spring boot oauth ExceptionHandlerExceptionResolver : NestedServletException: 嵌套异常是 java.lang.***Err
Posted
技术标签:
【中文标题】spring boot oauth ExceptionHandlerExceptionResolver : NestedServletException: 嵌套异常是 java.lang.***Error]【英文标题】:spring boot oauth ExceptionHandlerExceptionResolver : NestedServletException: nested exception is java.lang.***Error] 【发布时间】:2020-09-01 18:37:18 【问题描述】:我使用 spring boot oauth 2 创建了一个授权。我无法使用数据库中的数据获取访问令牌。
我的授权服务器:
@Configuration
@EnableAuthorizationServer
public class AuthorizationServerConfiguration extends AuthorizationServerConfigurerAdapter
@Autowired
private PasswordEncoder passwordEncoder;
@Autowired
private AuthenticationManager authenticationManager;
@Autowired
private PropertyConfiguration propertyConfiguration;
@Override
public void configure(final AuthorizationServerSecurityConfigurer oauthServer) throws Exception
oauthServer.tokenKeyAccess("permitAll()")
.checkTokenAccess("isAuthenticated()");
@Override
public void configure(final ClientDetailsServiceConfigurer clients) throws Exception
clients.inMemory()
.withClient(propertyConfiguration.getPasswordId())
.secret(passwordEncoder.encode(propertyConfiguration.getPasswordSecret()))
.authorizedGrantTypes("password")
.scopes(SCOPE_WRITE)
.autoApprove(true);
@Override
public void configure(AuthorizationServerEndpointsConfigurer endpoints) throws Exception
endpoints
.tokenStore(tokenStore())
.authenticationManager(authenticationManager);
@Bean
public TokenStore tokenStore()
return new InMemoryTokenStore();
我的主要课程:
@SpringBootApplication
@EntityScan(basePackages = "com.kazi.core.entities")
public class OAuthApplication
@Bean
public UserServiceImpl userServiceImpl()
return new UserServiceImpl();
public static void main(String[] args)
SpringApplication.run(OAuthApplication.class, args);
我的客户用户详情:
@Configuration("customUserDetailsService")
public class CustomUserDetailsService implements UserDetailsService
private UserServiceImpl userServiceImpl;
@Autowired
public CustomUserDetailsService(UserServiceImpl userServiceImpl)
this.userServiceImpl = userServiceImpl;
@Override
public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException
final User user = userServiceImpl.findByUsername(username);
if (user == null)
throw new UsernameNotFoundException(String.format("User %s does not exist!", username));
return new UserRepositoryUserDetails(user);
private final static class UserRepositoryUserDetails extends User implements UserDetails
private static final long serialVersionUID = 1L;
private UserRepositoryUserDetails(User user)
super(user);
@Override
public Collection<? extends GrantedAuthority> getAuthorities()
return getRoles();
@Override
public boolean isAccountNonExpired()
return true;
@Override
public boolean isAccountNonLocked()
return !super.isBlocked();
@Override
public boolean isCredentialsNonExpired()
return true;
我的安全配置:
@Configuration
public class SecurityConfiguration extends WebSecurityConfigurerAdapter
@Override
protected void configure(AuthenticationManagerBuilder auth) throws Exception
auth.parentAuthenticationManager(authenticationManagerBean())
.inMemoryAuthentication()
.withUser("emoleumassi")
.password(passwordEncoder().encode("today"))
.roles("USER");
@Bean
@Override
public AuthenticationManager authenticationManagerBean() throws Exception
return super.authenticationManagerBean();
@Bean
public BCryptPasswordEncoder passwordEncoder()
return new BCryptPasswordEncoder();
当我直接在代码中设置凭据时它工作正常,我得到一个访问令牌。但如果我像这样使用 CustomUserService:
@Autowired
private CustomUserDetailsService customUserDetailsService;
@Override
protected void configure(AuthenticationManagerBuilder auth) throws Exception
auth.parentAuthenticationManager(authenticationManagerBean())
.userDetailsService(customUserDetailsService)
.passwordEncoder(passwordEncoder());
控制台重复多次,可能是20次:
Hibernate: select user0_.user_id as user_id1_5_, user0_.blocked as blocked2_5_, user0_.description as descript3_5_, user0_.email as email4_5_, user0_.enabled as enabled5_5_, user0_.first_login as first_lo6_5_, user0_.first_name as first_na7_5_, user0_.last_login as last_log8_5_, user0_.last_name as last_nam9_5_, user0_.password as passwor10_5_, user0_.username as usernam11_5_ from user user0_ where user0_.username=?
