When implementing Token login based on Spring Security, I encountered the problem shown in the figure above.
①Login->②Get token->③Use token to operate
Step ③An error is reported.
Finally, it was found that the token character was converted into an Authentication object when the front end was passed to the back end.
mistake!
correct!
correct!
I don't know why.
This is the code for creating the token in Step 1. It does not matter whether the third parameter is specified or not.
The object obtained in step 1 when it is wrong The object
obtained in step 3 when
it is wrong The object obtained in step 1 when
it is correct The object obtained in step 3
when it is correct The object (new ArrayList()) obtained in
step 1 when it is correct The object obtained by the step (new ArrayList())