Spring boot 如何启用spring安全身份验证?

Spring boot 如何启用spring安全身份验证?,spring-boot,spring-security,Spring Boot,Spring Security,我正在使用SpringSecurity5和SpringBoot2.0.0 我想使用permitAll进行用户身份验证,但它不起作用。我想访问“localhost:9090/hello”,但总是重定向到“localhost:9090/login” 如何使用spring security进行用户身份验证 我如下配置了Web安全性 @Configuration @EnableWebSecurity public class WebSecurityConfig extends WebSecurityCo

我正在使用SpringSecurity5和SpringBoot2.0.0

我想使用permitAll进行用户身份验证,但它不起作用。我想访问“localhost:9090/hello”,但总是重定向到“localhost:9090/login”

如何使用spring security进行用户身份验证

我如下配置了Web安全性

@Configuration
@EnableWebSecurity
public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
    @Override
    protected void configure(HttpSecurity http) throws Exception {
        http.authorizeRequests()
            .antMatchers("/hello").permitAll()
            .anyRequest().authenticated();
        }
    @Bean
    @Override
    public UserDetailsService userDetailsService() {
        UserDetails user =
             User.withDefaultPasswordEncoder()
                .username("user")
                .password("password")
                .roles("USER")
                .build();

        return new InMemoryUserDetailsManager(user);
    }
}
/src/main/resources/application.properties

server.port=9090
spring.datasource.driver-class-name=com.mysql.jdbc.Driver
spring.datasource.url=jdbc:mysql://localhost:3306/dev_db
spring.datasource.username=sa
spring.datasource.password=
spring.flyway.url=jdbc:mysql://localhost:3306/dev_db
spring.flyway.user=sa
spring.flyway.password=
spring.flyway.baselineVersion=1
spring.flyway.baseline-on-migrate=false
spring.messages.basename=messages
spring.messages.cache-duration=-1
spring.messages.encoding=UTF-8
spring.security.user.name=user
spring.security.user.password=password
logging.level.org.springframework.security=DEBUG
/src/main/resources/templates/hello.html

<!DOCTYPE html>
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:th="http://www.thymeleaf.org"
      xmlns:sec="http://www.thymeleaf.org/thymeleaf-extras-springsecurity3">
    <head><title>Hello World!</title></head>
    <body>
        <h1 th:inline="text">Hello [[${#httpServletRequest.remoteUser}]]!</h1>
        <form th:action="@{/logout}" method="post">
            <input type="submit" value="Sign Out"/>
        </form>
    </body></html> 
我有Springboot应用程序文件

package com.example;

@Configuration
@ComponentScan(basePackages = {"com.example"})
public class TestWebConfig implements WebMvcConfigurer, ApplicationContextAware {
    private ApplicationContext applicationContext;
    @Override
    public void setApplicationContext(ApplicationContext applicationContext) throws BeansException {
        this.applicationContext = applicationContext;
    }
}
@EntityScan({"com.example.stock","com.example.item"})
@SpringBootApplication(scanBasePackages={"com.example.stock","com.example.item"})
public class WebApplication {
    public static void main(String[] args) {
        SpringApplication.run(WebApplication.class, args);
    }
    @Bean
    public MessageSource messageSource() {
        ReloadableResourceBundleMessageSource messageSource = new ReloadableResourceBundleMessageSource();
        messageSource.setBasename("classpath:messages");
        messageSource.setDefaultEncoding("UTF-8");
        return messageSource;
    }
    @Bean
    public LocalValidatorFactoryBean validator() {
        LocalValidatorFactoryBean bean = new LocalValidatorFactoryBean();
        bean.setValidationMessageSource(messageSource());
        return bean;
    }
}
安全日志在下面

