1. Zuhause
  2. Frage und Antwort
  3. Spring Sicherheitsmethode Handler nicht gefunden

Spring Sicherheitsmethode Handler nicht gefunden

2017-12-18 3 views
-1

Ich habe eine tokenbasierte Authentifizierung in meiner Anwendung mithilfe von AbstractAuthenticationProcessingFilter hinzugefügt. Alles funktioniert gut bis zur Weiterleitung der Anfrage nach erfolgreicher Authentifizierung. Aus bestimmten Gründen wird die Handlermethode jedoch nicht gefunden. Können Sie bitte helfen?Spring Sicherheitsmethode Handler nicht gefunden

2017-12-17 22:51:05,560 DEBUG : [[ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'] [FilterSecurityInterceptor:219][] Secure object: FilterInvocation: URL: /v1/userPreferences; Attributes: [permitAll] 
2017-12-17 22:51:05,561 DEBUG : [[ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'] [FilterSecurityInterceptor:348][] Previously Authenticated: org.springframew[email protected]9f6533a: Principal: [email protected]: Username: [email protected]t-mobile.com; Password: [PROTECTED]; Enabled: true; AccountNonExpired: true; credentialsNonExpired: true; AccountNonLocked: true; Granted Authorities: update-enterprise; Credentials: [PROTECTED]; Authenticated: true; Details: null; Granted Authorities: update-enterprise 
2017-12-17 22:51:05,572 DEBUG : [[ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'] [AffirmativeBased:66][] Voter: org.sp[email protected]4bf2a649, returned: 1 
2017-12-17 22:51:05,572 DEBUG : [[ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'] [FilterSecurityInterceptor:243][] Authorization successful 
2017-12-17 22:51:05,572 DEBUG : [[ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'] [FilterSecurityInterceptor:256][] RunAsManager did not change Authentication object 
2017-12-17 22:51:05,573 DEBUG : [[ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'] [FilterChainProxy:310][] /v1/userPreferences reached end of additional filter chain; proceeding with original chain 
2017-12-17 22:51:05,573 DEBUG : [[ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'] [PropertySourcedRequestMappingHandlerMapping:304][TrxId:964de667-eb77-434a-ba7e-673cb063dc05] Looking up handler method for path /v1/userPreferences 
2017-12-17 22:51:05,573 DEBUG : [[ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'] [PropertySourcedRequestMappingHandlerMapping:108][TrxId:964de667-eb77-434a-ba7e-673cb063dc05] looking up handler for path: /v1/userPreferences 
2017-12-17 22:51:05,573 DEBUG : [[ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'] [PropertySourcedRequestMappingHandlerMapping:314][TrxId:964de667-eb77-434a-ba7e-673cb063dc05] Did not find handler method for [/v1/userPreferences] 
2017-12-17 22:51:05,574 DEBUG : [[ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'] [EndpointHandlerMapping:304][TrxId:964de667-eb77-434a-ba7e-673cb063dc05] Looking up handler method for path /v1/userPreferences 
2017-12-17 22:51:05,575 DEBUG : [[ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'] [EndpointHandlerMapping:314][TrxId:964de667-eb77-434a-ba7e-673cb063dc05] Did not find handler method for [/v1/userPreferences] 
2017-12-17 22:51:05,578 DEBUG : [[ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'] [SecurityContextPersistenceFilter:119][] SecurityContextHolder now cleared, as request processing completed

Hier ist meine Filterimplementierung:

public class TokenAuthenticationFilter extends AbstractAuthenticationProcessingFilter 
{ 


    final static Logger logger = Logger.getLogger(TokenAuthenticationFilter.class.getCanonicalName()); 

    @Autowired 
    private IAMUserDAO iamUserDAO; 

    @Autowired 
    private CDBUserProfileDao cdbUserProfileDao; 

