Spring报错解决一览

Spring错误持续更新贴...

问题一

springcloud-OAuth2.0配置的时候报错

Method springSecurityFilterChain in org.springframework.security.config.annotation.web.configuration.WebSecurityConfiguration required a bean of type 'org.springframework.boot.autoconfigure.security.oauth2.resource.UserInfoRestTemplateFactory' that could not be found.

The following candidates were found but could not be injected:

Bean method 'userInfoRestTemplateFactory' in 'ResourceServerTokenServicesConfiguration' not loaded because @ConditionalOnMissingBean (types: org.springframework.security.oauth2.config.annotation.web.configuration.AuthorizationServerEndpointsConfiguration; SearchStrategy: all) found beans of type 'org.springframework.security.oauth2.config.annotation.web.configuration.AuthorizationServerEndpointsConfiguration' org.springframework.security.oauth2.config.annotation.web.configuration.AuthorizationServerEndpointsConfiguration

Action:

Consider revisiting the entries above or defining a bean of type 'org.springframework.boot.autoconfigure.security.oauth2.resource.UserInfoRestTemplateFactory' in your configuration.

问题原因：

(1)做服务器端OAuth,引用了客户端的相关jar，并且还没有配置；

问题二：

spring cloud security oauth2.0 默认是禁用Client模式进行授权的；Oauth2.0 client模式无法授权；

allowFormAuthenticationForClients()方法开启；

问题三：

密码模式获取token的情况下， Basic校验写错了

{

"timestamp": "2019-05-16T15:31:11.450+0000",

"status": 401,

"error": "Unauthorized",

"message": "Unauthorized",

"path": "/oauth/token"

}

解决：这个一种情况是Basic用户名密码写错了，在拦截器BasicAuthenticationFilter中校验不通过抛出异常

问题三：springSeurity明明配置了password授权，但是在做改动的时候提示如下

{

"error": "unsupported_grant_type",

"error_description": "Unsupported grant type: password"

}

解答：AuthorizationServerEndpointsConfigurer类中获取所有的granter的时候，需要判断authenticationmananager是否为空，才能默认加载password权限分配器

问题四：

java.lang.IllegalStateException: Cannot apply org.springframework.security.config.annotation.web.configurers.ExpressionUrlAuthorizationConfigurer@6d8b7ea9 to already built object

at org.springframework.security.config.annotation.AbstractConfiguredSecurityBuilder.add(AbstractConfiguredSecurityBuilder.java:196) ~[spring-security-config-5.1.4.RELEASE.jar:5.1.4.RELEASE]

at org.springframework.security.config.annotation.AbstractConfiguredSecurityBuilder.apply(AbstractConfiguredSecurityBuilder.java:133) ~[spring-security-config-5.1.4.RELEASE.jar:5.1.4.RELEASE]

at org.springframework.security.config.annotation.web.builders.HttpSecurity.getOrApply(HttpSecurity.java:1501) ~[spring-security-config-5.1.4.RELEASE.jar:5.1.4.RELEASE]

at org.springframework.security.config.annotation.web.builders.HttpSecurity.authorizeRequests(HttpSecurity.java:654) ~[spring-security-config-5.1.4.RELEASE.jar:5.1.4.RELEASE]

at org.springframework.security.oauth2.config.annotation.web.configurers.ResourceServerSecurityConfigurer.configure(ResourceServerSecurityConfigurer.java:222) ~[spring-security-oauth2-2.3.4.RELEASE.jar:na]

at org.springframework.security.config.annotation.AbstractConfiguredSecurityBuilder.configure(AbstractConfiguredSecurityBuilder.java:384) ~[spring-security-config-5.1.4.RELEASE.jar:5.1.4.RELEASE]

at org.springframework.security.config.annotation.AbstractConfiguredSecurityBuilder.doBuild(AbstractConfiguredSecurityBuilder.java:330) ~[spring-security-config-5.1.4.RELEASE.jar:5.1.4.RELEASE]

at org.springframework.security.config.annotation.AbstractSecurityBuilder.build(AbstractSecurityBuilder.java:41) ~[spring-security-config-5.1.4.RELEASE.jar:5.1.4.RELEASE]

