: org.springframework.security.authentication.AnonymousAuthenticationToken@3793fe54: Principal: anonymousUser; Credentials: [PROTECTED]; Authenticated: true; Details: org.springframework.security.web.authentication.WebAuthenticationDetails@fffde5d4: RemoteIpAddress: 0:0:0:0:0:0:0:1; SessionId: FB5BC6CF44B2064132ADF5A75EE463DD; Granted Authorities: ROLE_ANONYMOUS
2018-07-04 21:59:19.309 DEBUG 7128 --- [nio-8080-exec-3] o.s.s.access.vote.AffirmativeBased : Voter: org.springframework.security.web.access.expression.WebExpressionVoter@7cbce1e2, returned: 1
2018-07-04 21:59:19.310 DEBUG 7128 --- [nio-8080-exec-3] o.s.s.w.a.i.FilterSecurityInterceptor : Authorization successful
2018-07-04 21:59:19.310 DEBUG 7128 --- [nio-8080-exec-3] o.s.s.w.a.i.FilterSecurityInterceptor : RunAsManager did not change Authentication object
2018-07-04 21:59:19.310 DEBUG 7128 --- [nio-8080-exec-3] o.s.security.web.FilterChainProxy : /login reached end of additional filter chain; proceeding with original chain
login called2018-07-04 21:59:19.320 DEBUG 7128 --- [nio-8080-exec-3] o.s.s.w.header.writers.HstsHeaderWriter : Not injecting HSTS header since it did not match the requestMatcher org.springframework.security.web.header.writers.HstsHeaderWriter$SecureRequestMatcher@7a1d6f3f
2018-07-04 21:59:19.321 DEBUG 7128 --- [nio-8080-exec-3] w.c.HttpSessionSecurityContextRepository : SecurityContext is empty or contents are anonymous - context will not be stored in HttpSession.
2018-07-04 21:59:19.326 DEBUG 7128 --- [nio-8080-exec-3] o.s.s.w.a.ExceptionTranslationFilter : Chain processed normally
2018-07-04 21:59:19.326 DEBUG 7128 --- [nio-8080-exec-3] s.s.w.c.SecurityContextPersistenceFilter : SecurityContextHolder now cleared, as request processing completed
2018-07-04 21:59:26.605 DEBUG 7128 --- [nio-8080-exec-7] o.s.security.web.FilterChainProxy : /signin at position 1 of 11 in additional filter chain; firing Filter: 'WebAsyncManagerIntegrationFilter'
2018-07-04 21:59:26.606 DEBUG 7128 --- [nio-8080-exec-7] o.s.security.web.FilterChainProxy : /signin at position 2 of 11 in additional filter chain; firing Filter: 'SecurityContextPersistenceFilter'
2018-07-04 21:59:26.607 DEBUG 7128 --- [nio-8080-exec-7] w.c.HttpSessionSecurityContextRepository : HttpSession returned null object for SPRING_SECURITY_CONTEXT
2018-07-04 21:59:26.607 DEBUG 7128 --- [nio-8080-exec-7] w.c.HttpSessionSecurityContextRepository : No SecurityContext was available from the HttpSession: org.apache.catalina.session.StandardSessionFacade@22d63ce1. A new one will be created.
2018-07-04 21:59:26.607 DEBUG 7128 --- [nio-8080-exec-7] o.s.security.web.FilterChainProxy : /signin at position 3 of 11 in additional filter chain; firing Filter: 'HeaderWriterFilter'
2018-07-04 21:59:26.607 DEBUG 7128 --- [nio-8080-exec-7] o.s.security.web.FilterChainProxy : /signin at position 4 of 11 in additional filter chain; firing Filter: 'LogoutFilter'
2018-07-04 21:59:26.607 DEBUG 7128 --- [nio-8080-exec-7] o.s.s.w.u.matcher.AntPathRequestMatcher : Checking match of request : '/signin'; against '/logout'
2018-07-04 21:59:26.608 DEBUG 7128 --- [nio-8080-exec-7] o.s.security.web.FilterChainProxy : /signin at position 5 of 11 in additional filter chain; firing Filter: 'UsernamePasswordAuthenticationFilter'
2018-07-04 21:59:26.608 DEBUG 7128 --- [nio-8080-exec-7] o.s.s.w.u.matcher.AntPathRequestMatcher : Checking match of request : '/signin'; against '/login'
2018-07-04 21:59:26.608 DEBUG 7128 --- [nio-8080-exec-7] o.s.security.web.FilterChainProxy : /signin at position 6 of 11 in additional filter chain; firing Filter: 'RequestCacheAwareFilter'
2018-07-04 21:59:26.609 DEBUG 7128 --- [nio-8080-exec-7] o.s.s.w.s.DefaultSavedRequest : pathInfo: both null (property equals)
2018-07-04 21:59:26.609 DEBUG 7128 --- [nio-8080-exec-7] o.s.s.w.s.DefaultSavedRequest : queryString: both null (property equals)
2018-07-04 21:59:26.610 DEBUG 7128 --- [nio-8080-exec-7] o.s.s.w.s.DefaultSavedRequest : requestURI: arg1=/home; arg2=/signin (property not equals)
