-1
我已经使用Spring Spring Security登录AngularJS尝试了Spring Boot。问题是当我在登录后发布对象时,我会回到登录页面。Spring Boot + Spring Security使用AngularJS登录
登录
2017-02-20 18:06:35.738 DEBUG 5084 --- [nio-8080-exec-1] o.h.l.Loader : Done entity load
2017-02-20 18:06:35.739 DEBUG 5084 --- [nio-8080-exec-1] o.h.e.i.TwoPhaseLoad : Done materializing entity [com.sopiyan.uptd.entities.entity.User#10af7fb8-ad10-459c-b985-ec24744d4630]
2017-02-20 18:06:35.739 DEBUG 5084 --- [nio-8080-exec-1] o.s.o.j.EntityManagerFactoryUtils : Closing JPA EntityManager
2017-02-20 18:06:35.877 DEBUG 5084 --- [nio-8080-exec-1] o.s.b.f.s.DefaultListableBeanFactory : Returning cached instance of singleton bean 'delegatingApplicationListener'
2017-02-20 18:06:35.877 DEBUG 5084 --- [nio-8080-exec-1] o.s.b.f.s.DefaultListableBeanFactory : Returning cached instance of singleton bean 'authenticationAuditListener'
2017-02-20 18:06:35.878 DEBUG 5084 --- [nio-8080-exec-1] o.s.b.f.s.DefaultListableBeanFactory : Returning cached instance of singleton bean 'delegatingApplicationListener'
2017-02-20 18:06:35.878 DEBUG 5084 --- [nio-8080-exec-1] o.s.b.f.s.DefaultListableBeanFactory : Returning cached instance of singleton bean 'auditListener'
2017-02-20 18:06:35.878 DEBUG 5084 --- [nio-8080-exec-1] o.s.b.a.a.l.AuditListener : AuditEvent [timestamp=Mon Feb 20 18:06:35 ICT 2017, [email protected], type=AUTHENTICATION_SUCCESS, data={details=org.sprin[email protected]b364: RemoteIpAddress: 0:0:0:0:0:0:0:1; SessionId: null}]
2017-02-20 18:06:35.878 DEBUG 5084 --- [nio-8080-exec-1] s.CompositeSessionAuthenticationStrategy : Delegating to org.springframework.security.w[email protected]1144175
2017-02-20 18:06:35.878 DEBUG 5084 --- [nio-8080-exec-1] w.a.UsernamePasswordAuthenticationFilter : Authentication success. Updating SecurityContextHolder to contain: org.springframew[email protected]77cb72a0: Principal: [email protected]: Username: [email protected]; Password: [PROTECTED]; Enabled: true; AccountNonExpired: true; credentialsNonExpired: true; AccountNonLocked: true; Granted Authorities: ADMIN; Credentials: [PROTECTED]; Authenticated: true; Details: org.sprin[email protected]b364: RemoteIpAddress: 0:0:0:0:0:0:0:1; SessionId: null; Granted Authorities: ADMIN
2017-02-20 18:06:35.878 DEBUG 5084 --- [nio-8080-exec-1] o.s.s.w.a.r.TokenBasedRememberMeServices : Did not send remember-me cookie (principal did not set parameter 'remember-me')
2017-02-20 18:06:35.878 DEBUG 5084 --- [nio-8080-exec-1] o.s.s.w.a.r.TokenBasedRememberMeServices : Remember-me login not requested.
