Fatal编程技术网
  • spring-security/
  • Spring security 从vaadin流14中的vaadin路由器排除URL路径

Spring security 从vaadin流14中的vaadin路由器排除URL路径

spring-security vaadin

Spring security 从vaadin流14中的vaadin路由器排除URL路径,spring-security,vaadin,vaadin-flow,spring5,Spring Security,Vaadin,Vaadin Flow,Spring5,我试图在vaadin14+spring引导应用程序中包含一个“第三方”url,即单点登录“/oauth2/authorization/github”时spring security的重定向url。 然而,vaadinservlet似乎截获了这个url,并显示了一条错误消息,表示路由未知 无法导航到“oauth2/authorization/github” 原因:找不到“oauth2/authorization/github”的路由 如何防止这种情况,以便访问OAuth2URL?我查看了vaadi

我试图在vaadin14+spring引导应用程序中包含一个“第三方”url,即单点登录“/oauth2/authorization/github”时spring security的重定向url。 然而,vaadinservlet似乎截获了这个url,并显示了一条错误消息,表示路由未知

无法导航到“oauth2/authorization/github”

原因:找不到“oauth2/authorization/github”的路由

如何防止这种情况,以便访问OAuth2URL?我查看了vaadin文档,但没有找到关于如何从常规路由器导航机制中排除特定路径的信息。 spring boot oauth2教程来自spring官方网站,添加了以下依赖项:

    <dependency>
        <groupId>com.vaadin</groupId>
        <artifactId>vaadin</artifactId>
    </dependency>
    <dependency>
        <groupId>com.vaadin</groupId>
        <artifactId>vaadin-spring-boot-starter</artifactId>
    </dependency>
在检查了@anasmi评论的教程后,发现包含oauth antmatcher的WebSecurity配置首先是错误的

现在可以观察到的效果是,spring security oauth2过滤器转发到/login,它不显示为vaadin路由配置的页面,而是显示一个默认页面,带有到github的授权链接

如果调试日志有助于了解发生的情况,请参阅以下调试日志:

onTranslationFilter     : Calling Authentication entry point.
uthenticationEntryPoint : Trying to match using AndRequestMatcher [requestMatchers=[NegatedRequestMatcher [requestMatcher=RequestHeaderRequestMatcher [expectedHeaderName=X-Requested-With, expectedHeaderValue=XMLHttpRequest]], MediaTypeRequestMatcher [contentNegotiationStrategy=org.springframework.web.accept.ContentNegotiationManager@5be8fdbf, matchingMediaTypes=[application/xhtml+xml, image/*, text/html, text/plain], useEquals=false, ignoredMediaTypes=[*/*]]]]
her.AndRequestMatcher   : Trying to match using NegatedRequestMatcher [requestMatcher=RequestHeaderRequestMatcher [expectedHeaderName=X-Requested-With, expectedHeaderValue=XMLHttpRequest]]
.NegatedRequestMatcher  : matches = true
her.AndRequestMatcher   : Trying to match using MediaTypeRequestMatcher [contentNegotiationStrategy=org.springframework.web.accept.ContentNegotiationManager@5be8fdbf, matchingMediaTypes=[application/xhtml+xml, image/*, text/html, text/plain], useEquals=false, ignoredMediaTypes=[*/*]]
TypeRequestMatcher      : httpRequestMediaTypes=[text/html, application/xhtml+xml, image/webp, application/xml;q=0.9, */*;q=0.8]
TypeRequestMatcher      : Processing text/html
TypeRequestMatcher      : application/xhtml+xml .isCompatibleWith text/html = false
TypeRequestMatcher      : image/* .isCompatibleWith text/html = false
TypeRequestMatcher      : text/html .isCompatibleWith text/html = true
her.AndRequestMatcher   : All requestMatchers returned true
uthenticationEntryPoint : Match found! Executing org.springframework.security.web.authentication.LoginUrlAuthenticationEntryPoint@20728225
RedirectStrategy        : Redirecting to 'http://localhost:8080/login'
iters.HstsHeaderWriter  : Not injecting HSTS header since it did not match the requestMatcher org.springframework.security.web.header.writers.HstsHeaderWriter$SecureRequestMatcher@169ed862
curityContextRepository : SecurityContext is empty or contents are anonymous - context will not be stored in HttpSession.