2018-07-04 21:59:26.610 DEBUG 7128 --- [nio-8080-exec-7] o.s.s.w.s.HttpSessionRequestCache : saved request doesn't match
2018-07-04 21:59:26.610 DEBUG 7128 --- [nio-8080-exec-7] o.s.security.web.FilterChainProxy : /signin at position 7 of 11 in additional filter chain; firing Filter: 'SecurityContextHolderAwareRequestFilter'
2018-07-04 21:59:26.610 DEBUG 7128 --- [nio-8080-exec-7] o.s.security.web.FilterChainProxy : /signin at position 8 of 11 in additional filter chain; firing Filter: 'AnonymousAuthenticationFilter'
2018-07-04 21:59:26.611 DEBUG 7128 --- [nio-8080-exec-7] o.s.s.w.a.AnonymousAuthenticationFilter : Populated SecurityContextHolder with anonymous token: 'org.springframework.security.authentication.AnonymousAuthenticationToken@3793fe54: Principal: anonymousUser; Credentials: [PROTECTED]; Authenticated: true; Details: org.springframework.security.web.authentication.WebAuthenticationDetails@fffde5d4: RemoteIpAddress: 0:0:0:0:0:0:0:1; SessionId: FB5BC6CF44B2064132ADF5A75EE463DD; Granted Authorities: ROLE_ANONYMOUS'
2018-07-04 21:59:26.611 DEBUG 7128 --- [nio-8080-exec-7] o.s.security.web.FilterChainProxy : /signin at position 9 of 11 in additional filter chain; firing Filter: 'SessionManagementFilter'
2018-07-04 21:59:26.612 DEBUG 7128 --- [nio-8080-exec-7] o.s.security.web.FilterChainProxy : /signin at position 10 of 11 in additional filter chain; firing Filter: 'ExceptionTranslationFilter'
2018-07-04 21:59:26.612 DEBUG 7128 --- [nio-8080-exec-7] o.s.security.web.FilterChainProxy : /signin at position 11 of 11 in additional filter chain; firing Filter: 'FilterSecurityInterceptor'
2018-07-04 21:59:26.612 DEBUG 7128 --- [nio-8080-exec-7] o.s.s.w.u.matcher.AntPathRequestMatcher : Checking match of request : '/signin'; against '/'
2018-07-04 21:59:26.613 DEBUG 7128 --- [nio-8080-exec-7] o.s.s.w.u.matcher.AntPathRequestMatcher : Checking match of request : '/signin'; against '/login'
2018-07-04 21:59:26.613 DEBUG 7128 --- [nio-8080-exec-7] o.s.s.w.u.matcher.AntPathRequestMatcher : Checking match of request : '/signin'; against '/css/**'
2018-07-04 21:59:26.613 DEBUG 7128 --- [nio-8080-exec-7] o.s.s.w.u.matcher.AntPathRequestMatcher : Checking match of request : '/signin'; against '/images/**'
2018-07-04 21:59:26.614 DEBUG 7128 --- [nio-8080-exec-7] o.s.s.w.a.i.FilterSecurityInterceptor : Secure object: FilterInvocation: URL: /signin; Attributes: [authenticated]
2018-07-04 21:59:26.614 DEBUG 7128 --- [nio-8080-exec-7] o.s.s.w.a.i.FilterSecurityInterceptor : Previously Authenticated: org.springframework.security.authentication.AnonymousAuthenticationToken@3793fe54: Principal: anonymousUser; Credentials: [PROTECTED]; Authenticated: true; Details: org.springframework.security.web.authentication.WebAuthenticationDetails@fffde5d4: RemoteIpAddress: 0:0:0:0:0:0:0:1; SessionId: FB5BC6CF44B2064132ADF5A75EE463DD; Granted Authorities: ROLE_ANONYMOUS
2018-07-04 21:59:26.615 DEBUG 7128 --- [nio-8080-exec-7] o.s.s.access.vote.AffirmativeBased : Voter: org.springframework.security.web.access.expression.WebExpressionVoter@7cbce1e2, returned: -1
2018-07-04 21:59:26.618 DEBUG 7128 --- [nio-8080-exec-7] o.s.s.w.a.ExceptionTranslationFilter : Access is denied (user is anonymous); redirecting to authentication entry point
org.springframework.security.access.AccessDeniedException: Access is denied
at org.springframework.security.access.vote.AffirmativeBased.decide(AffirmativeBased.java:84) ~[spring-security-core-5.0.6.RELEASE.jar:5.0.6.RELEASE]
at org.springframework.security.access.intercept.AbstractSecurityInterceptor.beforeInvocation(AbstractSecurityInterceptor.java:233) ~[spring-security-core-5.0.6.RELEASE.jar:5.0.6.RELEASE]
at org.springframework.security.web.access.intercept.FilterSecurityInterceptor.invoke(FilterSecurityInterceptor.java:124) ~[spring-security-web-5.0.6.RELEASE.jar:5.0.6.RELEASE]
at org.springframework.security.web.access.intercept.FilterSecurityInterceptor.doFilter(FilterSecurityInterceptor.java:91) ~[spring-security-web-5.0.6.RELEASE.jar:5.0.6.RELEASE]
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334) [spring-security-web-5.0.6.RELEASE.jar:5.0.6.RELEASE]
