Spring报错解决一览

Spring错误持续更新贴...

问题一

springcloud-OAuth2.0配置的时候报错

Method springSecurityFilterChain in org.springframework.security.config.annotation.web.configuration.WebSecurityConfiguration required a bean of type 'org.springframework.boot.autoconfigure.security.oauth2.resource.UserInfoRestTemplateFactory' that could not be found.

The following candidates were found but could not be injected:

  • Bean method 'userInfoRestTemplateFactory' in 'ResourceServerTokenServicesConfiguration' not loaded because @ConditionalOnMissingBean (types: org.springframework.security.oauth2.config.annotation.web.configuration.AuthorizationServerEndpointsConfiguration; SearchStrategy: all) found beans of type 'org.springframework.security.oauth2.config.annotation.web.configuration.AuthorizationServerEndpointsConfiguration' org.springframework.security.oauth2.config.annotation.web.configuration.AuthorizationServerEndpointsConfiguration

Action:

Consider revisiting the entries above or defining a bean of type 'org.springframework.boot.autoconfigure.security.oauth2.resource.UserInfoRestTemplateFactory' in your configuration.

问题原因:

(1)做服务器端OAuth,引用了客户端的相关jar,并且还没有配置;

问题二:

spring cloud security oauth2.0 默认是禁用Client模式进行授权的;Oauth2.0 client模式无法授权;

allowFormAuthenticationForClients()方法开启;

问题三:

密码模式获取token的情况下, Basic校验写错了

{

"timestamp": "2019-05-16T15:31:11.450+0000",

"status": 401,

"error": "Unauthorized",

"message": "Unauthorized",

"path": "/oauth/token"

}

解决: 这个一种情况是Basic用户名密码写错了,在拦截器BasicAuthenticationFilter中校验不通过抛出异常

问题三:springSeurity明明配置了password授权,但是在做改动的时候提示如下

{

"error": "unsupported_grant_type",

"error_description": "Unsupported grant type: password"

}

解答:AuthorizationServerEndpointsConfigurer类中获取所有的granter的时候,需要判断authenticationmananager是否为空,才能默认加载password权限分配器

问题四:

java.lang.IllegalStateException: Cannot apply org.springframework.security.config.annotation.web.configurers.ExpressionUrlAuthorizationConfigurer@6d8b7ea9 to already built object

at org.springframework.security.config.annotation.AbstractConfiguredSecurityBuilder.add(AbstractConfiguredSecurityBuilder.java:196) ~spring-security-config-5.1.4.RELEASE.jar:5.1.4.RELEASE

at org.springframework.security.config.annotation.AbstractConfiguredSecurityBuilder.apply(AbstractConfiguredSecurityBuilder.java:133) ~spring-security-config-5.1.4.RELEASE.jar:5.1.4.RELEASE

at org.springframework.security.config.annotation.web.builders.HttpSecurity.getOrApply(HttpSecurity.java:1501) ~spring-security-config-5.1.4.RELEASE.jar:5.1.4.RELEASE

at org.springframework.security.config.annotation.web.builders.HttpSecurity.authorizeRequests(HttpSecurity.java:654) ~spring-security-config-5.1.4.RELEASE.jar:5.1.4.RELEASE

at org.springframework.security.oauth2.config.annotation.web.configurers.ResourceServerSecurityConfigurer.configure(ResourceServerSecurityConfigurer.java:222) ~spring-security-oauth2-2.3.4.RELEASE.jar:na

at org.springframework.security.oauth2.config.annotation.web.configurers.ResourceServerSecurityConfigurer.configure(ResourceServerSecurityConfigurer.java:59) ~spring-security-oauth2-2.3.4.RELEASE.jar:na

at org.springframework.security.config.annotation.AbstractConfiguredSecurityBuilder.configure(AbstractConfiguredSecurityBuilder.java:384) ~spring-security-config-5.1.4.RELEASE.jar:5.1.4.RELEASE

at org.springframework.security.config.annotation.AbstractConfiguredSecurityBuilder.doBuild(AbstractConfiguredSecurityBuilder.java:330) ~spring-security-config-5.1.4.RELEASE.jar:5.1.4.RELEASE

at org.springframework.security.config.annotation.AbstractSecurityBuilder.build(AbstractSecurityBuilder.java:41) ~spring-security-config-5.1.4.RELEASE.jar:5.1.4.RELEASE

at org.springframework.security.config.annotation.web.builders.WebSecurity.performBuild(WebSecurity.java:294) ~spring-security-config-5.1.4.RELEASE.jar:5.1.4.RELEASE

at org.springframework.security.config.annotation.web.builders.WebSecurity.performBuild(WebSecurity.java:79) ~spring-security-config-5.1.4.RELEASE.jar:5.1.4.RELEASE