Hibernate: select threads0_.user_id as user_id1_8_0_, threads0_.thread_id as thread_i2_8_0_, thread1_.thread_id as thread_i1_4_1_ from user_thread threads0_ inner join thread thread1_ on threads0_.thread_id=thread1_.thread_id where threads0_.user_id=?
Hibernate: select roles0_.user_id as user_id1_7_0_, roles0_.role_id as role_id2_7_0_, role1_.role_id as role_id1_3_1_, role1_.name as name2_3_1_ from user_role roles0_ inner join role role1_ on roles0_.role_id=role1_.role_id where roles0_.user_id=?
Hibernate: select users0_.role_id as role_id2_7_0_, users0_.user_id as user_id1_7_0_, user1_.user_id as user_id1_5_1_, user1_.blocked as blocked2_5_1_, user1_.description as descript3_5_1_, user1_.email as email4_5_1_, user1_.enabled as enabled5_5_1_, user1_.first_login as first_lo6_5_1_, user1_.first_name as first_na7_5_1_, user1_.last_login as last_log8_5_1_, user1_.last_name as last_nam9_5_1_, user1_.password as passwor10_5_1_, user1_.username as usernam11_5_1_ from user_role users0_ inner join user user1_ on users0_.user_id=user1_.user_id where users0_.role_id=?
Hibernate: select users0_.role_id as role_id2_7_0_, users0_.user_id as user_id1_7_0_, user1_.user_id as user_id1_5_1_, user1_.blocked as blocked2_5_1_, user1_.description as descript3_5_1_, user1_.email as email4_5_1_, user1_.enabled as enabled5_5_1_, user1_.first_login as first_lo6_5_1_, user1_.first_name as first_na7_5_1_, user1_.last_login as last_log8_5_1_, user1_.last_name as last_nam9_5_1_, user1_.password as passwor10_5_1_, user1_.username as usernam11_5_1_ from user_role users0_ inner join user user1_ on users0_.user_id=user1_.user_id where users0_.role_id=?
Hibernate: select users0_.role_id as role_id2_7_0_, users0_.user_id as user_id1_7_0_, user1_.user_id as user_id1_5_1_, user1_.blocked as blocked2_5_1_, user1_.description as descript3_5_1_, user1_.email as email4_5_1_, user1_.enabled as enabled5_5_1_, user1_.first_login as first_lo6_5_1_, user1_.first_name as first_na7_5_1_, user1_.last_login as last_log8_5_1_, user1_.last_name as last_nam9_5_1_, user1_.password as passwor10_5_1_, user1_.username as usernam11_5_1_ from user_role users0_ inner join user user1_ on users0_.user_id=user1_.user_id where users0_.role_id=?
Hibernate: select jobs0_.user_id as user_id1_6_0_, jobs0_.job_id as job_id2_6_0_, job1_.job_id as job_id1_0_1_, job1_.category as category2_0_1_, job1_.creation_date as creation3_0_1_, job1_.description as descript4_0_1_, job1_.location as location5_0_1_, job1_.salary as salary6_0_1_, job1_.status as status7_0_1_, job1_.title as title8_0_1_ from user_job jobs0_ inner join job job1_ on jobs0_.job_id=job1_.job_id where jobs0_.user_id=?
