Spring security 从vaadin流14中的vaadin路由器排除URL路径
我试图在vaadin14+spring引导应用程序中包含一个“第三方”url,即单点登录“/oauth2/authorization/github”时spring security的重定向url。 然而,vaadinservlet似乎截获了这个url,并显示了一条错误消息,表示路由未知 无法导航到“oauth2/authorization/github” 原因:找不到“oauth2/authorization/github”的路由 如何防止这种情况,以便访问OAuth2URL?我查看了vaadin文档,但没有找到关于如何从常规路由器导航机制中排除特定路径的信息。 spring boot oauth2教程来自spring官方网站,添加了以下依赖项:Spring security 从vaadin流14中的vaadin路由器排除URL路径,spring-security,vaadin,vaadin-flow,spring5,Spring Security,Vaadin,Vaadin Flow,Spring5,我试图在vaadin14+spring引导应用程序中包含一个“第三方”url,即单点登录“/oauth2/authorization/github”时spring security的重定向url。 然而,vaadinservlet似乎截获了这个url,并显示了一条错误消息,表示路由未知 无法导航到“oauth2/authorization/github” 原因:找不到“oauth2/authorization/github”的路由 如何防止这种情况,以便访问OAuth2URL?我查看了vaadi
<dependency>
<groupId>com.vaadin</groupId>
<artifactId>vaadin</artifactId>
</dependency>
<dependency>
<groupId>com.vaadin</groupId>
<artifactId>vaadin-spring-boot-starter</artifactId>
</dependency>
在检查了@anasmi评论的教程后,发现包含oauth antmatcher的WebSecurity配置首先是错误的
现在可以观察到的效果是,spring security oauth2过滤器转发到/login,它不显示为vaadin路由配置的页面,而是显示一个默认页面,带有到github的授权链接
如果调试日志有助于了解发生的情况,请参阅以下调试日志:
onTranslationFilter : Calling Authentication entry point.
uthenticationEntryPoint : Trying to match using AndRequestMatcher [requestMatchers=[NegatedRequestMatcher [requestMatcher=RequestHeaderRequestMatcher [expectedHeaderName=X-Requested-With, expectedHeaderValue=XMLHttpRequest]], MediaTypeRequestMatcher [contentNegotiationStrategy=org.springframework.web.accept.ContentNegotiationManager@5be8fdbf, matchingMediaTypes=[application/xhtml+xml, image/*, text/html, text/plain], useEquals=false, ignoredMediaTypes=[*/*]]]]
her.AndRequestMatcher : Trying to match using NegatedRequestMatcher [requestMatcher=RequestHeaderRequestMatcher [expectedHeaderName=X-Requested-With, expectedHeaderValue=XMLHttpRequest]]
.NegatedRequestMatcher : matches = true
her.AndRequestMatcher : Trying to match using MediaTypeRequestMatcher [contentNegotiationStrategy=org.springframework.web.accept.ContentNegotiationManager@5be8fdbf, matchingMediaTypes=[application/xhtml+xml, image/*, text/html, text/plain], useEquals=false, ignoredMediaTypes=[*/*]]
TypeRequestMatcher : httpRequestMediaTypes=[text/html, application/xhtml+xml, image/webp, application/xml;q=0.9, */*;q=0.8]
TypeRequestMatcher : Processing text/html
TypeRequestMatcher : application/xhtml+xml .isCompatibleWith text/html = false
TypeRequestMatcher : image/* .isCompatibleWith text/html = false
TypeRequestMatcher : text/html .isCompatibleWith text/html = true
her.AndRequestMatcher : All requestMatchers returned true
uthenticationEntryPoint : Match found! Executing org.springframework.security.web.authentication.LoginUrlAuthenticationEntryPoint@20728225
RedirectStrategy : Redirecting to 'http://localhost:8080/login'
iters.HstsHeaderWriter : Not injecting HSTS header since it did not match the requestMatcher org.springframework.security.web.header.writers.HstsHeaderWriter$SecureRequestMatcher@169ed862
curityContextRepository : SecurityContext is empty or contents are anonymous - context will not be stored in HttpSession.