at org.springframework.security.config.annotation.AbstractConfiguredSecurityBuilder.doBuild(AbstractConfiguredSecurityBuilder.java:334) ~spring-security-config-5.1.4.RELEASE.jar:5.1.4.RELEASE

at org.springframework.security.config.annotation.AbstractSecurityBuilder.build(AbstractSecurityBuilder.java:41) ~spring-security-config-5.1.4.RELEASE.jar:5.1.4.RELEASE

at org.springframework.security.config.annotation.web.configuration.WebSecurityConfiguration.springSecurityFilterChain(WebSecurityConfiguration.java:104) ~spring-security-config-5.1.4.RELEASE.jar:5.1.4.RELEASE

at org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurationEnhancerBySpringCGLIBEnhancerBySpringCGLIBEnhancerBySpringCGLIB415a6f9.CGLIB$springSecurityFilterChainKaTeX parse error: Undefined control sequence: \ at position 17: ...(\) \~\\̲\[̲spring-security...EnhancerBySpringCGLIBEnhancerBySpringCGLIBEnhancerBySpringCGLIB415a6f9415a6f9415a6f9FastClassBySpringCGLIBFastClassBySpringCGLIBFastClassBySpringCGLIBKaTeX parse error: Undefined control sequence: \\\[ at position 31: ...(\) \~\\̲\[̲spring-security...BeanMethodInterceptor.intercept(ConfigurationClassEnhancer.java:363) \~\[spring-context-5.1.5.RELEASE.jar:5.1.5.RELEASE

at org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurationEnhancerBySpringCGLIBEnhancerBySpringCGLIBEnhancerBySpringCGLIB415a6f9.springSecurityFilterChain() ~spring-security-config-5.1.4.RELEASE.jar:5.1.4.RELEASE

at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) ~na:1.8.0_162

at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) ~na:1.8.0_162

at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) ~na:1.8.0_162

at java.lang.reflect.Method.invoke(Method.java:498) ~na:1.8.0_162

at org.springframework.beans.factory.support.SimpleInstantiationStrategy.instantiate(SimpleInstantiationStrategy.java:154) ~spring-beans-5.1.5.RELEASE.jar:5.1.5.RELEASE

... 22 common frames omitted

问题5:

{

"error": "invalid_token",

"error_description": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOlsidXNlci1zZXJ2aWNlcyJdLCJleHAiOjE1NTg2NzcwNjgsInVzZXJfbmFtZSI6ImFkbWluIiwianRpIjoiYjlkMjY5YjgtOGE4Yi00ZDI1LTk4YzktMzkwNzRlNGNhMzk3IiwiY2xpZW50X2lkIjoibGl4aWFvaGFvIiwic2NvcGUiOlsidXNlciJdfQ.Pa03fAoN0APHQMh5FSUWRtxtQbn5vVN1JQGLu-Ql8k4"

}

解决: 原因多样,总的来说就是去服务器端根据token查询用户信息错误(1)就是token失效等 (2)地址在没有配置ssl的时候使用https等

问题6:

{

"error": "access_denied",

"error_description": "Invalid token does not contain resource id (oauth2-resource)"

}

解决: 用户去资源服务器锁清秋的资源标识,在token中不存在; 如你生成的token中可用资源包括 查询用户信息,但是在请求用户信息的时候,它有拦截会查看你token中的标识是否跟自己的标识相同

问题7:

java.lang.IllegalArgumentException: Invalid character found in method name. HTTP method names must be tokens

解决:请求协议不一致,应该都为http或https

问题8:

Caused by: feign.FeignException: status 403 reading OAuthUserService#testautherization()

at feign.FeignException.errorStatus(FeignException.java:78)

at feign.codec.ErrorDecoderDefault.decode(ErrorDecoder.java:93)atfeign.SynchronousMethodHandler.executeAndDecode(SynchronousMethodHandler.java:149)atfeign.SynchronousMethodHandler.invoke(SynchronousMethodHandler.java:78)atfeign.ReflectiveFeignDefault.decode(ErrorDecoder.java:93) at feign.SynchronousMethodHandler.executeAndDecode(SynchronousMethodHandler.java:149) at feign.SynchronousMethodHandler.invoke(SynchronousMethodHandler.java:78) at feign.ReflectiveFeignDefault.decode(ErrorDecoder.java:93)atfeign.SynchronousMethodHandler.executeAndDecode(SynchronousMethodHandler.java:149)atfeign.SynchronousMethodHandler.invoke(SynchronousMethodHandler.java:78)atfeign.ReflectiveFeignFeignInvocationHandler.invoke(ReflectiveFeign.java:103)

