Spring mvc 使用openid for google的Spring安全性在生产环境中不起作用
我正在使用SpringMVC和SpringSecurity(版本3.1)。该web应用程序为用户提供了使用google/gmail帐户进行登录的选项。这在我的开发环境中运行良好,但当部署到生产服务器时,注册过程失败,因为当提供正确的google凭据时,会显示错误凭据异常事件。以下是我的spring-security.xml配置中的openid配置:Spring mvc 使用openid for google的Spring安全性在生产环境中不起作用,spring-mvc,spring-security,openid,Spring Mvc,Spring Security,Openid,我正在使用SpringMVC和SpringSecurity(版本3.1)。该web应用程序为用户提供了使用google/gmail帐户进行登录的选项。这在我的开发环境中运行良好,但当部署到生产服务器时,注册过程失败,因为当提供正确的google凭据时,会显示错误凭据异常事件。以下是我的spring-security.xml配置中的openid配置: <openid-login login-processing-url="/j_spring_openid_security_ch
<openid-login
login-processing-url="/j_spring_openid_security_check"
default-target-url="/home"
user-service-ref="userOpenIdDetailsService"
authentication-failure-handler-ref="openIdAuthFailureHandler"/>
<logout logout-success-url="/login?rc=2" />
<beans:bean id="userOpenIdDetailsService" class="com.xxx.service.OpenIdUserDetailsServiceImpl"/>
<beans:bean id="openIdAuthFailureHandler" class="com.xxx.controllers.OpenIDAuthenticationFailureHandler">
<beans:property name="defaultFailureUrl" value="/login?rc=6"/>
</beans:bean>
Log --> 10:19:17 DEBUG org.springframework.security.openid.OpenIDAuthenticationFilter - Supplied OpenID identity is https://www.google.com/accounts/o8/id?id=open-id-token-here
Log --> 10:19:17 DEBUG org.springframework.security.openid.OpenIDAuthenticationFilter - Authentication request failed: org.springframework.security.authentication.BadCredentialsException: Log in failed - identity could not be verified
Log --> 10:19:17 DEBUG org.springframework.security.openid.OpenIDAuthenticationFilter - Updated SecurityContextHolder to contain null Authentication
Log --> 10:19:17 DEBUG org.springframework.security.openid.OpenIDAuthenticationFilter - Delegating to authentication failure handlercom.xxx.controllers.OpenIDAuthenticationFailureHandler@435fef7d
Log --> 10:19:17 DEBUG com.xxx.controllers.OpenIDAuthenticationFailureHandler - Token Identity: Unknown
Log --> 10:19:17 DEBUG com.xxx.controllers.OpenIDAuthenticationFailureHandler - Open ID authentication failure: Log in failed - identity could not be verified
Log --> 10:19:17 DEBUG com.xxx.controllers.OpenIDAuthenticationFailureHandler - Auth Exception: org.springframework.security.authentication.BadCredentialsException: Log in failed - identity could not be verified
事实证明,生产服务器上的时钟可能与用于验证OpenId请求的internet时间不同步。就我而言,我的服务器已经运行了177天,没有重新启动。服务器时钟缩短了一分钟。重启解决了这个问题。否则,将服务器时钟与internet时间服务器同步也可以解决问题。我今天也开始遇到这种情况。我的安装程序已经运行了几个月,突然我开始出现同样的“登录失败-身份无法验证”BadCredentialsException。一切都在我的开发机器上工作,但在我的生产环境中失败。您的问题解决了吗?尽管某些人必须在生产中使用此特定设置,但从未找到解决此特定问题的方法。。
Log --> 10:19:17 DEBUG org.springframework.security.openid.OpenIDAuthenticationFilter - Supplied OpenID identity is https://www.google.com/accounts/o8/id?id=open-id-token-here
Log --> 10:19:17 DEBUG org.springframework.security.openid.OpenIDAuthenticationFilter - Authentication request failed: org.springframework.security.authentication.BadCredentialsException: Log in failed - identity could not be verified
Log --> 10:19:17 DEBUG org.springframework.security.openid.OpenIDAuthenticationFilter - Updated SecurityContextHolder to contain null Authentication
Log --> 10:19:17 DEBUG org.springframework.security.openid.OpenIDAuthenticationFilter - Delegating to authentication failure handlercom.xxx.controllers.OpenIDAuthenticationFailureHandler@435fef7d
Log --> 10:19:17 DEBUG com.xxx.controllers.OpenIDAuthenticationFailureHandler - Token Identity: Unknown
Log --> 10:19:17 DEBUG com.xxx.controllers.OpenIDAuthenticationFailureHandler - Open ID authentication failure: Log in failed - identity could not be verified
Log --> 10:19:17 DEBUG com.xxx.controllers.OpenIDAuthenticationFailureHandler - Auth Exception: org.springframework.security.authentication.BadCredentialsException: Log in failed - identity could not be verified