2017-02-20 18:06:35.879 DEBUG 5084 --- [nio-8080-exec-1] o.s.b.f.s.DefaultListableBeanFactory : Returning cached instance of singleton bean 'delegatingApplicationListener'
2017-02-20 18:06:35.879 DEBUG 5084 --- [nio-8080-exec-1] o.s.b.f.s.DefaultListableBeanFactory : Returning cached instance of singleton bean 'authenticationAuditListener'
2017-02-20 18:06:36.036 DEBUG 5084 --- [nio-8080-exec-1] o.s.b.f.s.DefaultListableBeanFactory : Creating instance of bean 'com.fasterxml.jackson.databind.ser.std.DateSerializer'
2017-02-20 18:06:36.038 DEBUG 5084 --- [nio-8080-exec-1] o.s.b.f.s.DefaultListableBeanFactory : Returning cached instance of singleton bean 'org.springframework.transaction.config.internalTransactionAdvisor'
2017-02-20 18:06:36.068 DEBUG 5084 --- [nio-8080-exec-1] o.s.b.f.s.DefaultListableBeanFactory : Returning cached instance of singleton bean 'org.springframework.transaction.config.internalTransactionAdvisor'
2017-02-20 18:06:36.068 DEBUG 5084 --- [nio-8080-exec-1] o.s.b.f.s.DefaultListableBeanFactory : Returning cached instance of singleton bean 'org.springframework.transaction.config.internalTransactionAdvisor'
2017-02-20 18:06:36.070 DEBUG 5084 --- [nio-8080-exec-1] o.s.b.f.s.DefaultListableBeanFactory : Finished creating instance of bean 'com.fasterxml.jackson.databind.ser.std.DateSerializer'
2017-02-20 18:06:36.077 DEBUG 5084 --- [nio-8080-exec-1] w.c.HttpSessionSecurityContextRepository : HttpSession being created as SecurityContext is non-default
2017-02-20 18:06:36.086 DEBUG 5084 --- [nio-8080-exec-1] w.c.HttpSessionSecurityContextRepository : SecurityContext '[email protected]cb72a0: Authentication: org.springframew[email protected]77cb72a0: Principal: [email protected]: Username: [email protected]; Password: [PROTECTED]; Enabled: true; AccountNonExpired: true; credentialsNonExpired: true; AccountNonLocked: true; Granted Authorities: ADMIN; Credentials: [PROTECTED]; Authenticated: true; Details: org.sprin[email protected]b364: RemoteIpAddress: 0:0:0:0:0:0:0:1; SessionId: null; Granted Authorities: ADMIN' stored to HttpSession: '[email protected]
2017-02-20 18:06:36.086 DEBUG 5084 --- [nio-8080-exec-1] s.s.w.c.SecurityContextPersistenceFilter : SecurityContextHolder now cleared, as request processing completed
2017-02-20 18:06:36.086 DEBUG 5084 --- [nio-8080-exec-1] o.s.b.w.f.OrderedRequestContextFilter : Cleared thread-bound request context: [email protected]
2017-02-20 18:06:48.699 DEBUG 5084 --- [nio-8080-exec-4] o.s.b.w.f.OrderedRequestContextFilter : Bound request context to thread: [email protected]
2017-02-20 18:06:48.700 DEBUG 5084 --- [nio-8080-exec-4] o.s.s.w.FilterChainProxy : /dashboard/kategori at position 1 of 13 in additional filter chain; firing Filter: 'WebAsyncManagerIntegrationFilter'
2017-02-20 18:06:48.701 DEBUG 5084 --- [nio-8080-exec-4] o.s.s.w.FilterChainProxy : /dashboard/kategori at position 2 of 13 in additional filter chain; firing Filter: 'SecurityContextPersistenceFilter'
2017-02-20 18:06:48.701 DEBUG 5084 --- [nio-8080-exec-4] w.c.HttpSessionSecurityContextRepository : No HttpSession currently exists
2017-02-20 18:06:48.701 DEBUG 5084 --- [nio-8080-exec-4] w.c.HttpSessionSecurityContextRepository : No SecurityContext was available from the HttpSession: null. A new one will be created.