ontextPersistenceFilter : SecurityContextHolder now cleared, as request processing completed
.AntPathRequestMatcher  : Checking match of request : '/login'; against '/VAADIN/**'
.AntPathRequestMatcher  : Checking match of request : '/login'; against '/favicon.ico'
.AntPathRequestMatcher  : Checking match of request : '/login'; against '/robots.txt'
.AntPathRequestMatcher  : Checking match of request : '/login'; against '/manifest.webmanifest'
.AntPathRequestMatcher  : Checking match of request : '/login'; against '/sw.js'
.AntPathRequestMatcher  : Checking match of request : '/login'; against '/offline-page.html'
.AntPathRequestMatcher  : Checking match of request : '/login'; against '/icons/**'
.AntPathRequestMatcher  : Checking match of request : '/login'; against '/images/**'
.AntPathRequestMatcher  : Checking match of request : '/login'; against '/frontend/**'
.AntPathRequestMatcher  : Checking match of request : '/login'; against '/webjars/**'
.AntPathRequestMatcher  : Checking match of request : '/login'; against '/h2-console/**'
.AntPathRequestMatcher  : Checking match of request : '/login'; against '/frontend-es5/**'
.AntPathRequestMatcher  : Checking match of request : '/login'; against '/frontend-es6/**'
FilterChainProxy        : /login at position 1 of 15 in additional filter chain; firing Filter: 'WebAsyncManagerIntegrationFilter'
FilterChainProxy        : /login at position 2 of 15 in additional filter chain; firing Filter: 'SecurityContextPersistenceFilter'
curityContextRepository : HttpSession returned null object for SPRING_SECURITY_CONTEXT
curityContextRepository : No SecurityContext was available from the HttpSession: org.apache.catalina.session.StandardSessionFacade@2fe150b5. A new one will be created.
FilterChainProxy        : /login at position 3 of 15 in additional filter chain; firing Filter: 'HeaderWriterFilter'
FilterChainProxy        : /login at position 4 of 15 in additional filter chain; firing Filter: 'LogoutFilter'
tcher.OrRequestMatcher  : Trying to match using Ant [pattern='/logout', GET]
.AntPathRequestMatcher  : Checking match of request : '/login'; against '/logout'
tcher.OrRequestMatcher  : Trying to match using Ant [pattern='/logout', POST]
.AntPathRequestMatcher  : Request 'GET /login' doesn't match 'POST /logout'
tcher.OrRequestMatcher  : Trying to match using Ant [pattern='/logout', PUT]
.AntPathRequestMatcher  : Request 'GET /login' doesn't match 'PUT /logout'
tcher.OrRequestMatcher  : Trying to match using Ant [pattern='/logout', DELETE]
.AntPathRequestMatcher  : Request 'GET /login' doesn't match 'DELETE /logout'
tcher.OrRequestMatcher  : No matches found
FilterChainProxy        : /login at position 5 of 15 in additional filter chain; firing Filter: 'OAuth2AuthorizationRequestRedirectFilter'
.AntPathRequestMatcher  : Checking match of request : '/login'; against '/oauth2/authorization/{registrationId}'
FilterChainProxy        : /login at position 6 of 15 in additional filter chain; firing Filter: 'OAuth2LoginAuthenticationFilter'
.AntPathRequestMatcher  : Checking match of request : '/login'; against '/login/oauth2/code/*'
FilterChainProxy        : /login at position 7 of 15 in additional filter chain; firing Filter: 'UsernamePasswordAuthenticationFilter'
.AntPathRequestMatcher  : Request 'GET /login' doesn't match 'POST /login'
FilterChainProxy        : /login at position 8 of 15 in additional filter chain; firing Filter: 'DefaultLoginPageGeneratingFilter'
iters.HstsHeaderWriter  : Not injecting HSTS header since it did not match the requestMatcher org.springframework.security.web.header.writers.HstsHeaderWriter$SecureRequestMatcher@169ed862
curityContextRepository : SecurityContext is empty or contents are anonymous - context will not be stored in HttpSession.