我得到了这个例外:
org.springframework.web.util.NestedServletException: Handler dispatch failed; nested exception is java.lang.***Error
at org.springframework.web.servlet.DispatcherServlet.doDispatch(DispatcherServlet.java:1055) ~[spring-webmvc-5.2.2.RELEASE.jar:5.2.2.RELEASE]
at org.springframework.web.servlet.DispatcherServlet.doService(DispatcherServlet.java:943) ~[spring-webmvc-5.2.2.RELEASE.jar:5.2.2.RELEASE]
at org.springframework.web.servlet.FrameworkServlet.processRequest(FrameworkServlet.java:1006) ~[spring-webmvc-5.2.2.RELEASE.jar:5.2.2.RELEASE]
at org.springframework.web.servlet.FrameworkServlet.doPost(FrameworkServlet.java:909) ~[spring-webmvc-5.2.2.RELEASE.jar:5.2.2.RELEASE]
at javax.servlet.http.HttpServlet.service(HttpServlet.java:660) ~[tomcat-embed-core-9.0.29.jar:9.0.29]
at org.springframework.web.servlet.FrameworkServlet.service(FrameworkServlet.java:883) ~[spring-webmvc-5.2.2.RELEASE.jar:5.2.2.RELEASE]
at javax.servlet.http.HttpServlet.service(HttpServlet.java:741) ~[tomcat-embed-core-9.0.29.jar:9.0.29]
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:231) ~[tomcat-embed-core-9.0.29.jar:9.0.29]
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166) ~[tomcat-embed-core-9.0.29.jar:9.0.29]
at org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:53) ~[tomcat-embed-websocket-9.0.29.jar:9.0.29]
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193) ~[tomcat-embed-core-9.0.29.jar:9.0.29]
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166) ~[tomcat-embed-core-9.0.29.jar:9.0.29]
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:320) ~[spring-security-web-5.2.1.RELEASE.jar:5.2.1.RELEASE]
at org.springframework.security.web.access.intercept.FilterSecurityInterceptor.invoke(FilterSecurityInterceptor.java:126) ~[spring-security-web-5.2.1.RELEASE.jar:5.2.1.RELEASE]
at org.springframework.security.web.access.intercept.FilterSecurityInterceptor.doFilter(FilterSecurityInterceptor.java:90) ~[spring-security-web-5.2.1.RELEASE.jar:5.2.1.RELEASE]
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334) ~[spring-security-web-5.2.1.RELEASE.jar:5.2.1.RELEASE]
at org.springframework.security.web.access.ExceptionTranslationFilter.doFilter(ExceptionTranslationFilter.java:118) ~[spring-security-web-5.2.1.RELEASE.jar:5.2.1.RELEASE]
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334) ~[spring-security-web-5.2.1.RELEASE.jar:5.2.1.RELEASE]
at org.springframework.security.web.session.SessionManagementFilter.doFilter(SessionManagementFilter.java:137) ~[spring-security-web-5.2.1.RELEASE.jar:5.2.1.RELEASE]
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334) ~[spring-security-web-5.2.1.RELEASE.jar:5.2.1.RELEASE]
at org.springframework.security.web.authentication.AnonymousAuthenticationFilter.doFilter(AnonymousAuthenticationFilter.java:111) ~[spring-security-web-5.2.1.RELEASE.jar:5.2.1.RELEASE]
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334) ~[spring-security-web-5.2.1.RELEASE.jar:5.2.1.RELEASE]
at org.springframework.security.web.servletapi.SecurityContextHolderAwareRequestFilter.doFilter(SecurityContextHolderAwareRequestFilter.java:158) ~[spring-security-web-5.2.1.RELEASE.jar:5.2.1.RELEASE]
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334) ~[spring-security-web-5.2.1.RELEASE.jar:5.2.1.RELEASE]
at org.springframework.security.web.savedrequest.RequestCacheAwareFilter.doFilter(RequestCacheAwareFilter.java:63) ~[spring-security-web-5.2.1.RELEASE.jar:5.2.1.RELEASE]
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334) ~[spring-security-web-5.2.1.RELEASE.jar:5.2.1.RELEASE]
at org.springframework.security.web.authentication.www.BasicAuthenticationFilter.doFilterInternal(BasicAuthenticationFilter.java:203) ~[spring-security-web-5.2.1.RELEASE.jar:5.2.1.RELEASE]