ontextPersistenceFilter : SecurityContextHolder now cleared, as request processing completed
.AntPathRequestMatcher : Checking match of request : '/login'; against '/VAADIN/**'
.AntPathRequestMatcher : Checking match of request : '/login'; against '/favicon.ico'
.AntPathRequestMatcher : Checking match of request : '/login'; against '/robots.txt'
.AntPathRequestMatcher : Checking match of request : '/login'; against '/manifest.webmanifest'
.AntPathRequestMatcher : Checking match of request : '/login'; against '/sw.js'
.AntPathRequestMatcher : Checking match of request : '/login'; against '/offline-page.html'
.AntPathRequestMatcher : Checking match of request : '/login'; against '/icons/**'
.AntPathRequestMatcher : Checking match of request : '/login'; against '/images/**'
.AntPathRequestMatcher : Checking match of request : '/login'; against '/frontend/**'
.AntPathRequestMatcher : Checking match of request : '/login'; against '/webjars/**'
.AntPathRequestMatcher : Checking match of request : '/login'; against '/h2-console/**'
.AntPathRequestMatcher : Checking match of request : '/login'; against '/frontend-es5/**'
.AntPathRequestMatcher : Checking match of request : '/login'; against '/frontend-es6/**'
FilterChainProxy : /login at position 1 of 15 in additional filter chain; firing Filter: 'WebAsyncManagerIntegrationFilter'
FilterChainProxy : /login at position 2 of 15 in additional filter chain; firing Filter: 'SecurityContextPersistenceFilter'
curityContextRepository : HttpSession returned null object for SPRING_SECURITY_CONTEXT
curityContextRepository : No SecurityContext was available from the HttpSession: org.apache.catalina.session.StandardSessionFacade@2fe150b5. A new one will be created.
FilterChainProxy : /login at position 3 of 15 in additional filter chain; firing Filter: 'HeaderWriterFilter'
FilterChainProxy : /login at position 4 of 15 in additional filter chain; firing Filter: 'LogoutFilter'
tcher.OrRequestMatcher : Trying to match using Ant [pattern='/logout', GET]
.AntPathRequestMatcher : Checking match of request : '/login'; against '/logout'
tcher.OrRequestMatcher : Trying to match using Ant [pattern='/logout', POST]
.AntPathRequestMatcher : Request 'GET /login' doesn't match 'POST /logout'
tcher.OrRequestMatcher : Trying to match using Ant [pattern='/logout', PUT]
.AntPathRequestMatcher : Request 'GET /login' doesn't match 'PUT /logout'
tcher.OrRequestMatcher : Trying to match using Ant [pattern='/logout', DELETE]
.AntPathRequestMatcher : Request 'GET /login' doesn't match 'DELETE /logout'
tcher.OrRequestMatcher : No matches found
FilterChainProxy : /login at position 5 of 15 in additional filter chain; firing Filter: 'OAuth2AuthorizationRequestRedirectFilter'
.AntPathRequestMatcher : Checking match of request : '/login'; against '/oauth2/authorization/{registrationId}'
FilterChainProxy : /login at position 6 of 15 in additional filter chain; firing Filter: 'OAuth2LoginAuthenticationFilter'
.AntPathRequestMatcher : Checking match of request : '/login'; against '/login/oauth2/code/*'
FilterChainProxy : /login at position 7 of 15 in additional filter chain; firing Filter: 'UsernamePasswordAuthenticationFilter'
.AntPathRequestMatcher : Request 'GET /login' doesn't match 'POST /login'
FilterChainProxy : /login at position 8 of 15 in additional filter chain; firing Filter: 'DefaultLoginPageGeneratingFilter'
iters.HstsHeaderWriter : Not injecting HSTS header since it did not match the requestMatcher org.springframework.security.web.header.writers.HstsHeaderWriter$SecureRequestMatcher@169ed862
curityContextRepository : SecurityContext is empty or contents are anonymous - context will not be stored in HttpSession.