22:35:15.345 [http-nio-9090-exec-6] DEBUG o.s.security.web.FilterChainProxy - /hello at position 1 of 14 in additional filter chain; firing Filter: 'WebAsyncManagerIntegrationFilter'
22:35:15.345 [http-nio-9090-exec-6] DEBUG o.s.security.web.FilterChainProxy - /hello at position 2 of 14 in additional filter chain; firing Filter: 'SecurityContextPersistenceFilter'
22:35:15.345 [http-nio-9090-exec-6] DEBUG o.s.s.w.c.HttpSessionSecurityContextRepository - HttpSession returned null object for SPRING_SECURITY_CONTEXT
22:35:15.345 [http-nio-9090-exec-6] DEBUG o.s.s.w.c.HttpSessionSecurityContextRepository - No SecurityContext was available from the HttpSession: org.apache.catalina.session.StandardSessionFacade@49c5a76. A new one will be created.
22:35:15.345 [http-nio-9090-exec-6] DEBUG o.s.security.web.FilterChainProxy - /hello at position 3 of 14 in additional filter chain; firing Filter: 'HeaderWriterFilter'
22:35:15.345 [http-nio-9090-exec-6] DEBUG o.s.security.web.FilterChainProxy - /hello at position 4 of 14 in additional filter chain; firing Filter: 'CsrfFilter'
22:35:15.345 [http-nio-9090-exec-6] DEBUG o.s.security.web.FilterChainProxy - /hello at position 5 of 14 in additional filter chain; firing Filter: 'LogoutFilter'
22:35:15.345 [http-nio-9090-exec-6] DEBUG o.s.s.w.u.m.AntPathRequestMatcher - Request 'GET /hello' doesn't match 'POST /logout
22:35:15.345 [http-nio-9090-exec-6] DEBUG o.s.security.web.FilterChainProxy - /hello at position 6 of 14 in additional filter chain; firing Filter: 'UsernamePasswordAuthenticationFilter'
22:35:15.345 [http-nio-9090-exec-6] DEBUG o.s.s.w.u.m.AntPathRequestMatcher - Request 'GET /hello' doesn't match 'POST /login
22:35:15.345 [http-nio-9090-exec-6] DEBUG o.s.security.web.FilterChainProxy - /hello at position 7 of 14 in additional filter chain; firing Filter: 'DefaultLoginPageGeneratingFilter'
22:35:15.345 [http-nio-9090-exec-6] DEBUG o.s.security.web.FilterChainProxy - /hello at position 8 of 14 in additional filter chain; firing Filter: 'BasicAuthenticationFilter'
22:35:15.345 [http-nio-9090-exec-6] DEBUG o.s.security.web.FilterChainProxy - /hello at position 9 of 14 in additional filter chain; firing Filter: 'RequestCacheAwareFilter'
22:35:15.345 [http-nio-9090-exec-6] DEBUG o.s.s.w.s.DefaultSavedRequest - pathInfo: both null (property equals)
22:35:15.345 [http-nio-9090-exec-6] DEBUG o.s.s.w.s.DefaultSavedRequest - queryString: both null (property equals)
22:35:15.345 [http-nio-9090-exec-6] DEBUG o.s.s.w.s.DefaultSavedRequest - requestURI: arg1=/; arg2=/hello (property not equals)
22:35:15.345 [http-nio-9090-exec-6] DEBUG o.s.s.w.s.HttpSessionRequestCache - saved request doesn't match
22:35:15.345 [http-nio-9090-exec-6] DEBUG o.s.security.web.FilterChainProxy - /hello at position 10 of 14 in additional filter chain; firing Filter: 'SecurityContextHolderAwareRequestFilter'
22:35:15.345 [http-nio-9090-exec-6] DEBUG o.s.security.web.FilterChainProxy - /hello at position 11 of 14 in additional filter chain; firing Filter: 'AnonymousAuthenticationFilter'
22:35:15.345 [http-nio-9090-exec-6] DEBUG o.s.s.w.a.AnonymousAuthenticationFilter - Populated SecurityContextHolder with anonymous token: 'org.springframework.security.authentication.AnonymousAuthenticationToken@b841c1bc: Principal: anonymousUser; Credentials: [PROTECTED]; Authenticated: true; Details: org.springframework.security.web.authentication.WebAuthenticationDetails@b364: RemoteIpAddress: 0:0:0:0:0:0:0:1; SessionId: 2D91FF16856148858B7FA31A6FDB958F; Granted Authorities: ROLE_ANONYMOUS'
22:35:15.345 [http-nio-9090-exec-6] DEBUG o.s.security.web.FilterChainProxy - /hello at position 12 of 14 in additional filter chain; firing Filter: 'SessionManagementFilter'
22:35:15.345 [http-nio-9090-exec-6] DEBUG o.s.security.web.FilterChainProxy - /hello at position 13 of 14 in additional filter chain; firing Filter: 'ExceptionTranslationFilter'
22:35:15.345 [http-nio-9090-exec-6] DEBUG o.s.security.web.FilterChainProxy - /hello at position 14 of 14 in additional filter chain; firing Filter: 'FilterSecurityInterceptor'
22:35:15.346 [http-nio-9090-exec-6] DEBUG o.s.s.w.a.i.FilterSecurityInterceptor - Secure object: FilterInvocation: URL: /hello; Attributes: [authenticated]
22:35:15.346 [http-nio-9090-exec-6] DEBUG o.s.s.w.a.i.FilterSecurityInterceptor - Previously Authenticated: org.springframework.security.authentication.AnonymousAuthenticationToken@b841c1bc: Principal: anonymousUser; Credentials: [PROTECTED]; Authenticated: true; Details: org.springframework.security.web.authentication.WebAuthenticationDetails@b364: RemoteIpAddress: 0:0:0:0:0:0:0:1; SessionId: 2D91FF16856148858B7FA31A6FDB958F; Granted Authorities: ROLE_ANONYMOUS
22:35:15.346 [http-nio-9090-exec-6] DEBUG o.s.s.access.vote.AffirmativeBased - Voter: org.springframework.security.web.access.expression.WebExpressionVoter@a3ce3d, returned: -1
22:35:15.346 [http-nio-9090-exec-6] DEBUG o.s.s.w.a.ExceptionTranslationFilter - Access is denied (user is anonymous); redirecting to authentication entry point
org.springframework.security.access.AccessDeniedException: Access is denied
    at org.springframework.security.access.vote.AffirmativeBased.decide(AffirmativeBased.java:84)
    at org.springframework.security.access.intercept.AbstractSecurityInterceptor.beforeInvocation(AbstractSecurityInterceptor.java:233)
    at org.springframework.security.web.access.intercept.FilterSecurityInterceptor.invoke(FilterSecurityInterceptor.java:124)
    at org.springframework.security.web.access.intercept.FilterSecurityInterceptor.doFilter(FilterSecurityInterceptor.java:91)
    at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334)
    at org.springframework.security.web.access.ExceptionTranslationFilter.doFilter(ExceptionTranslationFilter.java:119)
    at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334)
    at org.springframework.security.web.session.SessionManagementFilter.doFilter(SessionManagementFilter.java:137)
    at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334)
    at org.springframework.security.web.authentication.AnonymousAuthenticationFilter.doFilter(AnonymousAuthenticationFilter.java:111)
    at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334)
    at org.springframework.security.web.servletapi.SecurityContextHolderAwareRequestFilter.doFilter(SecurityContextHolderAwareRequestFilter.java:170)
    at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334)
    at org.springframework.security.web.savedrequest.RequestCacheAwareFilter.doFilter(RequestCacheAwareFilter.java:63)