at org.springframework.security.config.annotation.web.builders.WebSecurity.performBuild(WebSecurity.java:294) ~[spring-security-config-5.1.4.RELEASE.jar:5.1.4.RELEASE]

at org.springframework.security.config.annotation.web.builders.WebSecurity.performBuild(WebSecurity.java:79) ~[spring-security-config-5.1.4.RELEASE.jar:5.1.4.RELEASE]

at org.springframework.security.config.annotation.AbstractConfiguredSecurityBuilder.doBuild(AbstractConfiguredSecurityBuilder.java:334) ~[spring-security-config-5.1.4.RELEASE.jar:5.1.4.RELEASE]

at org.springframework.security.config.annotation.AbstractSecurityBuilder.build(AbstractSecurityBuilder.java:41) ~[spring-security-config-5.1.4.RELEASE.jar:5.1.4.RELEASE]

at org.springframework.security.config.annotation.web.configuration.WebSecurityConfiguration.springSecurityFilterChain(WebSecurityConfiguration.java:104) ~[spring-security-config-5.1.4.RELEASE.jar:5.1.4.RELEASE]

at org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurationEnhancerBySpringCGLIBEnhancerBySpringCGLIBEnhancerBySpringCGLIB415a6f9.CGLIB$springSecurityFilterChainKaTeX parse error: Undefined control sequence: \[ at position 17: ...(<generated>) ~\̲[̲spring-security...EnhancerBySpringCGLIBEnhancerBySpringCGLIBEnhancerBySpringCGLIB415a6f9415a6f9415a6f9FastClassBySpringCGLIBFastClassBySpringCGLIBFastClassBySpringCGLIBKaTeX parse error: Undefined control sequence: \[ at position 31: ...(<generated>) ~\̲[̲spring-security...BeanMethodInterceptor.intercept(ConfigurationClassEnhancer.java:363) ~[spring-context-5.1.5.RELEASE.jar:5.1.5.RELEASE]

at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) ~[na:1.8.0_162]

at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) ~[na:1.8.0_162]

at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) ~[na:1.8.0_162]

at java.lang.reflect.Method.invoke(Method.java:498) ~[na:1.8.0_162]

at org.springframework.beans.factory.support.SimpleInstantiationStrategy.instantiate(SimpleInstantiationStrategy.java:154) ~[spring-beans-5.1.5.RELEASE.jar:5.1.5.RELEASE]

... 22 common frames omitted

问题5：

{

"error": "invalid_token",

"error_description": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOlsidXNlci1zZXJ2aWNlcyJdLCJleHAiOjE1NTg2NzcwNjgsInVzZXJfbmFtZSI6ImFkbWluIiwianRpIjoiYjlkMjY5YjgtOGE4Yi00ZDI1LTk4YzktMzkwNzRlNGNhMzk3IiwiY2xpZW50X2lkIjoibGl4aWFvaGFvIiwic2NvcGUiOlsidXNlciJdfQ.Pa03fAoN0APHQMh5FSUWRtxtQbn5vVN1JQGLu-Ql8k4"

}

解决：原因多样，总的来说就是去服务器端根据token查询用户信息错误（1）就是token失效等（2）地址在没有配置ssl的时候使用https等

问题6：

{

"error": "access_denied",

"error_description": "Invalid token does not contain resource id (oauth2-resource)"

}

解决：用户去资源服务器锁清秋的资源标识，在token中不存在；如你生成的token中可用资源包括查询用户信息，但是在请求用户信息的时候，它有拦截会查看你token中的标识是否跟自己的标识相同

问题7：

java.lang.IllegalArgumentException: Invalid character found in method name. HTTP method names must be tokens

解决:请求协议不一致，应该都为http或https

问题8：

Caused by: feign.FeignException: status 403 reading OAuthUserService#testautherization()

at feign.FeignException.errorStatus(FeignException.java:78)