at com.sun.proxy.Proxy138.testautherization(UnknownSource)atcom.enci.test.server.module.controller.PolicyController.feignRequest(PolicyController.java:151)atcom.enci.test.server.module.controller.PolicyControllerProxy138.testautherization(Unknown Source) at com.enci.test.server.module.controller.PolicyController.feignRequest(PolicyController.java:151) at com.enci.test.server.module.controller.PolicyControllerProxy138.testautherization(UnknownSource)atcom.enci.test.server.module.controller.PolicyController.feignRequest(PolicyController.java:151)atcom.enci.test.server.module.controller.PolicyControllerFastClassBySpringCGLIBFastClassBySpringCGLIBFastClassBySpringCGLIBc9349f5f.invoke(<generated>)atorg.springframework.cglib.proxy.MethodProxy.invoke(MethodProxy.java:218)atorg.springframework.aop.framework.CglibAopProxyc9349f5f.invoke(<generated>) at org.springframework.cglib.proxy.MethodProxy.invoke(MethodProxy.java:218) at org.springframework.aop.framework.CglibAopProxyc9349f5f.invoke(<generated>)atorg.springframework.cglib.proxy.MethodProxy.invoke(MethodProxy.java:218)atorg.springframework.aop.framework.CglibAopProxyCglibMethodInvocation.invokeJoinpoint(CglibAopProxy.java:749)

at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:163)

at org.springframework.aop.framework.adapter.MethodBeforeAdviceInterceptor.invoke(MethodBeforeAdviceInterceptor.java:56)

at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:186)

at org.springframework.aop.interceptor.ExposeInvocationInterceptor.invoke(ExposeInvocationInterceptor.java:93)

at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:186)

at org.springframework.aop.framework.CglibAopProxyDynamicAdvisedInterceptor.intercept(CglibAopProxy.java:688)atcom.enci.test.server.module.controller.PolicyControllerDynamicAdvisedInterceptor.intercept(CglibAopProxy.java:688) at com.enci.test.server.module.controller.PolicyControllerDynamicAdvisedInterceptor.intercept(CglibAopProxy.java:688)atcom.enci.test.server.module.controller.PolicyControllerEnhancerBySpringCGLIBEnhancerBySpringCGLIBEnhancerBySpringCGLIB$6f5b74e0.feignRequest()

at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)

at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)

at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)

at java.lang.reflect.Method.invoke(Method.java:498)

at org.springframework.web.method.support.InvocableHandlerMethod.doInvoke(InvocableHandlerMethod.java:189)

at org.springframework.web.method.support.InvocableHandlerMethod.invokeForRequest(InvocableHandlerMethod.java:138)

at org.springframework.web.servlet.mvc.method.annotation.ServletInvocableHandlerMethod.invokeAndHandle(ServletInvocableHandlerMethod.java:102)

at org.springframework.web.servlet.mvc.method.annotation.RequestMappingHandlerAdapter.invokeHandlerMethod(RequestMappingHandlerAdapter.java:895)

at org.springframework.web.servlet.mvc.method.annotation.RequestMappingHandlerAdapter.handleInternal(RequestMappingHandlerAdapter.java:800)

at org.springframework.web.servlet.mvc.method.AbstractHandlerMethodAdapter.handle(AbstractHandlerMethodAdapter.java:87)

at org.springframework.web.servlet.DispatcherServlet.doDispatch(DispatcherServlet.java:1038)

at org.springframework.web.servlet.DispatcherServlet.doService(DispatcherServlet.java:942)

at org.springframework.web.servlet.FrameworkServlet.processRequest(FrameworkServlet.java:1005)

... 102 more

解决:权限不足, 获取的token中锁允许访问的resource与实际访问的resource信息不匹配,被拒绝访问

相关推荐
万少9 小时前
用腻了 WorkBuddy 的默认界面?这个开源小工具给它换上了毛玻璃
前端·javascript·后端
皮皮林55112 小时前
代码越“整洁”,性能越“拉胯”?
后端
金金金__13 小时前
一篇文章带你入门OpenSpec
后端
阿维的博客日记13 小时前
MultipartFile 是不是表示仅仅是一个分片?
java·后端·spring·multipartfile
海上彼尚13 小时前
Nodejs也能写Agent - 16.LangGraph篇 - 条件分支与循环
前端·后端·langchain·node.js
程序员无隅13 小时前
Coding Agent 为什么压缩上下文后还能继续工作?上下文模块设计拆解
java·开发语言·数据库
Python+9914 小时前
Java 枚举类(Enum)详解:从基础到高级应用
java·开发语言·python
二炮手亮子14 小时前
浅记java线程池
java·开发语言
一路向北North14 小时前
Spring Security OAuth2.0(23):分布式系统授权-转发明文给微服务
java·spring·微服务
Dovis(誓平步青云)15 小时前
远程办公软件文件传输实测:6 款工具的速度、稳定性和办公体验对比
linux·运维·服务器·后端·生成对抗网络