    at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334)
    at org.springframework.security.web.authentication.www.BasicAuthenticationFilter.doFilterInternal(BasicAuthenticationFilter.java:158)
    at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107)
    at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334)
    at org.springframework.security.web.authentication.ui.DefaultLoginPageGeneratingFilter.doFilter(DefaultLoginPageGeneratingFilter.java:204)
    at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334)
    at org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter.doFilter(AbstractAuthenticationProcessingFilter.java:200)
    at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334)
    at org.springframework.security.web.authentication.logout.LogoutFilter.doFilter(LogoutFilter.java:116)
    at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334)
    at org.springframework.security.web.csrf.CsrfFilter.doFilterInternal(CsrfFilter.java:100)
    at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107)
    at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334)
    at org.springframework.security.web.header.HeaderWriterFilter.doFilterInternal(HeaderWriterFilter.java:66)
    at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107)
    at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334)
    at org.springframework.security.web.context.SecurityContextPersistenceFilter.doFilter(SecurityContextPersistenceFilter.java:105)
    at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334)
    at org.springframework.security.web.context.request.async.WebAsyncManagerIntegrationFilter.doFilterInternal(WebAsyncManagerIntegrationFilter.java:56)
    at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107)
    at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334)
    at org.springframework.security.web.FilterChainProxy.doFilterInternal(FilterChainProxy.java:215)
    at org.springframework.security.web.FilterChainProxy.doFilter(FilterChainProxy.java:178)
    at org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:357)
    at org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:270)
    at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
    at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
    at org.springframework.web.filter.RequestContextFilter.doFilterInternal(RequestContextFilter.java:99)
    at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107)
    at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
    at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
    at org.springframework.web.filter.HttpPutFormContentFilter.doFilterInternal(HttpPutFormContentFilter.java:109)
    at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107)
    at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
    at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
    at org.springframework.web.filter.HiddenHttpMethodFilter.doFilterInternal(HiddenHttpMethodFilter.java:81)
    at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107)
    at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
    at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
    at org.springframework.web.filter.CharacterEncodingFilter.doFilterInternal(CharacterEncodingFilter.java:200)
    at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107)
    at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
    at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
    at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:199)
    at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:96)
    at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:496)
    at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:140)
    at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:81)
    at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:87)
    at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:342)
    at org.apache.coyote.http11.Http11Processor.service(Http11Processor.java:803)
    at org.apache.coyote.AbstractProcessorLight.process(AbstractProcessorLight.java:66)
    at org.apache.coyote.AbstractProtocol$ConnectionHandler.process(AbstractProtocol.java:790)
    at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1459)
    at org.apache.tomcat.util.net.SocketProcessorBase.run(SocketProcessorBase.java:49)
    at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149)
    at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624)
    at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61)
    at java.lang.Thread.run(Thread.java:748)
22:35:15.346 [http-nio-9090-exec-6] DEBUG o.s.s.w.u.matcher.AndRequestMatcher - Trying to match using Ant [pattern='/**', GET]
22:35:15.347 [http-nio-9090-exec-6] DEBUG o.s.s.w.u.m.AntPathRequestMatcher - Request '/hello' matched by universal pattern '/**'
22:35:15.347 [http-nio-9090-exec-6] DEBUG o.s.s.w.u.matcher.AndRequestMatcher - Trying to match using NegatedRequestMatcher [requestMatcher=Ant [pattern='/**/favicon.ico']]
22:35:15.347 [http-nio-9090-exec-6] DEBUG o.s.s.w.u.m.AntPathRequestMatcher - Checking match of request : '/hello'; against '/**/favicon.ico'
22:35:15.347 [http-nio-9090-exec-6] DEBUG o.s.s.w.u.m.NegatedRequestMatcher - matches = true
22:35:15.347 [http-nio-9090-exec-6] DEBUG o.s.s.w.u.matcher.AndRequestMatcher - Trying to match using NegatedRequestMatcher [requestMatcher=MediaTypeRequestMatcher [contentNegotiationStrategy=org.springframework.web.accept.ContentNegotiationManager@356a6f1e, matchingMediaTypes=[application/json], useEquals=false, ignoredMediaTypes=[*/*]]]
22:35:15.347 [http-nio-9090-exec-6] DEBUG o.s.s.w.u.m.MediaTypeRequestMatcher - httpRequestMediaTypes=[text/html, application/xhtml+xml, application/xml;q=0.9, */*;q=0.8]
22:35:15.347 [http-nio-9090-exec-6] DEBUG o.s.s.w.u.m.MediaTypeRequestMatcher - Processing text/html
22:35:15.347 [http-nio-9090-exec-6] DEBUG o.s.s.w.u.m.MediaTypeRequestMatcher - application/json .isCompatibleWith text/html = false
22:35:15.347 [http-nio-9090-exec-6] DEBUG o.s.s.w.u.m.MediaTypeRequestMatcher - Processing application/xhtml+xml
22:35:15.347 [http-nio-9090-exec-6] DEBUG o.s.s.w.u.m.MediaTypeRequestMatcher - application/json .isCompatibleWith application/xhtml+xml = false
22:35:15.347 [http-nio-9090-exec-6] DEBUG o.s.s.w.u.m.MediaTypeRequestMatcher - Processing application/xml;q=0.9
22:35:15.347 [http-nio-9090-exec-6] DEBUG o.s.s.w.u.m.MediaTypeRequestMatcher - application/json .isCompatibleWith application/xml;q=0.9 = false