ontextPersistenceFilter : SecurityContextHolder now cleared, as request processing completed
.AntPathRequestMatcher : Checking match of request : '/oauth2/authorization/github'; against '/VAADIN/**'
.AntPathRequestMatcher : Checking match of request : '/oauth2/authorization/github'; against '/favicon.ico'
.AntPathRequestMatcher : Checking match of request : '/oauth2/authorization/github'; against '/robots.txt'
.AntPathRequestMatcher : Checking match of request : '/oauth2/authorization/github'; against '/manifest.webmanifest'
.AntPathRequestMatcher : Checking match of request : '/oauth2/authorization/github'; against '/sw.js'
.AntPathRequestMatcher : Checking match of request : '/oauth2/authorization/github'; against '/offline-page.html'
.AntPathRequestMatcher : Checking match of request : '/oauth2/authorization/github'; against '/icons/**'
.AntPathRequestMatcher : Checking match of request : '/oauth2/authorization/github'; against '/images/**'
.AntPathRequestMatcher : Checking match of request : '/oauth2/authorization/github'; against '/frontend/**'
.AntPathRequestMatcher : Checking match of request : '/oauth2/authorization/github'; against '/webjars/**'
.AntPathRequestMatcher : Checking match of request : '/oauth2/authorization/github'; against '/h2-console/**'
.AntPathRequestMatcher : Checking match of request : '/oauth2/authorization/github'; against '/frontend-es5/**'
.AntPathRequestMatcher : Checking match of request : '/oauth2/authorization/github'; against '/frontend-es6/**'
FilterChainProxy : /oauth2/authorization/github at position 1 of 15 in additional filter chain; firing Filter: 'WebAsyncManagerIntegrationFilter'
FilterChainProxy : /oauth2/authorization/github at position 2 of 15 in additional filter chain; firing Filter: 'SecurityContextPersistenceFilter'
curityContextRepository : HttpSession returned null object for SPRING_SECURITY_CONTEXT
curityContextRepository : No SecurityContext was available from the HttpSession: org.apache.catalina.session.StandardSessionFacade@2fe150b5. A new one will be created.
FilterChainProxy : /oauth2/authorization/github at position 3 of 15 in additional filter chain; firing Filter: 'HeaderWriterFilter'
FilterChainProxy : /oauth2/authorization/github at position 4 of 15 in additional filter chain; firing Filter: 'LogoutFilter'
tcher.OrRequestMatcher : Trying to match using Ant [pattern='/logout', GET]
.AntPathRequestMatcher : Checking match of request : '/oauth2/authorization/github'; against '/logout'
tcher.OrRequestMatcher : Trying to match using Ant [pattern='/logout', POST]
.AntPathRequestMatcher : Request 'GET /oauth2/authorization/github' doesn't match 'POST /logout'
tcher.OrRequestMatcher : Trying to match using Ant [pattern='/logout', PUT]
.AntPathRequestMatcher : Request 'GET /oauth2/authorization/github' doesn't match 'PUT /logout'
tcher.OrRequestMatcher : Trying to match using Ant [pattern='/logout', DELETE]
.AntPathRequestMatcher : Request 'GET /oauth2/authorization/github' doesn't match 'DELETE /logout'
tcher.OrRequestMatcher : No matches found
FilterChainProxy : /oauth2/authorization/github at position 5 of 15 in additional filter chain; firing Filter: 'OAuth2AuthorizationRequestRedirectFilter'
.AntPathRequestMatcher : Checking match of request : '/oauth2/authorization/github'; against '/oauth2/authorization/{registrationId}'
.AntPathRequestMatcher : Checking match of request : '/oauth2/authorization/github'; against '/oauth2/authorization/{registrationId}'
RedirectStrategy : Redirecting to 'https://github.com/login/oauth/authorize?response_type=code&client_id=3a39e84cc95590698a1b&scope=read:user&state=yaVXu6gS7Zcwud2oT_SWsbkj-DbxxxqF46lQ%3D&redirect_uri=http://localhost:8080/login/oauth2/code/github'
iters.HstsHeaderWriter : Not injecting HSTS header since it did not match the requestMatcher org.springframework.security.web.header.writers.HstsHeaderWriter$SecureRequestMatcher@169ed862
curityContextRepository : SecurityContext is empty or contents are anonymous - context will not be stored in HttpSession.