at feign.codec.ErrorDecoderDefault.decode(ErrorDecoder.java:93)atfeign.SynchronousMethodHandler.executeAndDecode(SynchronousMethodHandler.java:149)atfeign.SynchronousMethodHandler.invoke(SynchronousMethodHandler.java:78)atfeign.ReflectiveFeignDefault.decode(ErrorDecoder.java:93) at feign.SynchronousMethodHandler.executeAndDecode(SynchronousMethodHandler.java:149) at feign.SynchronousMethodHandler.invoke(SynchronousMethodHandler.java:78) at feign.ReflectiveFeignDefault.decode(ErrorDecoder.java:93)atfeign.SynchronousMethodHandler.executeAndDecode(SynchronousMethodHandler.java:149)atfeign.SynchronousMethodHandler.invoke(SynchronousMethodHandler.java:78)atfeign.ReflectiveFeignFeignInvocationHandler.invoke(ReflectiveFeign.java:103)

at com.sun.proxy.Proxy138.testautherization(UnknownSource)atcom.enci.test.server.module.controller.PolicyController.feignRequest(PolicyController.java:151)atcom.enci.test.server.module.controller.PolicyControllerProxy138.testautherization(Unknown Source) at com.enci.test.server.module.controller.PolicyController.feignRequest(PolicyController.java:151) at com.enci.test.server.module.controller.PolicyControllerProxy138.testautherization(UnknownSource)atcom.enci.test.server.module.controller.PolicyController.feignRequest(PolicyController.java:151)atcom.enci.test.server.module.controller.PolicyControllerFastClassBySpringCGLIBFastClassBySpringCGLIBFastClassBySpringCGLIBc9349f5f.invoke(<generated>)atorg.springframework.cglib.proxy.MethodProxy.invoke(MethodProxy.java:218)atorg.springframework.aop.framework.CglibAopProxyc9349f5f.invoke(<generated>) at org.springframework.cglib.proxy.MethodProxy.invoke(MethodProxy.java:218) at org.springframework.aop.framework.CglibAopProxyc9349f5f.invoke(<generated>)atorg.springframework.cglib.proxy.MethodProxy.invoke(MethodProxy.java:218)atorg.springframework.aop.framework.CglibAopProxyCglibMethodInvocation.invokeJoinpoint(CglibAopProxy.java:749)

at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:163)

at org.springframework.aop.framework.adapter.MethodBeforeAdviceInterceptor.invoke(MethodBeforeAdviceInterceptor.java:56)

at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:186)

at org.springframework.aop.interceptor.ExposeInvocationInterceptor.invoke(ExposeInvocationInterceptor.java:93)

at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:186)

at org.springframework.aop.framework.CglibAopProxyDynamicAdvisedInterceptor.intercept(CglibAopProxy.java:688)atcom.enci.test.server.module.controller.PolicyControllerDynamicAdvisedInterceptor.intercept(CglibAopProxy.java:688) at com.enci.test.server.module.controller.PolicyControllerDynamicAdvisedInterceptor.intercept(CglibAopProxy.java:688)atcom.enci.test.server.module.controller.PolicyControllerEnhancerBySpringCGLIBEnhancerBySpringCGLIBEnhancerBySpringCGLIB$6f5b74e0.feignRequest()

at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)

at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)

at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)

at java.lang.reflect.Method.invoke(Method.java:498)

at org.springframework.web.method.support.InvocableHandlerMethod.doInvoke(InvocableHandlerMethod.java:189)

at org.springframework.web.method.support.InvocableHandlerMethod.invokeForRequest(InvocableHandlerMethod.java:138)

at org.springframework.web.servlet.mvc.method.annotation.ServletInvocableHandlerMethod.invokeAndHandle(ServletInvocableHandlerMethod.java:102)

at org.springframework.web.servlet.mvc.method.annotation.RequestMappingHandlerAdapter.invokeHandlerMethod(RequestMappingHandlerAdapter.java:895)

at org.springframework.web.servlet.mvc.method.annotation.RequestMappingHandlerAdapter.handleInternal(RequestMappingHandlerAdapter.java:800)

at org.springframework.web.servlet.mvc.method.AbstractHandlerMethodAdapter.handle(AbstractHandlerMethodAdapter.java:87)

at org.springframework.web.servlet.DispatcherServlet.doDispatch(DispatcherServlet.java:1038)

at org.springframework.web.servlet.DispatcherServlet.doService(DispatcherServlet.java:942)

at org.springframework.web.servlet.FrameworkServlet.processRequest(FrameworkServlet.java:1005)

... 102 more

解决：权限不足，获取的token中锁允许访问的resource与实际访问的resource信息不匹配，被拒绝访问