22:35:15.347 [http-nio-9090-exec-6] DEBUG o.s.s.w.u.m.MediaTypeRequestMatcher - Processing */*;q=0.8
22:35:15.347 [http-nio-9090-exec-6] DEBUG o.s.s.w.u.m.MediaTypeRequestMatcher - Ignoring
22:35:15.347 [http-nio-9090-exec-6] DEBUG o.s.s.w.u.m.MediaTypeRequestMatcher - Did not match any media types
22:35:15.347 [http-nio-9090-exec-6] DEBUG o.s.s.w.u.m.NegatedRequestMatcher - matches = true
22:35:15.347 [http-nio-9090-exec-6] DEBUG o.s.s.w.u.matcher.AndRequestMatcher - Trying to match using NegatedRequestMatcher [requestMatcher=RequestHeaderRequestMatcher [expectedHeaderName=X-Requested-With, expectedHeaderValue=XMLHttpRequest]]
22:35:15.347 [http-nio-9090-exec-6] DEBUG o.s.s.w.u.m.NegatedRequestMatcher - matches = true
22:35:15.347 [http-nio-9090-exec-6] DEBUG o.s.s.w.u.matcher.AndRequestMatcher - All requestMatchers returned true
22:35:15.347 [http-nio-9090-exec-6] DEBUG o.s.s.w.s.HttpSessionRequestCache - DefaultSavedRequest added to Session: DefaultSavedRequest[http://localhost:9090/hello]
22:35:15.347 [http-nio-9090-exec-6] DEBUG o.s.s.w.a.ExceptionTranslationFilter - Calling Authentication entry point.
22:35:15.347 [http-nio-9090-exec-6] DEBUG o.s.s.w.a.DelegatingAuthenticationEntryPoint - Trying to match using AndRequestMatcher [requestMatchers=[NegatedRequestMatcher [requestMatcher=RequestHeaderRequestMatcher [expectedHeaderName=X-Requested-With, expectedHeaderValue=XMLHttpRequest]], MediaTypeRequestMatcher [contentNegotiationStrategy=org.springframework.web.accept.ContentNegotiationManager@356a6f1e, matchingMediaTypes=[application/xhtml+xml, image/*, text/html, text/plain], useEquals=false, ignoredMediaTypes=[*/*]]]]
22:35:15.347 [http-nio-9090-exec-6] DEBUG o.s.s.w.u.matcher.AndRequestMatcher - Trying to match using NegatedRequestMatcher [requestMatcher=RequestHeaderRequestMatcher [expectedHeaderName=X-Requested-With, expectedHeaderValue=XMLHttpRequest]]
22:35:15.347 [http-nio-9090-exec-6] DEBUG o.s.s.w.u.m.NegatedRequestMatcher - matches = true
22:35:15.347 [http-nio-9090-exec-6] DEBUG o.s.s.w.u.matcher.AndRequestMatcher - Trying to match using MediaTypeRequestMatcher [contentNegotiationStrategy=org.springframework.web.accept.ContentNegotiationManager@356a6f1e, matchingMediaTypes=[application/xhtml+xml, image/*, text/html, text/plain], useEquals=false, ignoredMediaTypes=[*/*]]
22:35:15.347 [http-nio-9090-exec-6] DEBUG o.s.s.w.u.m.MediaTypeRequestMatcher - httpRequestMediaTypes=[text/html, application/xhtml+xml, application/xml;q=0.9, */*;q=0.8]
22:35:15.347 [http-nio-9090-exec-6] DEBUG o.s.s.w.u.m.MediaTypeRequestMatcher - Processing text/html
22:35:15.347 [http-nio-9090-exec-6] DEBUG o.s.s.w.u.m.MediaTypeRequestMatcher - application/xhtml+xml .isCompatibleWith text/html = false
22:35:15.347 [http-nio-9090-exec-6] DEBUG o.s.s.w.u.m.MediaTypeRequestMatcher - image/* .isCompatibleWith text/html = false
22:35:15.347 [http-nio-9090-exec-6] DEBUG o.s.s.w.u.m.MediaTypeRequestMatcher - text/html .isCompatibleWith text/html = true
22:35:15.347 [http-nio-9090-exec-6] DEBUG o.s.s.w.u.matcher.AndRequestMatcher - All requestMatchers returned true
22:35:15.347 [http-nio-9090-exec-6] DEBUG o.s.s.w.a.DelegatingAuthenticationEntryPoint - Match found! Executing org.springframework.security.web.authentication.LoginUrlAuthenticationEntryPoint@816fe85
22:35:15.347 [http-nio-9090-exec-6] DEBUG o.s.s.web.DefaultRedirectStrategy - Redirecting to 'http://localhost:9090/login'
22:35:15.347 [http-nio-9090-exec-6] DEBUG o.s.s.w.h.writers.HstsHeaderWriter - Not injecting HSTS header since it did not match the requestMatcher org.springframework.security.web.header.writers.HstsHeaderWriter$SecureRequestMatcher@258eaf02
22:35:15.347 [http-nio-9090-exec-6] DEBUG o.s.s.w.c.HttpSessionSecurityContextRepository - SecurityContext is empty or contents are anonymous - context will not be stored in HttpSession.
22:35:15.348 [http-nio-9090-exec-6] DEBUG o.s.s.w.c.SecurityContextPersistenceFilter - SecurityContextHolder now cleared, as request processing completed
22:35:15.355 [http-nio-9090-exec-7] DEBUG o.s.security.web.FilterChainProxy - /login at position 1 of 14 in additional filter chain; firing Filter: 'WebAsyncManagerIntegrationFilter'
22:35:15.355 [http-nio-9090-exec-7] DEBUG o.s.security.web.FilterChainProxy - /login at position 2 of 14 in additional filter chain; firing Filter: 'SecurityContextPersistenceFilter'
22:35:15.355 [http-nio-9090-exec-7] DEBUG o.s.s.w.c.HttpSessionSecurityContextRepository - HttpSession returned null object for SPRING_SECURITY_CONTEXT
22:35:15.355 [http-nio-9090-exec-7] DEBUG o.s.s.w.c.HttpSessionSecurityContextRepository - No SecurityContext was available from the HttpSession: org.apache.catalina.session.StandardSessionFacade@49c5a76. A new one will be created.
22:35:15.355 [http-nio-9090-exec-7] DEBUG o.s.security.web.FilterChainProxy - /login at position 3 of 14 in additional filter chain; firing Filter: 'HeaderWriterFilter'
22:35:15.356 [http-nio-9090-exec-7] DEBUG o.s.security.web.FilterChainProxy - /login at position 4 of 14 in additional filter chain; firing Filter: 'CsrfFilter'
22:35:15.356 [http-nio-9090-exec-7] DEBUG o.s.security.web.FilterChainProxy - /login at position 5 of 14 in additional filter chain; firing Filter: 'LogoutFilter'
22:35:15.356 [http-nio-9090-exec-7] DEBUG o.s.s.w.u.m.AntPathRequestMatcher - Request 'GET /login' doesn't match 'POST /logout
22:35:15.356 [http-nio-9090-exec-7] DEBUG o.s.security.web.FilterChainProxy - /login at position 6 of 14 in additional filter chain; firing Filter: 'UsernamePasswordAuthenticationFilter'
22:35:15.356 [http-nio-9090-exec-7] DEBUG o.s.s.w.u.m.AntPathRequestMatcher - Request 'GET /login' doesn't match 'POST /login
22:35:15.356 [http-nio-9090-exec-7] DEBUG o.s.security.web.FilterChainProxy - /login at position 7 of 14 in additional filter chain; firing Filter: 'DefaultLoginPageGeneratingFilter'
22:35:15.356 [http-nio-9090-exec-7] DEBUG o.s.s.w.h.writers.HstsHeaderWriter - Not injecting HSTS header since it did not match the requestMatcher org.springframework.security.web.header.writers.HstsHeaderWriter$SecureRequestMatcher@258eaf02
22:35:15.356 [http-nio-9090-exec-7] DEBUG o.s.s.w.c.HttpSessionSecurityContextRepository - SecurityContext is empty or contents are anonymous - context will not be stored in HttpSession.
22:35:15.356 [http-nio-9090-exec-7] DEBUG o.s.s.w.c.SecurityContextPersistenceFilter - SecurityContextHolder now cleared, as request processing completed