ontextPersistenceFilter : SecurityContextHolder now cleared, as request processing completed
.AntPathRequestMatcher  : Checking match of request : '/oauth2/authorization/github'; against '/VAADIN/**'
.AntPathRequestMatcher  : Checking match of request : '/oauth2/authorization/github'; against '/favicon.ico'
.AntPathRequestMatcher  : Checking match of request : '/oauth2/authorization/github'; against '/robots.txt'
.AntPathRequestMatcher  : Checking match of request : '/oauth2/authorization/github'; against '/manifest.webmanifest'
.AntPathRequestMatcher  : Checking match of request : '/oauth2/authorization/github'; against '/sw.js'
.AntPathRequestMatcher  : Checking match of request : '/oauth2/authorization/github'; against '/offline-page.html'
.AntPathRequestMatcher  : Checking match of request : '/oauth2/authorization/github'; against '/icons/**'
.AntPathRequestMatcher  : Checking match of request : '/oauth2/authorization/github'; against '/images/**'
.AntPathRequestMatcher  : Checking match of request : '/oauth2/authorization/github'; against '/frontend/**'
.AntPathRequestMatcher  : Checking match of request : '/oauth2/authorization/github'; against '/webjars/**'
.AntPathRequestMatcher  : Checking match of request : '/oauth2/authorization/github'; against '/h2-console/**'
.AntPathRequestMatcher  : Checking match of request : '/oauth2/authorization/github'; against '/frontend-es5/**'
.AntPathRequestMatcher  : Checking match of request : '/oauth2/authorization/github'; against '/frontend-es6/**'
FilterChainProxy        : /oauth2/authorization/github at position 1 of 15 in additional filter chain; firing Filter: 'WebAsyncManagerIntegrationFilter'
FilterChainProxy        : /oauth2/authorization/github at position 2 of 15 in additional filter chain; firing Filter: 'SecurityContextPersistenceFilter'
curityContextRepository : HttpSession returned null object for SPRING_SECURITY_CONTEXT
curityContextRepository : No SecurityContext was available from the HttpSession: org.apache.catalina.session.StandardSessionFacade@2fe150b5. A new one will be created.
FilterChainProxy        : /oauth2/authorization/github at position 3 of 15 in additional filter chain; firing Filter: 'HeaderWriterFilter'
FilterChainProxy        : /oauth2/authorization/github at position 4 of 15 in additional filter chain; firing Filter: 'LogoutFilter'
tcher.OrRequestMatcher  : Trying to match using Ant [pattern='/logout', GET]
.AntPathRequestMatcher  : Checking match of request : '/oauth2/authorization/github'; against '/logout'
tcher.OrRequestMatcher  : Trying to match using Ant [pattern='/logout', POST]
.AntPathRequestMatcher  : Request 'GET /oauth2/authorization/github' doesn't match 'POST /logout'
tcher.OrRequestMatcher  : Trying to match using Ant [pattern='/logout', PUT]
.AntPathRequestMatcher  : Request 'GET /oauth2/authorization/github' doesn't match 'PUT /logout'
tcher.OrRequestMatcher  : Trying to match using Ant [pattern='/logout', DELETE]
.AntPathRequestMatcher  : Request 'GET /oauth2/authorization/github' doesn't match 'DELETE /logout'
tcher.OrRequestMatcher  : No matches found
FilterChainProxy        : /oauth2/authorization/github at position 5 of 15 in additional filter chain; firing Filter: 'OAuth2AuthorizationRequestRedirectFilter'
.AntPathRequestMatcher  : Checking match of request : '/oauth2/authorization/github'; against '/oauth2/authorization/{registrationId}'
.AntPathRequestMatcher  : Checking match of request : '/oauth2/authorization/github'; against '/oauth2/authorization/{registrationId}'
RedirectStrategy        : Redirecting to 'https://github.com/login/oauth/authorize?response_type=code&client_id=3a39e84cc95590698a1b&scope=read:user&state=yaVXu6gS7Zcwud2oT_SWsbkj-DbxxxqF46lQ%3D&redirect_uri=http://localhost:8080/login/oauth2/code/github'
iters.HstsHeaderWriter  : Not injecting HSTS header since it did not match the requestMatcher org.springframework.security.web.header.writers.HstsHeaderWriter$SecureRequestMatcher@169ed862
curityContextRepository : SecurityContext is empty or contents are anonymous - context will not be stored in HttpSession.