2017-02-20 18:06:48.701 DEBUG 5084 --- [nio-8080-exec-4] o.s.s.w.FilterChainProxy : /dashboard/kategori at position 3 of 13 in additional filter chain; firing Filter: 'HeaderWriterFilter'
2017-02-20 18:06:48.701 DEBUG 5084 --- [nio-8080-exec-4] o.s.s.w.h.w.HstsHeaderWriter : Not injecting HSTS header since it did not match the requestMatcher org.springframework.se[email protected]f54084
2017-02-20 18:06:48.701 DEBUG 5084 --- [nio-8080-exec-4] o.s.s.w.FilterChainProxy : /dashboard/kategori at position 4 of 13 in additional filter chain; firing Filter: 'LogoutFilter'
2017-02-20 18:06:48.702 DEBUG 5084 --- [nio-8080-exec-4] o.s.s.w.u.m.OrRequestMatcher : Trying to match using Ant [pattern='/logout', GET]
2017-02-20 18:06:48.702 DEBUG 5084 --- [nio-8080-exec-4] o.s.s.w.u.m.AntPathRequestMatcher : Request 'POST /dashboard/kategori' doesn't match 'GET /logout
2017-02-20 18:06:48.702 DEBUG 5084 --- [nio-8080-exec-4] o.s.s.w.u.m.OrRequestMatcher : Trying to match using Ant [pattern='/logout', POST]
2017-02-20 18:06:48.703 DEBUG 5084 --- [nio-8080-exec-4] o.s.s.w.u.m.AntPathRequestMatcher : Checking match of request : '/dashboard/kategori'; against '/logout'
2017-02-20 18:06:48.703 DEBUG 5084 --- [nio-8080-exec-4] o.s.s.w.u.m.OrRequestMatcher : Trying to match using Ant [pattern='/logout', PUT]
2017-02-20 18:06:48.703 DEBUG 5084 --- [nio-8080-exec-4] o.s.s.w.u.m.AntPathRequestMatcher : Request 'POST /dashboard/kategori' doesn't match 'PUT /logout
2017-02-20 18:06:48.703 DEBUG 5084 --- [nio-8080-exec-4] o.s.s.w.u.m.OrRequestMatcher : Trying to match using Ant [pattern='/logout', DELETE]
2017-02-20 18:06:48.703 DEBUG 5084 --- [nio-8080-exec-4] o.s.s.w.u.m.AntPathRequestMatcher : Request 'POST /dashboard/kategori' doesn't match 'DELETE /logout
2017-02-20 18:06:48.704 DEBUG 5084 --- [nio-8080-exec-4] o.s.s.w.u.m.OrRequestMatcher : No matches found
2017-02-20 18:06:48.704 DEBUG 5084 --- [nio-8080-exec-4] o.s.s.w.FilterChainProxy : /dashboard/kategori at position 5 of 13 in additional filter chain; firing Filter: 'UsernamePasswordAuthenticationFilter'
2017-02-20 18:06:48.704 DEBUG 5084 --- [nio-8080-exec-4] o.s.s.w.u.m.AntPathRequestMatcher : Checking match of request : '/dashboard/kategori'; against '/login'
2017-02-20 18:06:48.704 DEBUG 5084 --- [nio-8080-exec-4] o.s.s.w.FilterChainProxy : /dashboard/kategori at position 6 of 13 in additional filter chain; firing Filter: 'DefaultLoginPageGeneratingFilter'
2017-02-20 18:06:48.704 DEBUG 5084 --- [nio-8080-exec-4] o.s.s.w.FilterChainProxy : /dashboard/kategori at position 7 of 13 in additional filter chain; firing Filter: 'RequestCacheAwareFilter'
2017-02-20 18:06:48.704 DEBUG 5084 --- [nio-8080-exec-4] o.s.s.w.FilterChainProxy : /dashboard/kategori at position 8 of 13 in additional filter chain; firing Filter: 'SecurityContextHolderAwareRequestFilter'
2017-02-20 18:06:48.706 DEBUG 5084 --- [nio-8080-exec-4] o.s.s.w.FilterChainProxy : /dashboard/kategori at position 9 of 13 in additional filter chain; firing Filter: 'RememberMeAuthenticationFilter'
2017-02-20 18:06:48.706 DEBUG 5084 --- [nio-8080-exec-4] o.s.s.w.FilterChainProxy : /dashboard/kategori at position 10 of 13 in additional filter chain; firing Filter: 'AnonymousAuthenticationFilter'