看起来您的安全配置根本没有被接受。你有

@SpringBootApplication(scanBasePackages={"com.example.stock","com.example.item"})

在你的主课上。您的安全配置在包
com.example
中。因此,不会创建此类的bean,也不会应用配置。

可能会重复@dur Thank mate。。。无论如何,我认为OP没有做足够的研究。。。希望有人能为你这样做him@dur我没有使用WebSecurityConfigureAdapter的其他文件。我需要创建用户类吗?@dur WebSecurityConfig与WebApplication.class位于同一个包中
22:35:15.345 [http-nio-9090-exec-6] DEBUG o.s.security.web.FilterChainProxy - /hello at position 1 of 14 in additional filter chain; firing Filter: 'WebAsyncManagerIntegrationFilter'
22:35:15.345 [http-nio-9090-exec-6] DEBUG o.s.security.web.FilterChainProxy - /hello at position 2 of 14 in additional filter chain; firing Filter: 'SecurityContextPersistenceFilter'
22:35:15.345 [http-nio-9090-exec-6] DEBUG o.s.s.w.c.HttpSessionSecurityContextRepository - HttpSession returned null object for SPRING_SECURITY_CONTEXT
22:35:15.345 [http-nio-9090-exec-6] DEBUG o.s.s.w.c.HttpSessionSecurityContextRepository - No SecurityContext was available from the HttpSession: org.apache.catalina.session.StandardSessionFacade@49c5a76. A new one will be created.
22:35:15.345 [http-nio-9090-exec-6] DEBUG o.s.security.web.FilterChainProxy - /hello at position 3 of 14 in additional filter chain; firing Filter: 'HeaderWriterFilter'
22:35:15.345 [http-nio-9090-exec-6] DEBUG o.s.security.web.FilterChainProxy - /hello at position 4 of 14 in additional filter chain; firing Filter: 'CsrfFilter'
22:35:15.345 [http-nio-9090-exec-6] DEBUG o.s.security.web.FilterChainProxy - /hello at position 5 of 14 in additional filter chain; firing Filter: 'LogoutFilter'
22:35:15.345 [http-nio-9090-exec-6] DEBUG o.s.s.w.u.m.AntPathRequestMatcher - Request 'GET /hello' doesn't match 'POST /logout
22:35:15.345 [http-nio-9090-exec-6] DEBUG o.s.security.web.FilterChainProxy - /hello at position 6 of 14 in additional filter chain; firing Filter: 'UsernamePasswordAuthenticationFilter'
22:35:15.345 [http-nio-9090-exec-6] DEBUG o.s.s.w.u.m.AntPathRequestMatcher - Request 'GET /hello' doesn't match 'POST /login
22:35:15.345 [http-nio-9090-exec-6] DEBUG o.s.security.web.FilterChainProxy - /hello at position 7 of 14 in additional filter chain; firing Filter: 'DefaultLoginPageGeneratingFilter'
22:35:15.345 [http-nio-9090-exec-6] DEBUG o.s.security.web.FilterChainProxy - /hello at position 8 of 14 in additional filter chain; firing Filter: 'BasicAuthenticationFilter'
22:35:15.345 [http-nio-9090-exec-6] DEBUG o.s.security.web.FilterChainProxy - /hello at position 9 of 14 in additional filter chain; firing Filter: 'RequestCacheAwareFilter'
22:35:15.345 [http-nio-9090-exec-6] DEBUG o.s.s.w.s.DefaultSavedRequest - pathInfo: both null (property equals)
22:35:15.345 [http-nio-9090-exec-6] DEBUG o.s.s.w.s.DefaultSavedRequest - queryString: both null (property equals)
22:35:15.345 [http-nio-9090-exec-6] DEBUG o.s.s.w.s.DefaultSavedRequest - requestURI: arg1=/; arg2=/hello (property not equals)
22:35:15.345 [http-nio-9090-exec-6] DEBUG o.s.s.w.s.HttpSessionRequestCache - saved request doesn't match
22:35:15.345 [http-nio-9090-exec-6] DEBUG o.s.security.web.FilterChainProxy - /hello at position 10 of 14 in additional filter chain; firing Filter: 'SecurityContextHolderAwareRequestFilter'
22:35:15.345 [http-nio-9090-exec-6] DEBUG o.s.security.web.FilterChainProxy - /hello at position 11 of 14 in additional filter chain; firing Filter: 'AnonymousAuthenticationFilter'
22:35:15.345 [http-nio-9090-exec-6] DEBUG o.s.s.w.a.AnonymousAuthenticationFilter - Populated SecurityContextHolder with anonymous token: 'org.springframework.security.authentication.AnonymousAuthenticationToken@b841c1bc: Principal: anonymousUser; Credentials: [PROTECTED]; Authenticated: true; Details: org.springframework.security.web.authentication.WebAuthenticationDetails@b364: RemoteIpAddress: 0:0:0:0:0:0:0:1; SessionId: 2D91FF16856148858B7FA31A6FDB958F; Granted Authorities: ROLE_ANONYMOUS'
22:35:15.345 [http-nio-9090-exec-6] DEBUG o.s.security.web.FilterChainProxy - /hello at position 12 of 14 in additional filter chain; firing Filter: 'SessionManagementFilter'
22:35:15.345 [http-nio-9090-exec-6] DEBUG o.s.security.web.FilterChainProxy - /hello at position 13 of 14 in additional filter chain; firing Filter: 'ExceptionTranslationFilter'
22:35:15.345 [http-nio-9090-exec-6] DEBUG o.s.security.web.FilterChainProxy - /hello at position 14 of 14 in additional filter chain; firing Filter: 'FilterSecurityInterceptor'
22:35:15.346 [http-nio-9090-exec-6] DEBUG o.s.s.w.a.i.FilterSecurityInterceptor - Secure object: FilterInvocation: URL: /hello; Attributes: [authenticated]
22:35:15.346 [http-nio-9090-exec-6] DEBUG o.s.s.w.a.i.FilterSecurityInterceptor - Previously Authenticated: org.springframework.security.authentication.AnonymousAuthenticationToken@b841c1bc: Principal: anonymousUser; Credentials: [PROTECTED]; Authenticated: true; Details: org.springframework.security.web.authentication.WebAuthenticationDetails@b364: RemoteIpAddress: 0:0:0:0:0:0:0:1; SessionId: 2D91FF16856148858B7FA31A6FDB958F; Granted Authorities: ROLE_ANONYMOUS