ontextPersistenceFilter : SecurityContextHolder now cleared, as request processing completed
.AntPathRequestMatcher  : Checking match of request : '/login/oauth2/code/github'; against '/VAADIN/**'
.AntPathRequestMatcher  : Checking match of request : '/login/oauth2/code/github'; against '/favicon.ico'
.AntPathRequestMatcher  : Checking match of request : '/login/oauth2/code/github'; against '/robots.txt'
.AntPathRequestMatcher  : Checking match of request : '/login/oauth2/code/github'; against '/manifest.webmanifest'
.AntPathRequestMatcher  : Checking match of request : '/login/oauth2/code/github'; against '/sw.js'
.AntPathRequestMatcher  : Checking match of request : '/login/oauth2/code/github'; against '/offline-page.html'
.AntPathRequestMatcher  : Checking match of request : '/login/oauth2/code/github'; against '/icons/**'
.AntPathRequestMatcher  : Checking match of request : '/login/oauth2/code/github'; against '/images/**'
.AntPathRequestMatcher  : Checking match of request : '/login/oauth2/code/github'; against '/frontend/**'
.AntPathRequestMatcher  : Checking match of request : '/login/oauth2/code/github'; against '/webjars/**'
.AntPathRequestMatcher  : Checking match of request : '/login/oauth2/code/github'; against '/h2-console/**'
.AntPathRequestMatcher  : Checking match of request : '/login/oauth2/code/github'; against '/frontend-es5/**'
.AntPathRequestMatcher  : Checking match of request : '/login/oauth2/code/github'; against '/frontend-es6/**'
FilterChainProxy        : /login/oauth2/code/github?code=c8b1870a2477fef6f032&state=yaVXu6gS7Zcwud2oT_SWsbkj-DbxxxqF46lQ%3D at position 1 of 15 in additional filter chain; firing Filter: 'WebAsyncManagerIntegrationFilter'
FilterChainProxy        : /login/oauth2/code/github?code=c8b1870a2477fef6f032&state=yaVXu6gS7Zcwud2oT_SWsbkj-DbxxxqF46lQ%3D at position 2 of 15 in additional filter chain; firing Filter: 'SecurityContextPersistenceFilter'
curityContextRepository : HttpSession returned null object for SPRING_SECURITY_CONTEXT
curityContextRepository : No SecurityContext was available from the HttpSession: org.apache.catalina.session.StandardSessionFacade@2fe150b5. A new one will be created.