ontextPersistenceFilter : SecurityContextHolder now cleared, as request processing completed
.AntPathRequestMatcher : Checking match of request : '/login/oauth2/code/github'; against '/VAADIN/**'
.AntPathRequestMatcher : Checking match of request : '/login/oauth2/code/github'; against '/favicon.ico'
.AntPathRequestMatcher : Checking match of request : '/login/oauth2/code/github'; against '/robots.txt'
.AntPathRequestMatcher : Checking match of request : '/login/oauth2/code/github'; against '/manifest.webmanifest'
.AntPathRequestMatcher : Checking match of request : '/login/oauth2/code/github'; against '/sw.js'
.AntPathRequestMatcher : Checking match of request : '/login/oauth2/code/github'; against '/offline-page.html'
.AntPathRequestMatcher : Checking match of request : '/login/oauth2/code/github'; against '/icons/**'
.AntPathRequestMatcher : Checking match of request : '/login/oauth2/code/github'; against '/images/**'
.AntPathRequestMatcher : Checking match of request : '/login/oauth2/code/github'; against '/frontend/**'
.AntPathRequestMatcher : Checking match of request : '/login/oauth2/code/github'; against '/webjars/**'
.AntPathRequestMatcher : Checking match of request : '/login/oauth2/code/github'; against '/h2-console/**'
.AntPathRequestMatcher : Checking match of request : '/login/oauth2/code/github'; against '/frontend-es5/**'
.AntPathRequestMatcher : Checking match of request : '/login/oauth2/code/github'; against '/frontend-es6/**'
FilterChainProxy : /login/oauth2/code/github?code=c8b1870a2477fef6f032&state=yaVXu6gS7Zcwud2oT_SWsbkj-DbxxxqF46lQ%3D at position 1 of 15 in additional filter chain; firing Filter: 'WebAsyncManagerIntegrationFilter'
FilterChainProxy : /login/oauth2/code/github?code=c8b1870a2477fef6f032&state=yaVXu6gS7Zcwud2oT_SWsbkj-DbxxxqF46lQ%3D at position 2 of 15 in additional filter chain; firing Filter: 'SecurityContextPersistenceFilter'
curityContextRepository : HttpSession returned null object for SPRING_SECURITY_CONTEXT
curityContextRepository : No SecurityContext was available from the HttpSession: org.apache.catalina.session.StandardSessionFacade@2fe150b5. A new one will be created.