at org.springframework.security.web.access.ExceptionTranslationFilter.doFilter(ExceptionTranslationFilter.java:119) ~[spring-security-web-5.0.6.RELEASE.jar:5.0.6.RELEASE]
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334) [spring-security-web-5.0.6.RELEASE.jar:5.0.6.RELEASE]
at org.springframework.security.web.session.SessionManagementFilter.doFilter(SessionManagementFilter.java:137) [spring-security-web-5.0.6.RELEASE.jar:5.0.6.RELEASE]
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334) [spring-security-web-5.0.6.RELEASE.jar:5.0.6.RELEASE]
at org.springframework.security.web.authentication.AnonymousAuthenticationFilter.doFilter(AnonymousAuthenticationFilter.java:111) [spring-security-web-5.0.6.RELEASE.jar:5.0.6.RELEASE]
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334) [spring-security-web-5.0.6.RELEASE.jar:5.0.6.RELEASE]
at org.springframework.security.web.servletapi.SecurityContextHolderAwareRequestFilter.doFilter(SecurityContextHolderAwareRequestFilter.java:170) [spring-security-web-5.0.6.RELEASE.jar:5.0.6.RELEASE]
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334) [spring-security-web-5.0.6.RELEASE.jar:5.0.6.RELEASE]
at org.springframework.security.web.savedrequest.RequestCacheAwareFilter.doFilter(RequestCacheAwareFilter.java:63) [spring-security-web-5.0.6.RELEASE.jar:5.0.6.RELEASE]
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334) [spring-security-web-5.0.6.RELEASE.jar:5.0.6.RELEASE]
at org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter.doFilter(AbstractAuthenticationProcessingFilter.java:200) [spring-security-web-5.0.6.RELEASE.jar:5.0.6.RELEASE]
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334) [spring-security-web-5.0.6.RELEASE.jar:5.0.6.RELEASE]
at org.springframework.security.web.authentication.logout.LogoutFilter.doFilter(LogoutFilter.java:116) [spring-security-web-5.0.6.RELEASE.jar:5.0.6.RELEASE]
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334) [spring-security-web-5.0.6.RELEASE.jar:5.0.6.RELEASE]
at org.springframework.security.web.header.HeaderWriterFilter.doFilterInternal(HeaderWriterFilter.java:66) [spring-security-web-5.0.6.RELEASE.jar:5.0.6.RELEASE]
at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107) [spring-web-5.0.7.RELEASE.jar:5.0.7.RELEASE]
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334) [spring-security-web-5.0.6.RELEASE.jar:5.0.6.RELEASE]
at org.springframework.security.web.context.SecurityContextPersistenceFilter.doFilter(SecurityContextPersistenceFilter.java:105) [spring-security-web-5.0.6.RELEASE.jar:5.0.6.RELEASE]
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334) [spring-security-web-5.0.6.RELEASE.jar:5.0.6.RELEASE]
at org.springframework.security.web.context.request.async.WebAsyncManagerIntegrationFilter.doFilterInternal(WebAsyncManagerIntegrationFilter.java:56) [spring-security-web-5.0.6.RELEASE.jar:5.0.6.RELEASE]
at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107) [spring-web-5.0.7.RELEASE.jar:5.0.7.RELEASE]
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334) [spring-security-web-5.0.6.RELEASE.jar:5.0.6.RELEASE]
at org.springframework.security.web.FilterChainProxy.doFilterInternal(FilterChainProxy.java:215) [spring-security-web-5.0.6.RELEASE.jar:5.0.6.RELEASE]
at org.springframework.security.web.FilterChainProxy.doFilter(FilterChainProxy.java:178) [spring-security-web-5.0.6.RELEASE.jar:5.0.6.RELEASE]
at org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:357) [spring-web-5.0.7.RELEASE.jar:5.0.7.RELEASE]
at org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:270) [spring-web-5.0.7.RELEASE.jar:5.0.7.RELEASE]
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193) [tomcat-embed-core-8.5.31.jar:8.5.31]
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166) [tomcat-embed-core-8.5.31.jar:8.5.31]
at org.springframework.web.filter.RequestContextFilter.doFilterInternal(RequestContextFilter.java:99) [spring-web-5.0.7.RELEASE.jar:5.0.7.RELEASE]
at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107) [spring-web-5.0.7.RELEASE.jar:5.0.7.RELEASE]