FilterChainProxy        : /login/oauth2/code/github?code=c8b1870a2477fef6f032&state=yaVXu6gS7Zcwud2oT_SWsbkj-DbxxxqF46lQ%3D at position 3 of 15 in additional filter chain; firing Filter: 'HeaderWriterFilter'
FilterChainProxy        : /login/oauth2/code/github?code=c8b1870a2477fef6f032&state=yaVXu6gS7Zcwud2oT_SWsbkj-DbxxxqF46lQ%3D at position 4 of 15 in additional filter chain; firing Filter: 'LogoutFilter'
tcher.OrRequestMatcher  : Trying to match using Ant [pattern='/logout', GET]
.AntPathRequestMatcher  : Checking match of request : '/login/oauth2/code/github'; against '/logout'
tcher.OrRequestMatcher  : Trying to match using Ant [pattern='/logout', POST]
.AntPathRequestMatcher  : Request 'GET /login/oauth2/code/github' doesn't match 'POST /logout'
tcher.OrRequestMatcher  : Trying to match using Ant [pattern='/logout', PUT]
.AntPathRequestMatcher  : Request 'GET /login/oauth2/code/github' doesn't match 'PUT /logout'
tcher.OrRequestMatcher  : Trying to match using Ant [pattern='/logout', DELETE]
.AntPathRequestMatcher  : Request 'GET /login/oauth2/code/github' doesn't match 'DELETE /logout'
tcher.OrRequestMatcher  : No matches found
FilterChainProxy        : /login/oauth2/code/github?code=c8b1870a2477fef6f032&state=yaVXu6gS7Zcwud2oT_SWsbkj-DbxxxqF46lQ%3D at position 5 of 15 in additional filter chain; firing Filter: 'OAuth2AuthorizationRequestRedirectFilter'
.AntPathRequestMatcher  : Checking match of request : '/login/oauth2/code/github'; against '/oauth2/authorization/{registrationId}'
FilterChainProxy        : /login/oauth2/code/github?code=c8b1870a2477fef6f032&state=yaVXu6gS7Zcwud2oT_SWsbkj-DbxxxqF46lQ%3D at position 6 of 15 in additional filter chain; firing Filter: 'OAuth2LoginAuthenticationFilter'
.AntPathRequestMatcher  : Checking match of request : '/login/oauth2/code/github'; against '/login/oauth2/code/*'
ginAuthenticationFilter : Request is to process authentication
ion.ProviderManager     : Authentication attempt using org.springframework.security.oauth2.client.authentication.OAuth2LoginAuthenticationProvider
stTemplate              : HTTP POST https://github.com/login/oauth/access_token
stTemplate              : Accept=[application/json, application/*+json]
stTemplate              : Writing [{grant_type=[authorization_code], code=[c8b1870a2477fef6f032], redirect_uri=[http://localhost:8080/login/oauth2/code/github]}] as "application/x-www-form-urlencoded;charset=UTF-8"
stTemplate              : Response 200 OK
stTemplate              : Reading to [org.springframework.security.oauth2.core.endpoint.OAuth2AccessTokenResponse] as "application/json;charset=utf-8"
stTemplate              : HTTP GET https://api.github.com/user
stTemplate              : Accept=[application/json, application/*+json]
stTemplate              : Response 200 OK
stTemplate              : Reading to [java.util.Map<java.lang.String, java.lang.Object>]
nAuthenticationStrategy : Delegating to org.springframework.security.web.authentication.session.ChangeSessionIdAuthenticationStrategy@10bebcb4
ginAuthenticationFilter : Authentication success. Updating SecurityContextHolder to contain: org.springframework.security.oauth2.client.authentication.OAuth2AuthenticationToken@19bf8c7c
nticationSuccessHandler : Redirecting to DefaultSavedRequest Url: http://localhost:8080/
RedirectStrategy        : Redirecting to 'http://localhost:8080/'
iters.HstsHeaderWriter  : Not injecting HSTS header since it did not match the requestMatcher org.springframework.security.web.header.writers.HstsHeaderWriter$SecureRequestMatcher@169ed862