22:35:15.346 [http-nio-9090-exec-6] DEBUG o.s.s.access.vote.AffirmativeBased - Voter: org.springframework.security.web.access.expression.WebExpressionVoter@a3ce3d, returned: -1
22:35:15.346 [http-nio-9090-exec-6] DEBUG o.s.s.w.a.ExceptionTranslationFilter - Access is denied (user is anonymous); redirecting to authentication entry point
org.springframework.security.access.AccessDeniedException: Access is denied
    at org.springframework.security.access.vote.AffirmativeBased.decide(AffirmativeBased.java:84)
    at org.springframework.security.access.intercept.AbstractSecurityInterceptor.beforeInvocation(AbstractSecurityInterceptor.java:233)
    at org.springframework.security.web.access.intercept.FilterSecurityInterceptor.invoke(FilterSecurityInterceptor.java:124)
    at org.springframework.security.web.access.intercept.FilterSecurityInterceptor.doFilter(FilterSecurityInterceptor.java:91)
    at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334)
    at org.springframework.security.web.access.ExceptionTranslationFilter.doFilter(ExceptionTranslationFilter.java:119)
    at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334)
    at org.springframework.security.web.session.SessionManagementFilter.doFilter(SessionManagementFilter.java:137)
    at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334)
    at org.springframework.security.web.authentication.AnonymousAuthenticationFilter.doFilter(AnonymousAuthenticationFilter.java:111)
    at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334)
    at org.springframework.security.web.servletapi.SecurityContextHolderAwareRequestFilter.doFilter(SecurityContextHolderAwareRequestFilter.java:170)
    at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334)
    at org.springframework.security.web.savedrequest.RequestCacheAwareFilter.doFilter(RequestCacheAwareFilter.java:63)
    at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334)
    at org.springframework.security.web.authentication.www.BasicAuthenticationFilter.doFilterInternal(BasicAuthenticationFilter.java:158)
    at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107)
    at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334)
    at org.springframework.security.web.authentication.ui.DefaultLoginPageGeneratingFilter.doFilter(DefaultLoginPageGeneratingFilter.java:204)
    at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334)
    at org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter.doFilter(AbstractAuthenticationProcessingFilter.java:200)
    at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334)
    at org.springframework.security.web.authentication.logout.LogoutFilter.doFilter(LogoutFilter.java:116)
    at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334)
    at org.springframework.security.web.csrf.CsrfFilter.doFilterInternal(CsrfFilter.java:100)
    at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107)
    at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334)
    at org.springframework.security.web.header.HeaderWriterFilter.doFilterInternal(HeaderWriterFilter.java:66)
    at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107)
    at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334)
    at org.springframework.security.web.context.SecurityContextPersistenceFilter.doFilter(SecurityContextPersistenceFilter.java:105)
    at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334)
    at org.springframework.security.web.context.request.async.WebAsyncManagerIntegrationFilter.doFilterInternal(WebAsyncManagerIntegrationFilter.java:56)
    at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107)
    at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334)
    at org.springframework.security.web.FilterChainProxy.doFilterInternal(FilterChainProxy.java:215)
    at org.springframework.security.web.FilterChainProxy.doFilter(FilterChainProxy.java:178)
    at org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:357)
    at org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:270)
    at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
    at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
    at org.springframework.web.filter.RequestContextFilter.doFilterInternal(RequestContextFilter.java:99)
    at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107)
    at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
    at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
    at org.springframework.web.filter.HttpPutFormContentFilter.doFilterInternal(HttpPutFormContentFilter.java:109)
    at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107)
    at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
    at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
    at org.springframework.web.filter.HiddenHttpMethodFilter.doFilterInternal(HiddenHttpMethodFilter.java:81)
    at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107)