FilterChainProxy : /login/oauth2/code/github?code=c8b1870a2477fef6f032&state=yaVXu6gS7Zcwud2oT_SWsbkj-DbxxxqF46lQ%3D at position 3 of 15 in additional filter chain; firing Filter: 'HeaderWriterFilter'
FilterChainProxy : /login/oauth2/code/github?code=c8b1870a2477fef6f032&state=yaVXu6gS7Zcwud2oT_SWsbkj-DbxxxqF46lQ%3D at position 4 of 15 in additional filter chain; firing Filter: 'LogoutFilter'
tcher.OrRequestMatcher : Trying to match using Ant [pattern='/logout', GET]
.AntPathRequestMatcher : Checking match of request : '/login/oauth2/code/github'; against '/logout'
tcher.OrRequestMatcher : Trying to match using Ant [pattern='/logout', POST]
.AntPathRequestMatcher : Request 'GET /login/oauth2/code/github' doesn't match 'POST /logout'
tcher.OrRequestMatcher : Trying to match using Ant [pattern='/logout', PUT]
.AntPathRequestMatcher : Request 'GET /login/oauth2/code/github' doesn't match 'PUT /logout'
tcher.OrRequestMatcher : Trying to match using Ant [pattern='/logout', DELETE]
.AntPathRequestMatcher : Request 'GET /login/oauth2/code/github' doesn't match 'DELETE /logout'
tcher.OrRequestMatcher : No matches found
FilterChainProxy : /login/oauth2/code/github?code=c8b1870a2477fef6f032&state=yaVXu6gS7Zcwud2oT_SWsbkj-DbxxxqF46lQ%3D at position 5 of 15 in additional filter chain; firing Filter: 'OAuth2AuthorizationRequestRedirectFilter'
.AntPathRequestMatcher : Checking match of request : '/login/oauth2/code/github'; against '/oauth2/authorization/{registrationId}'
FilterChainProxy : /login/oauth2/code/github?code=c8b1870a2477fef6f032&state=yaVXu6gS7Zcwud2oT_SWsbkj-DbxxxqF46lQ%3D at position 6 of 15 in additional filter chain; firing Filter: 'OAuth2LoginAuthenticationFilter'
.AntPathRequestMatcher : Checking match of request : '/login/oauth2/code/github'; against '/login/oauth2/code/*'
ginAuthenticationFilter : Request is to process authentication
ion.ProviderManager : Authentication attempt using org.springframework.security.oauth2.client.authentication.OAuth2LoginAuthenticationProvider
stTemplate : HTTP POST https://github.com/login/oauth/access_token
stTemplate : Accept=[application/json, application/*+json]
stTemplate : Writing [{grant_type=[authorization_code], code=[c8b1870a2477fef6f032], redirect_uri=[http://localhost:8080/login/oauth2/code/github]}] as "application/x-www-form-urlencoded;charset=UTF-8"
stTemplate : Response 200 OK
stTemplate : Reading to [org.springframework.security.oauth2.core.endpoint.OAuth2AccessTokenResponse] as "application/json;charset=utf-8"
stTemplate : HTTP GET https://api.github.com/user
stTemplate : Accept=[application/json, application/*+json]
stTemplate : Response 200 OK
stTemplate : Reading to [java.util.Map<java.lang.String, java.lang.Object>]
nAuthenticationStrategy : Delegating to org.springframework.security.web.authentication.session.ChangeSessionIdAuthenticationStrategy@10bebcb4
ginAuthenticationFilter : Authentication success. Updating SecurityContextHolder to contain: org.springframework.security.oauth2.client.authentication.OAuth2AuthenticationToken@19bf8c7c
nticationSuccessHandler : Redirecting to DefaultSavedRequest Url: http://localhost:8080/
RedirectStrategy : Redirecting to 'http://localhost:8080/'
iters.HstsHeaderWriter : Not injecting HSTS header since it did not match the requestMatcher org.springframework.security.web.header.writers.HstsHeaderWriter$SecureRequestMatcher@169ed862
