org.springframework.security.authentication.BadCredentialsException: The present

编程语言 2018-05-12 06:23:23 阅读次数: 0
  • spring security http配置
<http auto-config="true" use-expressions="true">
        <intercept-url pattern="/css/**" access="permitAll"/>
        <intercept-url pattern="/fonts/**" access="permitAll"/>
        <intercept-url pattern="/js/**" access="permitAll"/>
        <intercept-url pattern="/signup.html*" access="permitAll"/>
        <intercept-url pattern="/login.html*" access="permitAll"/>
        <intercept-url pattern="/**" access="hasRole('ROLE_USER')"/>

        <remember-me services-ref="enhancedTokenRememberMeServices"/>
        <form-login login-page="/login.html" default-target-url="/home.html" login-processing-url="/login"
                    username-parameter="username" password-parameter="password"/>
        <logout invalidate-session="true" logout-url="/logout" logout-success-url="/"/>
    </http>
  •  自定义remember me service 
    <beans:bean id="enhancedPersistentTokenBasedRememberMeServices" class="com.aasonwu.mycompany.EnhancedPersistentTokenBasedRememberMeServices">
        <beans:constructor-arg type="java.lang.String"
                               value="BoSk70Yar38~veg91DoCKs=sLaIn!metE55bURgs71rug;ILEa=Ikon79sept+ree$Fuel99baKER;wOe43JackS=TinS79babA73tiLmibs10bIsE*"/>
        <beans:constructor-arg type="org.springframework.security.core.userdetails.UserDetailsService"
                               ref="userDao"/>
        <beans:constructor-arg type="org.springframework.security.web.authentication.rememberme.PersistentTokenRepository"
                               ref="jdbcTokenRepository" />
        <beans:property name="cookieName" value="MYCOMPANY_REMEMBER_ME"/>
        <beans:property name="parameter" value="remember_me"/>
    </beans:bean>
     
  • 运行时遇到出错 
    org.springframework.security.authentication.BadCredentialsException: The presented RememberMeAuthenticationToken does not contain the expected key
	at org.springframework.security.authentication.RememberMeAuthenticationProvider.authenticate(RememberMeAuthenticationProvider.java:64) ~[RememberMeAuthenticationProvider.class:3.2.2.RELEASE]
	at org.springframework.security.authentication.ProviderManager.authenticate(ProviderManager.java:156) ~[ProviderManager.class:3.2.2.RELEASE]
	at org.springframework.security.web.authentication.rememberme.RememberMeAuthenticationFilter.doFilter(RememberMeAuthenticationFilter.java:102) ~[RememberMeAuthenticationFilter.class:3.2.2.RELEASE]
	at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342) [FilterChainProxy$VirtualFilterChain.class:3.2.2.RELEASE]
	at org.springframework.security.web.servletapi.SecurityContextHolderAwareRequestFilter.doFilter(SecurityContextHolderAwareRequestFilter.java:154) [SecurityContextHolderAwareRequestFilter.class:3.2.2.RELEASE]
	at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342) [FilterChainProxy$VirtualFilterChain.class:3.2.2.RELEASE]
	at org.springframework.security.web.savedrequest.RequestCacheAwareFilter.doFilter(RequestCacheAwareFilter.java:45) [RequestCacheAwareFilter.class:3.2.2.RELEASE]
	at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342) [FilterChainProxy$VirtualFilterChain.class:3.2.2.RELEASE]
	at org.springframework.security.web.authentication.www.BasicAuthenticationFilter.doFilter(BasicAuthenticationFilter.java:150) [BasicAuthenticationFilter.class:3.2.2.RELEASE]
	at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342) [FilterChainProxy$VirtualFilterChain.class:3.2.2.RELEASE]
	at org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter.doFilter(AbstractAuthenticationProcessingFilter.java:199) [AbstractAuthenticationProcessingFilter.class:3.2.2.RELEASE]
	at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342) [FilterChainProxy$VirtualFilterChain.class:3.2.2.RELEASE]
	at org.springframework.security.web.authentication.logout.LogoutFilter.doFilter(LogoutFilter.java:110) [LogoutFilter.class:3.2.2.RELEASE]
	at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342) [FilterChainProxy$VirtualFilterChain.class:3.2.2.RELEASE]
	at org.springframework.security.web.context.request.async.WebAsyncManagerIntegrationFilter.doFilterInternal(WebAsyncManagerIntegrationFilter.java:50) [WebAsyncManagerIntegrationFilter.class:3.2.2.RELEASE]
	at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:108) [OncePerRequestFilter.class:4.0.2.RELEASE]
	at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342) [FilterChainProxy$VirtualFilterChain.class:3.2.2.RELEASE]
	at org.springframework.security.web.context.SecurityContextPersistenceFilter.doFilter(SecurityContextPersistenceFilter.java:87) [SecurityContextPersistenceFilter.class:3.2.2.RELEASE]
	at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342) [FilterChainProxy$VirtualFilterChain.class:3.2.2.RELEASE]
	at org.springframework.security.web.FilterChainProxy.doFilterInternal(FilterChainProxy.java:192) [FilterChainProxy.class:3.2.2.RELEASE]
	at org.springframework.security.web.FilterChainProxy.doFilter(FilterChainProxy.java:160) [FilterChainProxy.class:3.2.2.RELEASE]
	at org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:344) [DelegatingFilterProxy.class:4.0.2.RELEASE]
	at org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:261) [DelegatingFilterProxy.class:4.0.2.RELEASE]
	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241) [catalina.jar:8.0.0-RC10]
	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208) [catalina.jar:8.0.0-RC10]
	at com.opensymphony.sitemesh.webapp.SiteMeshFilter.obtainContent(SiteMeshFilter.java:129) [SiteMeshFilter.class:na]
	at com.opensymphony.sitemesh.webapp.SiteMeshFilter.doFilter(SiteMeshFilter.java:77) [SiteMeshFilter.class:na]
	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241) [catalina.jar:8.0.0-RC10]
	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208) [catalina.jar:8.0.0-RC10]
	at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:221) [catalina.jar:8.0.0-RC10]
	at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:107) [catalina.jar:8.0.0-RC10]
	at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:504) [catalina.jar:8.0.0-RC10]
	at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:155) [catalina.jar:8.0.0-RC10]
	at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:76) [catalina.jar:8.0.0-RC10]
	at org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java:934) [catalina.jar:8.0.0-RC10]
	at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:90) [catalina.jar:8.0.0-RC10]
	at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:522) [catalina.jar:8.0.0-RC10]
	at org.apache.coyote.http11.AbstractHttp11Processor.process(AbstractHttp11Processor.java:1015) [tomcat-coyote.jar:8.0.0-RC10]
	at org.apache.coyote.AbstractProtocol$AbstractConnectionHandler.process(AbstractProtocol.java:646) [tomcat-coyote.jar:8.0.0-RC10]
	at org.apache.coyote.http11.Http11AprProtocol$Http11ConnectionHandler.process(Http11AprProtocol.java:277) [tomcat-coyote.jar:8.0.0-RC10]
	at org.apache.tomcat.util.net.AprEndpoint$SocketProcessor.doRun(AprEndpoint.java:2451) [tomcat-coyote.jar:8.0.0-RC10]
	at org.apache.tomcat.util.net.AprEndpoint$SocketProcessor.run(AprEndpoint.java:2440) [tomcat-coyote.jar:8.0.0-RC10]
	at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145) [na:1.7.0_51]
	at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615) [na:1.7.0_51]
	at java.lang.Thread.run(Thread.java:744) [na:1.7.0_51]
60123 [http-apr-8080-exec-1] DEBUG c.a.m.EnhancedTokenRememberMeServices - Interactive login attempt was unsuccessful.
60123 [http-apr-8080-exec-1] DEBUG c.a.m.EnhancedTokenRememberMeServices - Cancelling cookie
     