curityContextRepository : SecurityContext 'org.springframework.security.core.context.SecurityContextImpl@19bf8c7c'
ontextPersistenceFilter : SecurityContextHolder now cleared, as request processing completed
.AntPathRequestMatcher  : Checking match of request : '/'; against '/VAADIN/**'
.AntPathRequestMatcher  : Checking match of request : '/'; against '/favicon.ico'
.AntPathRequestMatcher  : Checking match of request : '/'; against '/robots.txt'
.AntPathRequestMatcher  : Checking match of request : '/'; against '/manifest.webmanifest'
.AntPathRequestMatcher  : Checking match of request : '/'; against '/sw.js'
.AntPathRequestMatcher  : Checking match of request : '/'; against '/offline-page.html'
.AntPathRequestMatcher  : Checking match of request : '/'; against '/icons/**'
.AntPathRequestMatcher  : Checking match of request : '/'; against '/images/**'
.AntPathRequestMatcher  : Checking match of request : '/'; against '/frontend/**'
.AntPathRequestMatcher  : Checking match of request : '/'; against '/webjars/**'
.AntPathRequestMatcher  : Checking match of request : '/'; against '/h2-console/**'
.AntPathRequestMatcher  : Checking match of request : '/'; against '/frontend-es5/**'
.AntPathRequestMatcher  : Checking match of request : '/'; against '/frontend-es6/**'
FilterChainProxy        : / at position 1 of 15 in additional filter chain; firing Filter: 'WebAsyncManagerIntegrationFilter'
FilterChainProxy        : / at position 2 of 15 in additional filter chain; firing Filter: 'SecurityContextPersistenceFilter'
curityContextRepository : Obtained a valid SecurityContext from SPRING_SECURITY_CONTEXT: 'org.springframework.security.core.context.SecurityContextImpl@19bf8c7c'
FilterChainProxy        : / at position 3 of 15 in additional filter chain; firing Filter: 'HeaderWriterFilter'
FilterChainProxy        : / at position 4 of 15 in additional filter chain; firing Filter: 'LogoutFilter'
tcher.OrRequestMatcher  : Trying to match using Ant [pattern='/logout', GET]
.AntPathRequestMatcher  : Checking match of request : '/'; against '/logout'
tcher.OrRequestMatcher  : Trying to match using Ant [pattern='/logout', POST]
.AntPathRequestMatcher  : Request 'GET /' doesn't match 'POST /logout'
tcher.OrRequestMatcher  : Trying to match using Ant [pattern='/logout', PUT]
.AntPathRequestMatcher  : Request 'GET /' doesn't match 'PUT /logout'
tcher.OrRequestMatcher  : Trying to match using Ant [pattern='/logout', DELETE]
.AntPathRequestMatcher  : Request 'GET /' doesn't match 'DELETE /logout'
tcher.OrRequestMatcher  : No matches found
FilterChainProxy        : / at position 5 of 15 in additional filter chain; firing Filter: 'OAuth2AuthorizationRequestRedirectFilter'
.AntPathRequestMatcher  : Checking match of request : '/'; against '/oauth2/authorization/{registrationId}'
FilterChainProxy        : / at position 6 of 15 in additional filter chain; firing Filter: 'OAuth2LoginAuthenticationFilter'
.AntPathRequestMatcher  : Checking match of request : '/'; against '/login/oauth2/code/*'
FilterChainProxy        : / at position 7 of 15 in additional filter chain; firing Filter: 'UsernamePasswordAuthenticationFilter'
.AntPathRequestMatcher  : Request 'GET /' doesn't match 'POST /login'
FilterChainProxy        : / at position 8 of 15 in additional filter chain; firing Filter: 'DefaultLoginPageGeneratingFilter'
FilterChainProxy        : / at position 9 of 15 in additional filter chain; firing Filter: 'DefaultLogoutPageGeneratingFilter'