    at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
    at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
    at org.springframework.web.filter.CharacterEncodingFilter.doFilterInternal(CharacterEncodingFilter.java:200)
    at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107)
    at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
    at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
    at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:199)
    at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:96)
    at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:496)
    at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:140)
    at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:81)
    at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:87)
    at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:342)
    at org.apache.coyote.http11.Http11Processor.service(Http11Processor.java:803)
    at org.apache.coyote.AbstractProcessorLight.process(AbstractProcessorLight.java:66)
    at org.apache.coyote.AbstractProtocol$ConnectionHandler.process(AbstractProtocol.java:790)
    at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1459)
    at org.apache.tomcat.util.net.SocketProcessorBase.run(SocketProcessorBase.java:49)
    at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149)
    at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624)
    at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61)
    at java.lang.Thread.run(Thread.java:748)
22:35:15.346 [http-nio-9090-exec-6] DEBUG o.s.s.w.u.matcher.AndRequestMatcher - Trying to match using Ant [pattern='/**', GET]
22:35:15.347 [http-nio-9090-exec-6] DEBUG o.s.s.w.u.m.AntPathRequestMatcher - Request '/hello' matched by universal pattern '/**'
22:35:15.347 [http-nio-9090-exec-6] DEBUG o.s.s.w.u.matcher.AndRequestMatcher - Trying to match using NegatedRequestMatcher [requestMatcher=Ant [pattern='/**/favicon.ico']]
22:35:15.347 [http-nio-9090-exec-6] DEBUG o.s.s.w.u.m.AntPathRequestMatcher - Checking match of request : '/hello'; against '/**/favicon.ico'
22:35:15.347 [http-nio-9090-exec-6] DEBUG o.s.s.w.u.m.NegatedRequestMatcher - matches = true
22:35:15.347 [http-nio-9090-exec-6] DEBUG o.s.s.w.u.matcher.AndRequestMatcher - Trying to match using NegatedRequestMatcher [requestMatcher=MediaTypeRequestMatcher [contentNegotiationStrategy=org.springframework.web.accept.ContentNegotiationManager@356a6f1e, matchingMediaTypes=[application/json], useEquals=false, ignoredMediaTypes=[*/*]]]
22:35:15.347 [http-nio-9090-exec-6] DEBUG o.s.s.w.u.m.MediaTypeRequestMatcher - httpRequestMediaTypes=[text/html, application/xhtml+xml, application/xml;q=0.9, */*;q=0.8]
22:35:15.347 [http-nio-9090-exec-6] DEBUG o.s.s.w.u.m.MediaTypeRequestMatcher - Processing text/html
22:35:15.347 [http-nio-9090-exec-6] DEBUG o.s.s.w.u.m.MediaTypeRequestMatcher - application/json .isCompatibleWith text/html = false
22:35:15.347 [http-nio-9090-exec-6] DEBUG o.s.s.w.u.m.MediaTypeRequestMatcher - Processing application/xhtml+xml
22:35:15.347 [http-nio-9090-exec-6] DEBUG o.s.s.w.u.m.MediaTypeRequestMatcher - application/json .isCompatibleWith application/xhtml+xml = false
22:35:15.347 [http-nio-9090-exec-6] DEBUG o.s.s.w.u.m.MediaTypeRequestMatcher - Processing application/xml;q=0.9
22:35:15.347 [http-nio-9090-exec-6] DEBUG o.s.s.w.u.m.MediaTypeRequestMatcher - application/json .isCompatibleWith application/xml;q=0.9 = false
22:35:15.347 [http-nio-9090-exec-6] DEBUG o.s.s.w.u.m.MediaTypeRequestMatcher - Processing */*;q=0.8
22:35:15.347 [http-nio-9090-exec-6] DEBUG o.s.s.w.u.m.MediaTypeRequestMatcher - Ignoring
22:35:15.347 [http-nio-9090-exec-6] DEBUG o.s.s.w.u.m.MediaTypeRequestMatcher - Did not match any media types
22:35:15.347 [http-nio-9090-exec-6] DEBUG o.s.s.w.u.m.NegatedRequestMatcher - matches = true
22:35:15.347 [http-nio-9090-exec-6] DEBUG o.s.s.w.u.matcher.AndRequestMatcher - Trying to match using NegatedRequestMatcher [requestMatcher=RequestHeaderRequestMatcher [expectedHeaderName=X-Requested-With, expectedHeaderValue=XMLHttpRequest]]
22:35:15.347 [http-nio-9090-exec-6] DEBUG o.s.s.w.u.m.NegatedRequestMatcher - matches = true
22:35:15.347 [http-nio-9090-exec-6] DEBUG o.s.s.w.u.matcher.AndRequestMatcher - All requestMatchers returned true
22:35:15.347 [http-nio-9090-exec-6] DEBUG o.s.s.w.s.HttpSessionRequestCache - DefaultSavedRequest added to Session: DefaultSavedRequest[http://localhost:9090/hello]
22:35:15.347 [http-nio-9090-exec-6] DEBUG o.s.s.w.a.ExceptionTranslationFilter - Calling Authentication entry point.
22:35:15.347 [http-nio-9090-exec-6] DEBUG o.s.s.w.a.DelegatingAuthenticationEntryPoint - Trying to match using AndRequestMatcher [requestMatchers=[NegatedRequestMatcher [requestMatcher=RequestHeaderRequestMatcher [expectedHeaderName=X-Requested-With, expectedHeaderValue=XMLHttpRequest]], MediaTypeRequestMatcher [contentNegotiationStrategy=org.springframework.web.accept.ContentNegotiationManager@356a6f1e, matchingMediaTypes=[application/xhtml+xml, image/*, text/html, text/plain], useEquals=false, ignoredMediaTypes=[*/*]]]]