2017-02-20 18:06:48.707 DEBUG 5084 --- [nio-8080-exec-4] o.s.s.w.a.AnonymousAuthenticationFilter : Populated SecurityContextHolder with anonymous token: 'org.sprin[email protected]9055c2bc: Principal: anonymousUser; Credentials: [PROTECTED]; Authenticated: true; Details: org.sprin[email protected]b364: RemoteIpAddress: 0:0:0:0:0:0:0:1; SessionId: null; Granted Authorities: ROLE_ANONYMOUS'
2017-02-20 18:06:48.707 DEBUG 5084 --- [nio-8080-exec-4] o.s.s.w.FilterChainProxy : /dashboard/kategori at position 11 of 13 in additional filter chain; firing Filter: 'SessionManagementFilter'
2017-02-20 18:06:48.707 DEBUG 5084 --- [nio-8080-exec-4] o.s.s.w.FilterChainProxy : /dashboard/kategori at position 12 of 13 in additional filter chain; firing Filter: 'ExceptionTranslationFilter'
2017-02-20 18:06:48.707 DEBUG 5084 --- [nio-8080-exec-4] o.s.s.w.FilterChainProxy : /dashboard/kategori at position 13 of 13 in additional filter chain; firing Filter: 'FilterSecurityInterceptor'
2017-02-20 18:06:48.708 DEBUG 5084 --- [nio-8080-exec-4] o.s.s.w.u.m.OrRequestMatcher : Trying to match using Ant [pattern='/logout', GET]
2017-02-20 18:06:48.708 DEBUG 5084 --- [nio-8080-exec-4] o.s.s.w.u.m.AntPathRequestMatcher : Request 'POST /dashboard/kategori' doesn't match 'GET /logout
2017-02-20 18:06:48.708 DEBUG 5084 --- [nio-8080-exec-4] o.s.s.w.u.m.OrRequestMatcher : Trying to match using Ant [pattern='/logout', POST]
2017-02-20 18:06:48.708 DEBUG 5084 --- [nio-8080-exec-4] o.s.s.w.u.m.AntPathRequestMatcher : Checking match of request : '/dashboard/kategori'; against '/logout'
2017-02-20 18:06:48.708 DEBUG 5084 --- [nio-8080-exec-4] o.s.s.w.u.m.OrRequestMatcher : Trying to match using Ant [pattern='/logout', PUT]
2017-02-20 18:06:48.708 DEBUG 5084 --- [nio-8080-exec-4] o.s.s.w.u.m.AntPathRequestMatcher : Request 'POST /dashboard/kategori' doesn't match 'PUT /logout
2017-02-20 18:06:48.708 DEBUG 5084 --- [nio-8080-exec-4] o.s.s.w.u.m.OrRequestMatcher : Trying to match using Ant [pattern='/logout', DELETE]
2017-02-20 18:06:48.708 DEBUG 5084 --- [nio-8080-exec-4] o.s.s.w.u.m.AntPathRequestMatcher : Request 'POST /dashboard/kategori' doesn't match 'DELETE /logout
2017-02-20 18:06:48.708 DEBUG 5084 --- [nio-8080-exec-4] o.s.s.w.u.m.OrRequestMatcher : No matches found
2017-02-20 18:06:48.708 DEBUG 5084 --- [nio-8080-exec-4] o.s.s.w.u.m.AntPathRequestMatcher : Checking match of request : '/dashboard/kategori'; against '/'
2017-02-20 18:06:48.708 DEBUG 5084 --- [nio-8080-exec-4] o.s.s.w.u.m.AntPathRequestMatcher : Checking match of request : '/dashboard/kategori'; against '/login'
2017-02-20 18:06:48.708 DEBUG 5084 --- [nio-8080-exec-4] o.s.s.w.u.m.AntPathRequestMatcher : Checking match of request : '/dashboard/kategori'; against '/assets/**'
2017-02-20 18:06:48.708 DEBUG 5084 --- [nio-8080-exec-4] o.s.s.w.u.m.AntPathRequestMatcher : Checking match of request : '/dashboard/kategori'; against '/public/**'
2017-02-20 18:06:48.708 DEBUG 5084 --- [nio-8080-exec-4] o.s.s.w.u.m.AntPathRequestMatcher : Checking match of request : '/dashboard/kategori'; against '/upload/**'
2017-02-20 18:06:48.708 DEBUG 5084 --- [nio-8080-exec-4] o.s.s.w.u.m.AntPathRequestMatcher : Checking match of request : '/dashboard/kategori'; against '/dashboard/**'
2017-02-20 18:06:48.708 DEBUG 5084 --- [nio-8080-exec-4] o.s.s.w.a.i.FilterSecurityInterceptor : Secure object: FilterInvocation: URL: /dashboard/kategori; Attributes: [hasAuthority('ADMIN')]