    @Autowired 
    private IAMOAuth2Dao iamOAuth2DAO; 

    protected TokenAuthenticationFilter(String defaultFilterProcessesUrl) { 
     super(defaultFilterProcessesUrl); 
     super.setRequiresAuthenticationRequestMatcher(new AntPathRequestMatcher(defaultFilterProcessesUrl)); 
     setAuthenticationManager(new TokenAuthenticationManager()); 
     setAuthenticationSuccessHandler(new TokenAuthenticationSuccessHandler()); 
    } 


    @Override 
    public Authentication attemptAuthentication(HttpServletRequest request, HttpServletResponse response) 
      throws AuthenticationException, IOException, ServletException { 

     AbstractAuthenticationToken authToken = null; 
     String accessToken = request.getHeader("Authorization"); 

     logger.info("Retrieving roles for token " + accessToken); 

     ResponseEntity<String> tokenResponse = Utils.validateAccessToken(request, iamOAuth2DAO); 

     if (tokenResponse.getStatusCode().equals(HttpStatus.OK)){ 

     try { 

      UserProfiles userProfileResponse = cdbUserProfileDao.getCDBUserProfile(tokenResponse.getBody()); 

      if(userProfileResponse != null){ 

      String action = iamUserDAO.getFbiFederatedAction(userProfileResponse.getEntid(), userProfileResponse.getRoles().getRole()); 

      logger.info("The action returned is " + action); 

      if(!StringUtil.isBlank(action)){ 

      List<GrantedAuthority> authorities = Arrays.asList(action.split(",")).stream() 
               .map(s -> new SimpleGrantedAuthority(s)) 
               .collect(Collectors.toList()); 

      User principal = new User(userProfileResponse.getTuid(), "", authorities); 
      authToken = new UsernamePasswordAuthenticationToken(principal, "", principal.getAuthorities()); 

       } 
      } 
     } 
     catch(Exception e){ 
      logger.error("rba processing encounter an error " + e.getMessage()); 
     } 
    } 
    else{ 
      logger.error(accessToken + " is an invalid token"); 
      throw new AuthenticationServiceException("Invalid Token"); 
    } 

     if(authToken == null){ 
      logger.error("Authentication object couldn't be created"); 
       throw new AuthenticationServiceException("Error creating authentication object"); 
     } 
     else 
      logger.info("Authentication object created"); 

     return authToken; 
    } 

    @Override 
    protected void successfulAuthentication(HttpServletRequest request, HttpServletResponse response, FilterChain chain, Authentication authResult) 
       throws IOException, ServletException { 
      super.successfulAuthentication(request, response, chain, authResult); 

      chain.doFilter(request, response); 
    } 

    }

Hier ist der AuthenticationSuccessHandler:

public class TokenAuthenticationSuccessHandler implements AuthenticationSuccessHandler{ 

    final static Logger logger = Logger.getLogger(TokenAuthenticationSuccessHandler.class.getCanonicalName()); 


    private String determineTargetUrl(HttpServletRequest request, 
      HttpServletResponse response) { 

     String context = request.getContextPath(); 
     String fullURL = request.getRequestURI(); 

     logger.info("The context is " + context + " and the full url is " + fullURL); 
     String url = fullURL.substring(fullURL.indexOf(context)+context.length()); 
     return url; 

    } 

    @Override 
    public void onAuthenticationSuccess(HttpServletRequest request, 
      HttpServletResponse response, Authentication authentication) 
      throws IOException, ServletException { 

     String url = determineTargetUrl(request,response); 

     logger.info("Forwarding request after loading the authentication with url " + request.getRequestURL()); 
     logger.info("The url is " + url); 

     request.getRequestDispatcher(url).forward(request, response); 

    } 

}

Quelle

2017-12-18 user8185956

Antwort

0

ich eine schlechte Verkabelung zwischen dem Anwendungskontext und Servlet-Kontext gestellt, der dieses Problem verursacht

Quelle

2017-12-18 10:58:07 user8185956

Verwandte Themen

 Verwandte Themen