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193) [tomcat-embed-core-8.5.31.jar:8.5.31]
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166) [tomcat-embed-core-8.5.31.jar:8.5.31]
at org.springframework.web.filter.HttpPutFormContentFilter.doFilterInternal(HttpPutFormContentFilter.java:109) [spring-web-5.0.7.RELEASE.jar:5.0.7.RELEASE]
at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107) [spring-web-5.0.7.RELEASE.jar:5.0.7.RELEASE]
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193) [tomcat-embed-core-8.5.31.jar:8.5.31]
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166) [tomcat-embed-core-8.5.31.jar:8.5.31]
at org.springframework.web.filter.HiddenHttpMethodFilter.doFilterInternal(HiddenHttpMethodFilter.java:93) [spring-web-5.0.7.RELEASE.jar:5.0.7.RELEASE]
at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107) [spring-web-5.0.7.RELEASE.jar:5.0.7.RELEASE]
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193) [tomcat-embed-core-8.5.31.jar:8.5.31]
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166) [tomcat-embed-core-8.5.31.jar:8.5.31]
at org.springframework.web.filter.CharacterEncodingFilter.doFilterInternal(CharacterEncodingFilter.java:200) [spring-web-5.0.7.RELEASE.jar:5.0.7.RELEASE]
at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107) [spring-web-5.0.7.RELEASE.jar:5.0.7.RELEASE]
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193) [tomcat-embed-core-8.5.31.jar:8.5.31]
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166) [tomcat-embed-core-8.5.31.jar:8.5.31]
at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:198) [tomcat-embed-core-8.5.31.jar:8.5.31]
at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:96) [tomcat-embed-core-8.5.31.jar:8.5.31]
at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:496) [tomcat-embed-core-8.5.31.jar:8.5.31]
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:140) [tomcat-embed-core-8.5.31.jar:8.5.31]
at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:81) [tomcat-embed-core-8.5.31.jar:8.5.31]
at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:87) [tomcat-embed-core-8.5.31.jar:8.5.31]
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:342) [tomcat-embed-core-8.5.31.jar:8.5.31]
at org.apache.coyote.http11.Http11Processor.service(Http11Processor.java:803) [tomcat-embed-core-8.5.31.jar:8.5.31]
at org.apache.coyote.AbstractProcessorLight.process(AbstractProcessorLight.java:66) [tomcat-embed-core-8.5.31.jar:8.5.31]
at org.apache.coyote.AbstractProtocol$ConnectionHandler.process(AbstractProtocol.java:790) [tomcat-embed-core-8.5.31.jar:8.5.31]
at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1468) [tomcat-embed-core-8.5.31.jar:8.5.31]
at org.apache.tomcat.util.net.SocketProcessorBase.run(SocketProcessorBase.java:49) [tomcat-embed-core-8.5.31.jar:8.5.31]
at java.util.concurrent.ThreadPoolExecutor.runWorker(Unknown Source) [na:1.8.0_162]
at java.util.concurrent.ThreadPoolExecutor$Worker.run(Unknown Source) [na:1.8.0_162]
at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61) [tomcat-embed-core-8.5.31.jar:8.5.31]
at java.lang.Thread.run(Unknown Source) [na:1.8.0_162]
.and().formLogin()
.loginPage("/login")
.loginProcessingUrl("/login")
.failureUrl("/login?error=true")
.defaultSuccessUrl("/default") // add page where to navigate after login
.usernameParameter("username") // make sure your form has correct params
.passwordParameter("password") // make sure your form has correct params
.permitAll() // allow access
@GetMapping(value = "/login")
public ModelAndView login(@RequestParam(value = "error", required = false) String error,
@RequestParam(value = "logout", required = false) String logout) {
logger.info("Login(error): {}", error);
logger.info("Login(logout): {}", logout);
ModelAndView model = new ModelAndView();
if (error != null) {
model.addObject("error", "Invalid username/password");
}
if (logout != null) {
model.addObject("message", "Logged out");
}
model.setViewName("login");
return model;
}
@GetMapping("/default")
public String defaultAfterLogin(HttpServletRequest httpServletRequest) {
return "redirect:/";
}