2017-02-20 18:06:48.708 DEBUG 5084 --- [nio-8080-exec-4] o.s.s.w.a.i.FilterSecurityInterceptor : Previously Authenticated: org.sprin[email protected]9055c2bc: Principal: anonymousUser; Credentials: [PROTECTED]; Authenticated: true; Details: org.sprin[email protected]b364: RemoteIpAddress: 0:0:0:0:0:0:0:1; SessionId: null; Granted Authorities: ROLE_ANONYMOUS
2017-02-20 18:06:48.724 DEBUG 5084 --- [nio-8080-exec-4] o.s.s.a.v.AffirmativeBased : Voter: org.sp[email protected]176f32b, returned: -1
2017-02-20 18:06:48.742 DEBUG 5084 --- [nio-8080-exec-4] o.s.b.f.s.DefaultListableBeanFactory : Returning cached instance of singleton bean 'delegatingApplicationListener'
2017-02-20 18:06:48.742 DEBUG 5084 --- [nio-8080-exec-4] o.s.b.f.s.DefaultListableBeanFactory : Returning cached instance of singleton bean 'authorizationAuditListener'
2017-02-20 18:06:48.743 DEBUG 5084 --- [nio-8080-exec-4] o.s.b.a.a.l.AuditListener : AuditEvent [timestamp=Mon Feb 20 18:06:48 ICT 2017, principal=anonymousUser, type=AUTHORIZATION_FAILURE, data={details=org.sprin[email protected]b364: RemoteIpAddress: 0:0:0:0:0:0:0:1; SessionId: null, type=org.springframework.security.access.AccessDeniedException, message=Access is denied}]
2017-02-20 18:06:48.743 DEBUG 5084 --- [nio-8080-exec-4] o.s.s.w.a.ExceptionTranslationFilter : Access is denied (user is anonymous); redirecting to authentication entry point
org.springframework.security.access.AccessDeniedException: Access is denied
at org.springframework.security.access.vote.AffirmativeBased.decide(AffirmativeBased.java:84)
at org.springframework.security.access.intercept.AbstractSecurityInterceptor.beforeInvocation(AbstractSecurityInterceptor.java:233)
at org.springframework.security.web.access.intercept.FilterSecurityInterceptor.invoke(FilterSecurityInterceptor.java:124)
at org.springframework.security.web.access.intercept.FilterSecurityInterceptor.doFilter(FilterSecurityInterceptor.java:91)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:331)
at org.springframework.security.web.access.ExceptionTranslationFilter.doFilter(ExceptionTranslationFilter.java:114)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:331)
at org.springframework.security.web.session.SessionManagementFilter.doFilter(SessionManagementFilter.java:137)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:331)
at org.springframework.security.web.authentication.AnonymousAuthenticationFilter.doFilter(AnonymousAuthenticationFilter.java:111)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:331)
at org.springframework.security.web.authentication.rememberme.RememberMeAuthenticationFilter.doFilter(RememberMeAuthenticationFilter.java:150)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:331)
at org.springframework.security.web.servletapi.SecurityContextHolderAwareRequestFilter.doFilter(SecurityContextHolderAwareRequestFilter.java:170)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:331)
at org.springframework.security.web.savedrequest.RequestCacheAwareFilter.doFilter(RequestCacheAwareFilter.java:63)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:331)
at org.springframework.security.web.authentication.ui.DefaultLoginPageGeneratingFilter.doFilter(DefaultLoginPageGeneratingFilter.java:177)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:331)
at org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter.doFilter(AbstractAuthenticationProcessingFilter.java:200)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:331)