  • 解决问题方案。在remember-me 标签上添加key属性,与remember-me bean中的key相同,即可 
    <remember-me services-ref="enhancedTokenRememberMeServices"
                     key="BoSk70Yar38~veg91DoCKs=sLaIn!metE55bURgs71rug;ILEa=Ikon79sept+ree$Fuel99baKER;wOe43JackS=TinS79babA73tiLmibs10bIsE*"/>
     

猜你喜欢

转载自aasonwu.iteye.com/blog/2064601
今日推荐
探索 api.maynor1024.live:一站式 AI 服务平台
AI一键去衣技术:窥见深度学习在图像处理领域的革命(最后有彩蛋)
艾体宝案例 | 使用Redis和Spring Ai构建rag应用程序
Apple M1 vs 高通8Gen2 vs Apple A12Z各方面比较
【升职加薪必备架构图】Springboot学习路线汇总_springboot四层架构流程图
与Apollo共创生态:Apollo7周年大会自动驾驶生态利剑出鞘
Spring Boot 3.0:未来企业应用开发的基石
Java 的 AI 前景光明
国内首个智能体生态大会!2024百度万象大会定档5月30日
开源一周年,青语言新版发布
深入浅出:大型语言模型(LLM)的全面解读
顶会ICLR2024论文Time-LLM:基于大语言模型的时间序列预测
周排行
学习笔记(01):Python入门教程-计算机如何区分数字和字符
命令行提示符_颜色
五步轻松搞定Linux下的文件同步(备份)
Visio 2010,如何打开多个窗口
西安新起点|MBA考研十大热门城市
BiSeNet: Bilateral Segmentation Network for Real-time Semantic Segmentation
【蓝桥杯】ADV-73 数组输出
[DeeplearningAI笔记]卷积神经网络4.11一维和三维卷积
Java 逻辑运算符
Python爬虫入门——2. 5 利用正则表达式爬取豆瓣电影 Top 250
每日归档
更多
2024-06-01(60)
2024-05-31(47)
2024-05-30(4)
2024-05-29(65)
2024-05-28(2)
2024-05-27(56)
2024-05-26(6)
2024-05-25(68)
2024-05-24(65)
2024-05-23(9)

代码天地 © 2018 codetd.com

境外服务器   最新电视剧2022