Warning: file_get_contents(/data/phpspider/zhask/data//catemap/0/mercurial/2.json): failed to open stream: No such file or directory in /data/phpspider/zhask/libs/function.php on line 167

Warning: Invalid argument supplied for foreach() in /data/phpspider/zhask/libs/tag.function.php on line 1116

Notice: Undefined index: in /data/phpspider/zhask/libs/function.php on line 180

Warning: array_chunk() expects parameter 1 to be array, null given in /data/phpspider/zhask/libs/function.php on line 181
Spring boot 使用基本身份验证和无状态会话的牵引下无效会话_Spring Boot_Grails_Spring Security_Undertow - Fatal编程技术网
Fatal编程技术网
  • spring-boot/
  • Spring boot 使用基本身份验证和无状态会话的牵引下无效会话

Spring boot 使用基本身份验证和无状态会话的牵引下无效会话

spring-boot grails spring-security

Spring boot 使用基本身份验证和无状态会话的牵引下无效会话,spring-boot,grails,spring-security,undertow,Spring Boot,Grails,Spring Security,Undertow,我有一个Grails4(基于SpringBoot)应用程序正在经历零星的故障。在这一点上,我找不到任何东西,甚至无法指出问题所在,希望有人能提供帮助 发生错误的场景是一个应用程序对另一个应用程序进行REST调用。这些都是使用通过基本身份验证提供的通用用户名和密码创建的。在应用程序成功运行后的某个时间点(到目前为止,大多数情况下超过12小时),这些调用开始失败,并出现以下错误: org.springframework.web.util.NestedServletException: Request

我有一个Grails4(基于SpringBoot)应用程序正在经历零星的故障。在这一点上,我找不到任何东西,甚至无法指出问题所在,希望有人能提供帮助

发生错误的场景是一个应用程序对另一个应用程序进行REST调用。这些都是使用通过基本身份验证提供的通用用户名和密码创建的。在应用程序成功运行后的某个时间点(到目前为止,大多数情况下超过12小时),这些调用开始失败,并出现以下错误:

org.springframework.web.util.NestedServletException: Request processing failed; nested exception is java.lang.IllegalStateException: UT000010: Session is invalid XVBnzVaxVhijSIz2xk_Tl5fqsJD9n30ggd_614iF
        at org.springframework.web.servlet.FrameworkServlet.processRequest(FrameworkServlet.java:1014)
        at org.springframework.web.servlet.FrameworkServlet.doGet(FrameworkServlet.java:898)
        at org.springframework.web.servlet.FrameworkServlet.service(FrameworkServlet.java:883)
        at io.undertow.servlet.handlers.ServletHandler.handleRequest(ServletHandler.java:74)
        at io.undertow.servlet.handlers.FilterHandler$FilterChainImpl.doFilter(FilterHandler.java:129)
        at org.springframework.security.web.FilterChainProxy.doFilterInternal(FilterChainProxy.java:209)
        at org.springframework.security.web.FilterChainProxy.doFilter(FilterChainProxy.java:178)
        at io.undertow.servlet.core.ManagedFilter.doFilter(ManagedFilter.java:61)
        at io.undertow.servlet.handlers.FilterHandler$FilterChainImpl.doFilter(FilterHandler.java:131)
        at io.undertow.servlet.handlers.FilterHandler.handleRequest(FilterHandler.java:84)
        at io.undertow.servlet.handlers.security.ServletSecurityRoleHandler.handleRequest(ServletSecurityRoleHandler.java:62)
        at io.undertow.servlet.handlers.ServletChain$1.handleRequest(ServletChain.java:68)
        at io.undertow.servlet.handlers.ServletDispatchingHandler.handleRequest(ServletDispatchingHandler.java:36)
        at io.undertow.servlet.handlers.RedirectDirHandler.handleRequest(RedirectDirHandler.java:68)
        at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43)
        at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43)
        at io.undertow.servlet.handlers.ServletInitialHandler.dispatchRequest(ServletInitialHandler.java:251)
        at io.undertow.servlet.handlers.ServletInitialHandler.dispatchToPath(ServletInitialHandler.java:186)
        at io.undertow.servlet.spec.RequestDispatcherImpl.error(RequestDispatcherImpl.java:501)
        at io.undertow.servlet.spec.RequestDispatcherImpl.error(RequestDispatcherImpl.java:427)
        at io.undertow.servlet.handlers.ServletInitialHandler.handleFirstRequest(ServletInitialHandler.java:308)
        at io.undertow.servlet.handlers.ServletInitialHandler.access$100(ServletInitialHandler.java:78)
        at io.undertow.servlet.handlers.ServletInitialHandler$2.call(ServletInitialHandler.java:133)
        at io.undertow.servlet.handlers.ServletInitialHandler$2.call(ServletInitialHandler.java:130)
        at io.undertow.servlet.core.ServletRequestContextThreadSetupAction$1.call(ServletRequestContextThreadSetupAction.java:48)
        at io.undertow.servlet.core.ContextClassLoaderSetupAction$1.call(ContextClassLoaderSetupAction.java:43)
        at io.undertow.servlet.handlers.ServletInitialHandler.dispatchRequest(ServletInitialHandler.java:249)
        at io.undertow.servlet.handlers.ServletInitialHandler.access$000(ServletInitialHandler.java:78)
        at io.undertow.servlet.handlers.ServletInitialHandler$1.handleRequest(ServletInitialHandler.java:99)
        at io.undertow.server.Connectors.executeRootHandler(Connectors.java:376)
        at io.undertow.server.HttpServerExchange$1.run(HttpServerExchange.java:830)
        at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149)
        at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624)
        at java.lang.Thread.run(Thread.java:748)
Caused by: java.lang.IllegalStateException: UT000010: Session is invalid XVBnzVaxVhijSIz2xk_Tl5fqsJD9n30ggd_614iF
        at io.undertow.server.session.InMemorySessionManager$SessionImpl.getAttribute(InMemorySessionManager.java:512)
        at io.undertow.servlet.spec.HttpSessionImpl.getAttribute(HttpSessionImpl.java:122)
        at org.springframework.web.servlet.support.SessionFlashMapManager.retrieveFlashMaps(SessionFlashMapManager.java:49)
        at org.springframework.web.servlet.support.AbstractFlashMapManager.retrieveAndUpdate(AbstractFlashMapManager.java:94)
        at org.springframework.web.servlet.DispatcherServlet.doService(DispatcherServlet.java:934)
        at org.springframework.web.servlet.FrameworkServlet.processRequest(FrameworkServlet.java:1006)
使用来自Postman的相同基本身份验证调用同一端点成功

对于这些呼叫,安全性配置如下:

  http
    .headers().frameOptions().sameOrigin().and()
    .csrf().disable()
    .requestMatcher(basicAuthMatcher)
    .authorizeRequests()
    .anyRequest().authenticated()
    .and()
    .httpBasic()
     
  http.sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS)
我怀疑的部分是堆栈跟踪来自
SessionFlashMapManager
。据我所知,不应该举行会议。我当然没有打算使用的

以前有没有人见过这样的错误,或者对如何诊断有什么建议