at org.springframework.security.web.authentication.logout.LogoutFilter.doFilter(LogoutFilter.java:116)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:331)
at org.springframework.security.web.header.HeaderWriterFilter.doFilterInternal(HeaderWriterFilter.java:64)
at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:331)
at org.springframework.security.web.context.SecurityContextPersistenceFilter.doFilter(SecurityContextPersistenceFilter.java:105)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:331)
at org.springframework.security.web.context.request.async.WebAsyncManagerIntegrationFilter.doFilterInternal(WebAsyncManagerIntegrationFilter.java:56)
at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:331)
at org.springframework.security.web.FilterChainProxy.doFilterInternal(FilterChainProxy.java:214)
at org.springframework.security.web.FilterChainProxy.doFilter(FilterChainProxy.java:177)
at org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:346)
at org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:262)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:192)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:165)
at org.springframework.web.filter.RequestContextFilter.doFilterInternal(RequestContextFilter.java:99)
at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:192)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:165)
at org.springframework.web.filter.HttpPutFormContentFilter.doFilterInternal(HttpPutFormContentFilter.java:105)
at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:192)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:165)
at org.springframework.web.filter.HiddenHttpMethodFilter.doFilterInternal(HiddenHttpMethodFilter.java:81)
at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:192)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:165)
at org.springframework.web.filter.CharacterEncodingFilter.doFilterInternal(CharacterEncodingFilter.java:197)
at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:192)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:165)
at org.springframework.boot.actuate.autoconfigure.MetricsFilter.doFilterInternal(MetricsFilter.java:106)
at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:192)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:165)
at com.sopiyan.uptd.config.security.UptdCorsFilter.doFilterInternal(UptdCorsFilter.java:103)
at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:192)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:165)
at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:198)
at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:96)
at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:474)
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:140)
at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:79)
at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:87)
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:349)
at org.apache.coyote.http11.Http11Processor.service(Http11Processor.java:783)
at org.apache.coyote.AbstractProcessorLight.process(AbstractProcessorLight.java:66)
at org.apache.coyote.AbstractProtocol$ConnectionHandler.process(AbstractProtocol.java:798)
at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1434)
at org.apache.tomcat.util.net.SocketProcessorBase.run(SocketProcessorBase.java:49)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617)