curityContextRepository : SecurityContext 'org.springframework.security.core.context.SecurityContextImpl@19bf8c7c'
ontextPersistenceFilter : SecurityContextHolder now cleared, as request processing completed
.AntPathRequestMatcher : Checking match of request : '/'; against '/VAADIN/**'
.AntPathRequestMatcher : Checking match of request : '/'; against '/favicon.ico'
.AntPathRequestMatcher : Checking match of request : '/'; against '/robots.txt'
.AntPathRequestMatcher : Checking match of request : '/'; against '/manifest.webmanifest'
.AntPathRequestMatcher : Checking match of request : '/'; against '/sw.js'
.AntPathRequestMatcher : Checking match of request : '/'; against '/offline-page.html'
.AntPathRequestMatcher : Checking match of request : '/'; against '/icons/**'
.AntPathRequestMatcher : Checking match of request : '/'; against '/images/**'
.AntPathRequestMatcher : Checking match of request : '/'; against '/frontend/**'
.AntPathRequestMatcher : Checking match of request : '/'; against '/webjars/**'
.AntPathRequestMatcher : Checking match of request : '/'; against '/h2-console/**'
.AntPathRequestMatcher : Checking match of request : '/'; against '/frontend-es5/**'
.AntPathRequestMatcher : Checking match of request : '/'; against '/frontend-es6/**'
FilterChainProxy : / at position 1 of 15 in additional filter chain; firing Filter: 'WebAsyncManagerIntegrationFilter'
FilterChainProxy : / at position 2 of 15 in additional filter chain; firing Filter: 'SecurityContextPersistenceFilter'
curityContextRepository : Obtained a valid SecurityContext from SPRING_SECURITY_CONTEXT: 'org.springframework.security.core.context.SecurityContextImpl@19bf8c7c'
FilterChainProxy : / at position 3 of 15 in additional filter chain; firing Filter: 'HeaderWriterFilter'
FilterChainProxy : / at position 4 of 15 in additional filter chain; firing Filter: 'LogoutFilter'
tcher.OrRequestMatcher : Trying to match using Ant [pattern='/logout', GET]
.AntPathRequestMatcher : Checking match of request : '/'; against '/logout'
tcher.OrRequestMatcher : Trying to match using Ant [pattern='/logout', POST]
.AntPathRequestMatcher : Request 'GET /' doesn't match 'POST /logout'
tcher.OrRequestMatcher : Trying to match using Ant [pattern='/logout', PUT]
.AntPathRequestMatcher : Request 'GET /' doesn't match 'PUT /logout'
tcher.OrRequestMatcher : Trying to match using Ant [pattern='/logout', DELETE]
.AntPathRequestMatcher : Request 'GET /' doesn't match 'DELETE /logout'
tcher.OrRequestMatcher : No matches found
FilterChainProxy : / at position 5 of 15 in additional filter chain; firing Filter: 'OAuth2AuthorizationRequestRedirectFilter'
.AntPathRequestMatcher : Checking match of request : '/'; against '/oauth2/authorization/{registrationId}'
FilterChainProxy : / at position 6 of 15 in additional filter chain; firing Filter: 'OAuth2LoginAuthenticationFilter'
.AntPathRequestMatcher : Checking match of request : '/'; against '/login/oauth2/code/*'
FilterChainProxy : / at position 7 of 15 in additional filter chain; firing Filter: 'UsernamePasswordAuthenticationFilter'
.AntPathRequestMatcher : Request 'GET /' doesn't match 'POST /login'
FilterChainProxy : / at position 8 of 15 in additional filter chain; firing Filter: 'DefaultLoginPageGeneratingFilter'