22:35:15.347 [http-nio-9090-exec-6] DEBUG o.s.s.w.u.matcher.AndRequestMatcher - Trying to match using NegatedRequestMatcher [requestMatcher=RequestHeaderRequestMatcher [expectedHeaderName=X-Requested-With, expectedHeaderValue=XMLHttpRequest]]
22:35:15.347 [http-nio-9090-exec-6] DEBUG o.s.s.w.u.m.NegatedRequestMatcher - matches = true
22:35:15.347 [http-nio-9090-exec-6] DEBUG o.s.s.w.u.matcher.AndRequestMatcher - Trying to match using MediaTypeRequestMatcher [contentNegotiationStrategy=org.springframework.web.accept.ContentNegotiationManager@356a6f1e, matchingMediaTypes=[application/xhtml+xml, image/*, text/html, text/plain], useEquals=false, ignoredMediaTypes=[*/*]]
22:35:15.347 [http-nio-9090-exec-6] DEBUG o.s.s.w.u.m.MediaTypeRequestMatcher - httpRequestMediaTypes=[text/html, application/xhtml+xml, application/xml;q=0.9, */*;q=0.8]
22:35:15.347 [http-nio-9090-exec-6] DEBUG o.s.s.w.u.m.MediaTypeRequestMatcher - Processing text/html
22:35:15.347 [http-nio-9090-exec-6] DEBUG o.s.s.w.u.m.MediaTypeRequestMatcher - application/xhtml+xml .isCompatibleWith text/html = false
22:35:15.347 [http-nio-9090-exec-6] DEBUG o.s.s.w.u.m.MediaTypeRequestMatcher - image/* .isCompatibleWith text/html = false
22:35:15.347 [http-nio-9090-exec-6] DEBUG o.s.s.w.u.m.MediaTypeRequestMatcher - text/html .isCompatibleWith text/html = true
22:35:15.347 [http-nio-9090-exec-6] DEBUG o.s.s.w.u.matcher.AndRequestMatcher - All requestMatchers returned true
22:35:15.347 [http-nio-9090-exec-6] DEBUG o.s.s.w.a.DelegatingAuthenticationEntryPoint - Match found! Executing org.springframework.security.web.authentication.LoginUrlAuthenticationEntryPoint@816fe85
22:35:15.347 [http-nio-9090-exec-6] DEBUG o.s.s.web.DefaultRedirectStrategy - Redirecting to 'http://localhost:9090/login'
22:35:15.347 [http-nio-9090-exec-6] DEBUG o.s.s.w.h.writers.HstsHeaderWriter - Not injecting HSTS header since it did not match the requestMatcher org.springframework.security.web.header.writers.HstsHeaderWriter$SecureRequestMatcher@258eaf02
22:35:15.347 [http-nio-9090-exec-6] DEBUG o.s.s.w.c.HttpSessionSecurityContextRepository - SecurityContext is empty or contents are anonymous - context will not be stored in HttpSession.
22:35:15.348 [http-nio-9090-exec-6] DEBUG o.s.s.w.c.SecurityContextPersistenceFilter - SecurityContextHolder now cleared, as request processing completed
22:35:15.355 [http-nio-9090-exec-7] DEBUG o.s.security.web.FilterChainProxy - /login at position 1 of 14 in additional filter chain; firing Filter: 'WebAsyncManagerIntegrationFilter'
22:35:15.355 [http-nio-9090-exec-7] DEBUG o.s.security.web.FilterChainProxy - /login at position 2 of 14 in additional filter chain; firing Filter: 'SecurityContextPersistenceFilter'
22:35:15.355 [http-nio-9090-exec-7] DEBUG o.s.s.w.c.HttpSessionSecurityContextRepository - HttpSession returned null object for SPRING_SECURITY_CONTEXT
22:35:15.355 [http-nio-9090-exec-7] DEBUG o.s.s.w.c.HttpSessionSecurityContextRepository - No SecurityContext was available from the HttpSession: org.apache.catalina.session.StandardSessionFacade@49c5a76. A new one will be created.
22:35:15.355 [http-nio-9090-exec-7] DEBUG o.s.security.web.FilterChainProxy - /login at position 3 of 14 in additional filter chain; firing Filter: 'HeaderWriterFilter'
22:35:15.356 [http-nio-9090-exec-7] DEBUG o.s.security.web.FilterChainProxy - /login at position 4 of 14 in additional filter chain; firing Filter: 'CsrfFilter'
22:35:15.356 [http-nio-9090-exec-7] DEBUG o.s.security.web.FilterChainProxy - /login at position 5 of 14 in additional filter chain; firing Filter: 'LogoutFilter'
22:35:15.356 [http-nio-9090-exec-7] DEBUG o.s.s.w.u.m.AntPathRequestMatcher - Request 'GET /login' doesn't match 'POST /logout
22:35:15.356 [http-nio-9090-exec-7] DEBUG o.s.security.web.FilterChainProxy - /login at position 6 of 14 in additional filter chain; firing Filter: 'UsernamePasswordAuthenticationFilter'
22:35:15.356 [http-nio-9090-exec-7] DEBUG o.s.s.w.u.m.AntPathRequestMatcher - Request 'GET /login' doesn't match 'POST /login
22:35:15.356 [http-nio-9090-exec-7] DEBUG o.s.security.web.FilterChainProxy - /login at position 7 of 14 in additional filter chain; firing Filter: 'DefaultLoginPageGeneratingFilter'
22:35:15.356 [http-nio-9090-exec-7] DEBUG o.s.s.w.h.writers.HstsHeaderWriter - Not injecting HSTS header since it did not match the requestMatcher org.springframework.security.web.header.writers.HstsHeaderWriter$SecureRequestMatcher@258eaf02
22:35:15.356 [http-nio-9090-exec-7] DEBUG o.s.s.w.c.HttpSessionSecurityContextRepository - SecurityContext is empty or contents are anonymous - context will not be stored in HttpSession.
22:35:15.356 [http-nio-9090-exec-7] DEBUG o.s.s.w.c.SecurityContextPersistenceFilter - SecurityContextHolder now cleared, as request processing completed
@SpringBootApplication(scanBasePackages={"com.example.stock","com.example.item"})