at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61)
at java.lang.Thread.run(Thread.java:745)
2017-02-20 18:06:48.752 DEBUG 5084 --- [nio-8080-exec-4] o.s.s.w.u.m.AndRequestMatcher : Trying to match using NegatedRequestMatcher [requestMatcher=Ant [pattern='/**/favicon.ico']]
2017-02-20 18:06:48.752 DEBUG 5084 --- [nio-8080-exec-4] o.s.s.w.u.m.AntPathRequestMatcher : Checking match of request : '/dashboard/kategori'; against '/**/favicon.ico'
2017-02-20 18:06:48.753 DEBUG 5084 --- [nio-8080-exec-4] o.s.s.w.u.m.NegatedRequestMatcher : matches = true
2017-02-20 18:06:48.753 DEBUG 5084 --- [nio-8080-exec-4] o.s.s.w.u.m.AndRequestMatcher : Trying to match using NegatedRequestMatcher [requestMatcher=MediaTypeRequestMatcher [contentNegotiationSt[email protected]1a6a2d0, matchingMediaTypes=[application/json], useEquals=false, ignoredMediaTypes=[*/*]]]
2017-02-20 18:06:48.756 DEBUG 5084 --- [nio-8080-exec-4] o.s.s.w.u.m.MediaTypeRequestMatcher : httpRequestMediaTypes=[application/json, text/plain, */*]
2017-02-20 18:06:48.756 DEBUG 5084 --- [nio-8080-exec-4] o.s.s.w.u.m.MediaTypeRequestMatcher : Processing application/json
2017-02-20 18:06:48.756 DEBUG 5084 --- [nio-8080-exec-4] o.s.s.w.u.m.MediaTypeRequestMatcher : application/json .isCompatibleWith application/json = true
2017-02-20 18:06:48.756 DEBUG 5084 --- [nio-8080-exec-4] o.s.s.w.u.m.NegatedRequestMatcher : matches = false
2017-02-20 18:06:48.756 DEBUG 5084 --- [nio-8080-exec-4] o.s.s.w.u.m.AndRequestMatcher : Did not match
2017-02-20 18:06:48.756 DEBUG 5084 --- [nio-8080-exec-4] o.s.s.w.s.HttpSessionRequestCache : Request not saved as configured RequestMatcher did not match
2017-02-20 18:06:48.756 DEBUG 5084 --- [nio-8080-exec-4] o.s.s.w.a.ExceptionTranslationFilter : Calling Authentication entry point.
2017-02-20 18:06:48.758 DEBUG 5084 --- [nio-8080-exec-4] o.s.s.w.DefaultRedirectStrategy : Redirecting to 'http://localhost:8080/login'
2017-02-20 18:06:48.758 DEBUG 5084 --- [nio-8080-exec-4] w.c.HttpSessionSecurityContextRepository : SecurityContext is empty or contents are anonymous - context will not be stored in HttpSession.
2017-02-20 18:06:48.777 DEBUG 5084 --- [nio-8080-exec-4] s.s.w.c.SecurityContextPersistenceFilter : SecurityContextHolder now cleared, as request processing completed
2017-02-20 18:06:48.778 DEBUG 5084 --- [nio-8080-exec-4] o.s.b.w.f.OrderedRequestContextFilter : Cleared thread-bound request context: [email protected]
安全配置
@Override
protected void configure(HttpSecurity http) throws Exception {
http.authorizeRequests()
.antMatchers("/","/login", "/assets/**","/public/**","/upload/**")
.permitAll()
.antMatchers("/dashboard/**").hasAuthority("ADMIN")
.antMatchers("/secure2/**").hasAnyRole("ADMIN", "PENGRAJIN")
.anyRequest()
.authenticated()
.and()
.formLogin()
.successHandler(authenticationSuccesHandler)
.failureHandler(authenticationFailureHandler())
.usernameParameter("email")
.permitAll()
.and()
.logout()
.logoutSuccessHandler(logoutSucessHandler)
.deleteCookies("ingatsaya")
.permitAll()
.and()
.rememberMe()
.tokenValiditySeconds(31536000)
.and()
.csrf().disable();
}
错误消息
XMLHttpRequest cannot load http://localhost:8080/dashboard/kategori . Redirect from ' http://localhost:8080/dashboard/kategori ' to ' http://localhost:8080/login ' has been blocked by CORS policy: Request requires preflight, which is disallowed to follow cross-origin redirect
个步骤
- 登录成功
- 当
POST一些数据,我得到一个错误