FilterChainProxy : / at position 9 of 15 in additional filter chain; firing Filter: 'DefaultLogoutPageGeneratingFilter'
.AntPathRequestMatcher : Checking match of request : '/'; against '/logout'
FilterChainProxy : / at position 10 of 15 in additional filter chain; firing Filter: 'RequestCacheAwareFilter'
SavedRequest : pathInfo: both null (property equals)
SavedRequest : queryString: both null (property equals)
SavedRequest : requestURI: arg1=/; arg2=/ (property equals)
SavedRequest : serverPort: arg1=8080; arg2=8080 (property equals)
SavedRequest : requestURL: arg1=http://localhost:8080/; arg2=http://localhost:8080/ (property equals)
SavedRequest : scheme: arg1=http; arg2=http (property equals)
SavedRequest : serverName: arg1=localhost; arg2=localhost (property equals)
SavedRequest : contextPath: arg1=; arg2= (property equals)
SavedRequest : servletPath: arg1=/; arg2=/ (property equals)
FilterChainProxy : / at position 11 of 15 in additional filter chain; firing Filter: 'SecurityContextHolderAwareRequestFilter'
FilterChainProxy : / at position 12 of 15 in additional filter chain; firing Filter: 'AnonymousAuthenticationFilter'
FilterChainProxy : / at position 13 of 15 in additional filter chain; firing Filter: 'SessionManagementFilter'
FilterChainProxy : / at position 14 of 15 in additional filter chain; firing Filter: 'ExceptionTranslationFilter'
FilterChainProxy : / at position 15 of 15 in additional filter chain; firing Filter: 'FilterSecurityInterceptor'
rSecurityInterceptor : Secure object: FilterInvocation: URL: /; Attributes: [authenticated]
.AffirmativeBased : Voter: org.springframework.security.web.access.expression.WebExpressionVoter@201c9f26, returned: 1
rSecurityInterceptor : Authorization successful
rSecurityInterceptor : RunAsManager did not change Authentication object
FilterChainProxy : / reached end of additional filter chain; proceeding with original chain
ispatcherServlet : GET "/", parameters={}
impleUrlHandlerMapping : Mapped to org.springframework.web.servlet.mvc.ServletForwardingController@46beee3b
iters.HstsHeaderWriter : Not injecting HSTS header since it did not match the requestMatcher org.springframework.security.web.header.writers.HstsHeaderWriter$SecureRequestMatcher@169ed862
ispatcherServlet : Completed 200 OK
onTranslationFilter : Chain processed normally
ontextPersistenceFilter : SecurityContextHolder now cleared, as request processing completed
.AntPathRequestMatcher : Checking match of request : '/VAADIN/build/webcomponentsjs/webcomponents-loader.js'; against '/VAADIN/**'
FilterChainProxy : /VAADIN/build/webcomponentsjs/webcomponents-loader.js has an empty filter list
ispatcherServlet : GET "/VAADIN/build/webcomponentsjs/webcomponents-loader.js", parameters={}
impleUrlHandlerMapping : Mapped to org.springframework.web.servlet.mvc.ServletForwardingController@46beee3b
onTranslationFilter:调用身份验证入口点。
AuthenticationEntryPoint:尝试使用AndRequestMatcher[requestMatchers=[NegatedRequestMatcher[requestMatcher=RequestHeaderRequestMatcher[expectedHeaderName=X-Requested-With,expectedHeaderValue=XMLHttpRequest]]和MediaTypeRequestMatcher进行匹配[contentNegotiationStrategy=org.springframework.web.accept。ContentNegotiationManager@5be8fdbf,matchingMediaTypes=[application/xhtml+xml,image/*,text/html,text/plain],useEquals=false,ignoredMediaTypes=[*/*]]