.AntPathRequestMatcher  : Checking match of request : '/'; against '/logout'
FilterChainProxy        : / at position 10 of 15 in additional filter chain; firing Filter: 'RequestCacheAwareFilter'
SavedRequest            : pathInfo: both null (property equals)
SavedRequest            : queryString: both null (property equals)
SavedRequest            : requestURI: arg1=/; arg2=/ (property equals)
SavedRequest            : serverPort: arg1=8080; arg2=8080 (property equals)
SavedRequest            : requestURL: arg1=http://localhost:8080/; arg2=http://localhost:8080/ (property equals)
SavedRequest            : scheme: arg1=http; arg2=http (property equals)
SavedRequest            : serverName: arg1=localhost; arg2=localhost (property equals)
SavedRequest            : contextPath: arg1=; arg2= (property equals)
SavedRequest            : servletPath: arg1=/; arg2=/ (property equals)
FilterChainProxy        : / at position 11 of 15 in additional filter chain; firing Filter: 'SecurityContextHolderAwareRequestFilter'
FilterChainProxy        : / at position 12 of 15 in additional filter chain; firing Filter: 'AnonymousAuthenticationFilter'
FilterChainProxy        : / at position 13 of 15 in additional filter chain; firing Filter: 'SessionManagementFilter'
FilterChainProxy        : / at position 14 of 15 in additional filter chain; firing Filter: 'ExceptionTranslationFilter'
FilterChainProxy        : / at position 15 of 15 in additional filter chain; firing Filter: 'FilterSecurityInterceptor'
rSecurityInterceptor    : Secure object: FilterInvocation: URL: /; Attributes: [authenticated]
.AffirmativeBased       : Voter: org.springframework.security.web.access.expression.WebExpressionVoter@201c9f26, returned: 1
rSecurityInterceptor    : Authorization successful
rSecurityInterceptor    : RunAsManager did not change Authentication object
FilterChainProxy        : / reached end of additional filter chain; proceeding with original chain
ispatcherServlet        : GET "/", parameters={}
impleUrlHandlerMapping  : Mapped to org.springframework.web.servlet.mvc.ServletForwardingController@46beee3b
iters.HstsHeaderWriter  : Not injecting HSTS header since it did not match the requestMatcher org.springframework.security.web.header.writers.HstsHeaderWriter$SecureRequestMatcher@169ed862
ispatcherServlet        : Completed 200 OK
onTranslationFilter     : Chain processed normally
ontextPersistenceFilter : SecurityContextHolder now cleared, as request processing completed
.AntPathRequestMatcher  : Checking match of request : '/VAADIN/build/webcomponentsjs/webcomponents-loader.js'; against '/VAADIN/**'
FilterChainProxy        : /VAADIN/build/webcomponentsjs/webcomponents-loader.js has an empty filter list
ispatcherServlet        : GET "/VAADIN/build/webcomponentsjs/webcomponents-loader.js", parameters={}
impleUrlHandlerMapping  : Mapped to org.springframework.web.servlet.mvc.ServletForwardingController@46beee3b

onTranslationFilter:调用身份验证入口点。
AuthenticationEntryPoint:尝试使用AndRequestMatcher[requestMatchers=[NegatedRequestMatcher[requestMatcher=RequestHeaderRequestMatcher[expectedHeaderName=X-Requested-With,expectedHeaderValue=XMLHttpRequest]]和MediaTypeRequestMatcher进行匹配[contentNegotiationStrategy=org.springframework.web.accept。ContentNegotiationManager@5be8fdbf,matchingMediaTypes=[application/xhtml+xml,image/*,text/html,text/plain],useEquals=false,ignoredMediaTypes=[*/*]]
her.AndRequestMatcher:尝试使用NegatedRequestMatcher[requestMatcher=RequestHeaderRequestMatcher[expectedHeaderName=X-Requested-With,expectedHeaderValue=XMLHttpRequest]]进行匹配
.NegateRequestMatcher:matches=true
her.AndRequestMatcher:尝试使用MediaTypeRequestMatcher[contentNegotiationStrategy=org.springframework.web.accept]进行匹配。ContentNegotiationManager@5be8fdbf,matchingMediaTypes=[application/xhtml+xml,image/*,text/html,text/plain],useEquals=false,ignoredMediaTypes=[*/*]]
TypeRequestMatcher:httpRequestMediaTypes=[text/html,application/xhtml+xml,image/webp,application/xml;q=0.9,*/*;q=0.8]
TypeRequestMatcher:处理文本/html
TypeRequestMatcher:application/xhtml+xml.isCompatibleWith text/html=false
TypeRequestMatcher:image/*.isCompatibleWith text/html=false
TypeRequestMatcher:text/html.isCompatibleWith text/html=true
hers.AndRequestMatcher:所有请求匹配器都返回true
AuthenticationEntryPoint:找到匹配项!正在执行org.springframework.security.web.authentication。LoginUrlAuthenticationEntryPoint@20728225
重定向策略:重定向到'http://localhost:8080/login'
iters.HstsHeaderWriter:未注入HSTS标头,因为它与requestMatcher org.springframework.security.web.header.writers.HstsHeaderWriter不匹配$SecureRequestMatcher@169ed862
curityContextRepository:SecurityContext为空或内容为匿名-上下文不会存储在HttpSession中。
ContextPersistenceFilter:SecurityContextHolder现在已清除,因为请求处理已完成
.AntPathRequestMatcher:检查请求“/login”与“/VAADIN/**”的匹配
.AntPathRequestMatcher:检查请求“/login”与“/favicon.ico”的匹配
.AntPathRequestMatcher:检查请求“/login”与“/robots.txt”的匹配
.AntPathRequestMatcher:检查请求“/login”与“/manifest.webmanifest”的匹配
.AntPathRequestMatcher:检查请求“/login”与“/sw.js”的匹配
.AntPathRequestMatcher:检查请求“/login”;与“/offline page.html”的匹配
.AntPathRequestMatcher:检查请求“/login”与“/icons/**”的匹配
.AntPathRequestMatcher:检查请求“/login”与“/images/**”的匹配
.AntPathRequestMatcher:检查请求“/login”与“/frontend/**”的匹配
.AntPathRequestMatcher:检查请求“/login”与“/webjars/**”的匹配
.AntPathRequestMatcher:检查请求“/login”与“/h2 console/**”的匹配
.AntPathRequestMatcher:检查请求“/login”与“/frontend-es5/**”的匹配
.AntPathRequestMatcher:检查请求“/login”与“/frontend-es6/**”的匹配
FilterChainProxy:/在附加筛选器链中15个位置中的第1个位置登录;触发筛选器:“WebAsyncManagerIntegrationFilter”
FilterChainProxy:/登录到附加筛选器链中15个位置中的第2个;触发筛选器:“SecurityContextPersistenceFilter”
curityContextRepository:HttpSession为SPRING\u SECURITY\u上下文返回空对象
curityContextRepository:HttpSession:org.apache.catalina.session中没有可用的SecurityContext。StandardSessionFacade@2fe150b5.将创建一个新的。
FilterChainProxy:/在附加过滤器链中15个位置中的第3个位置登录;触发过滤器:“HeaderWriterFilter”
FilterChainProxy:/login位于附加过滤器链中15个位置中的第4个位置;触发过滤器:“LogoutFilter”
tcher.OrRequestMatcher:正在尝试使用Ant[pattern='/logout',GET]进行匹配
.AntPathRequestMatcher:检查请求“/login”与“/logout”的匹配
tcher.OrRequestMatcher:尝试使用Ant[pattern='/logout',POST]进行匹配
.AntPathRequestMatcher:请求“获取/登录”与“发布/注销”不匹配
tcher.OrRequestMatcher:尝试使用Ant[pattern='/logout',PUT]进行匹配
.AntPathRequestMatcher:请求“获取/登录”与“放置/注销”不匹配
tcher.OrRequestMatcher:正在尝试使用Ant[pattern='/logout',DELETE]进行匹配
.AntPathRequestMatcher:请求“获取/登录”与“删除/注销”不匹配
tcher.OrRequestMatcher:未找到匹配项
FilterChainProxy:/在附加filt中的15位中的第5位登录

 private void beforeEnter(BeforeEnterEvent event) {
    if (!LoginView.class.equals(event.getNavigationTarget()) // 
        && !SecurityUtils.isUserLoggedIn()) { // 
        event.rerouteTo(LoginView.class); // 
    }
}



   private void beforeEnter(BeforeEnterEvent event) {
        if (!LoginView.class.equals(event.getNavigationTarget()) && !**RegisterView.class.equals**(event.getNavigationTarget())//
                && !SecurityUtils.isUserLoggedIn()) { //
            event.rerouteTo(LoginView.class); // 
        }
    }