her.AndRequestMatcher:尝试使用NegatedRequestMatcher[requestMatcher=RequestHeaderRequestMatcher[expectedHeaderName=X-Requested-With,expectedHeaderValue=XMLHttpRequest]]进行匹配
.NegateRequestMatcher:matches=true
her.AndRequestMatcher:尝试使用MediaTypeRequestMatcher[contentNegotiationStrategy=org.springframework.web.accept]进行匹配。ContentNegotiationManager@5be8fdbf,matchingMediaTypes=[application/xhtml+xml,image/*,text/html,text/plain],useEquals=false,ignoredMediaTypes=[*/*]]
TypeRequestMatcher:httpRequestMediaTypes=[text/html,application/xhtml+xml,image/webp,application/xml;q=0.9,*/*;q=0.8]
TypeRequestMatcher:处理文本/html
TypeRequestMatcher:application/xhtml+xml.isCompatibleWith text/html=false
TypeRequestMatcher:image/*.isCompatibleWith text/html=false
TypeRequestMatcher:text/html.isCompatibleWith text/html=true
hers.AndRequestMatcher:所有请求匹配器都返回true
AuthenticationEntryPoint:找到匹配项!正在执行org.springframework.security.web.authentication。LoginUrlAuthenticationEntryPoint@20728225
重定向策略:重定向到'http://localhost:8080/login'
iters.HstsHeaderWriter:未注入HSTS标头,因为它与requestMatcher org.springframework.security.web.header.writers.HstsHeaderWriter不匹配$SecureRequestMatcher@169ed862
curityContextRepository:SecurityContext为空或内容为匿名-上下文不会存储在HttpSession中。
ContextPersistenceFilter:SecurityContextHolder现在已清除,因为请求处理已完成
.AntPathRequestMatcher:检查请求“/login”与“/VAADIN/**”的匹配
.AntPathRequestMatcher:检查请求“/login”与“/favicon.ico”的匹配
.AntPathRequestMatcher:检查请求“/login”与“/robots.txt”的匹配
.AntPathRequestMatcher:检查请求“/login”与“/manifest.webmanifest”的匹配
.AntPathRequestMatcher:检查请求“/login”与“/sw.js”的匹配
.AntPathRequestMatcher:检查请求“/login”;与“/offline page.html”的匹配
.AntPathRequestMatcher:检查请求“/login”与“/icons/**”的匹配
.AntPathRequestMatcher:检查请求“/login”与“/images/**”的匹配
.AntPathRequestMatcher:检查请求“/login”与“/frontend/**”的匹配
.AntPathRequestMatcher:检查请求“/login”与“/webjars/**”的匹配
.AntPathRequestMatcher:检查请求“/login”与“/h2 console/**”的匹配
.AntPathRequestMatcher:检查请求“/login”与“/frontend-es5/**”的匹配
.AntPathRequestMatcher:检查请求“/login”与“/frontend-es6/**”的匹配
FilterChainProxy:/在附加筛选器链中15个位置中的第1个位置登录;触发筛选器:“WebAsyncManagerIntegrationFilter”
FilterChainProxy:/登录到附加筛选器链中15个位置中的第2个;触发筛选器:“SecurityContextPersistenceFilter”
curityContextRepository:HttpSession为SPRING\u SECURITY\u上下文返回空对象
curityContextRepository:HttpSession:org.apache.catalina.session中没有可用的SecurityContext。StandardSessionFacade@2fe150b5.将创建一个新的。
FilterChainProxy:/在附加过滤器链中15个位置中的第3个位置登录;触发过滤器:“HeaderWriterFilter”
FilterChainProxy:/login位于附加过滤器链中15个位置中的第4个位置;触发过滤器:“LogoutFilter”
tcher.OrRequestMatcher:正在尝试使用Ant[pattern='/logout',GET]进行匹配
.AntPathRequestMatcher:检查请求“/login”与“/logout”的匹配
tcher.OrRequestMatcher:尝试使用Ant[pattern='/logout',POST]进行匹配
.AntPathRequestMatcher:请求“获取/登录”与“发布/注销”不匹配
tcher.OrRequestMatcher:尝试使用Ant[pattern='/logout',PUT]进行匹配
.AntPathRequestMatcher:请求“获取/登录”与“放置/注销”不匹配
tcher.OrRequestMatcher:正在尝试使用Ant[pattern='/logout',DELETE]进行匹配
.AntPathRequestMatcher:请求“获取/登录”与“删除/注销”不匹配
tcher.OrRequestMatcher:未找到匹配项
FilterChainProxy:/在附加filt中的15位中的第5位登录
private void beforeEnter(BeforeEnterEvent event) {
if (!LoginView.class.equals(event.getNavigationTarget()) //
&& !SecurityUtils.isUserLoggedIn()) { //
event.rerouteTo(LoginView.class); //
}
}
private void beforeEnter(BeforeEnterEvent event) {
if (!LoginView.class.equals(event.getNavigationTarget()) && !**RegisterView.class.equals**(event.getNavigationTarget())//
&& !SecurityUtils.isUserLoggedIn()) { //
event.rerouteTo(LoginView.class); //
}
}