at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:119) ~[spring-web-5.2.2.RELEASE.jar:5.2.2.RELEASE]
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334) ~[spring-security-web-5.2.1.RELEASE.jar:5.2.1.RELEASE]
at org.springframework.security.web.authentication.logout.LogoutFilter.doFilter(LogoutFilter.java:116) ~[spring-security-web-5.2.1.RELEASE.jar:5.2.1.RELEASE]
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334) ~[spring-security-web-5.2.1.RELEASE.jar:5.2.1.RELEASE]
at org.springframework.security.web.header.HeaderWriterFilter.doHeadersAfter(HeaderWriterFilter.java:92) ~[spring-security-web-5.2.1.RELEASE.jar:5.2.1.RELEASE]
at org.springframework.security.web.header.HeaderWriterFilter.doFilterInternal(HeaderWriterFilter.java:77) ~[spring-security-web-5.2.1.RELEASE.jar:5.2.1.RELEASE]
at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:119) ~[spring-web-5.2.2.RELEASE.jar:5.2.2.RELEASE]
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334) ~[spring-security-web-5.2.1.RELEASE.jar:5.2.1.RELEASE]
at org.springframework.security.web.context.SecurityContextPersistenceFilter.doFilter(SecurityContextPersistenceFilter.java:105) ~[spring-security-web-5.2.1.RELEASE.jar:5.2.1.RELEASE]
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334) ~[spring-security-web-5.2.1.RELEASE.jar:5.2.1.RELEASE]
at org.springframework.security.web.context.request.async.WebAsyncManagerIntegrationFilter.doFilterInternal(WebAsyncManagerIntegrationFilter.java:56) ~[spring-security-web-5.2.1.RELEASE.jar:5.2.1.RELEASE]
at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:119) ~[spring-web-5.2.2.RELEASE.jar:5.2.2.RELEASE]
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334) ~[spring-security-web-5.2.1.RELEASE.jar:5.2.1.RELEASE]
at org.springframework.security.web.FilterChainProxy.doFilterInternal(FilterChainProxy.java:215) ~[spring-security-web-5.2.1.RELEASE.jar:5.2.1.RELEASE]
at org.springframework.security.web.FilterChainProxy.doFilter(FilterChainProxy.java:178) ~[spring-security-web-5.2.1.RELEASE.jar:5.2.1.RELEASE]
at org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:358) ~[spring-web-5.2.2.RELEASE.jar:5.2.2.RELEASE]
at org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:271) ~[spring-web-5.2.2.RELEASE.jar:5.2.2.RELEASE]
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193) ~[tomcat-embed-core-9.0.29.jar:9.0.29]
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166) ~[tomcat-embed-core-9.0.29.jar:9.0.29]
at org.springframework.web.filter.RequestContextFilter.doFilterInternal(RequestContextFilter.java:100) ~[spring-web-5.2.2.RELEASE.jar:5.2.2.RELEASE]
at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:119) ~[spring-web-5.2.2.RELEASE.jar:5.2.2.RELEASE]
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193) ~[tomcat-embed-core-9.0.29.jar:9.0.29]
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166) ~[tomcat-embed-core-9.0.29.jar:9.0.29]
at org.springframework.web.filter.FormContentFilter.doFilterInternal(FormContentFilter.java:93) ~[spring-web-5.2.2.RELEASE.jar:5.2.2.RELEASE]
at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:119) ~[spring-web-5.2.2.RELEASE.jar:5.2.2.RELEASE]
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193) ~[tomcat-embed-core-9.0.29.jar:9.0.29]
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166) ~[tomcat-embed-core-9.0.29.jar:9.0.29]
at org.springframework.boot.actuate.metrics.web.servlet.WebMvcMetricsFilter.doFilterInternal(WebMvcMetricsFilter.java:108) ~[spring-boot-actuator-2.2.2.RELEASE.jar:2.2.2.RELEASE]
at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:119) ~[spring-web-5.2.2.RELEASE.jar:5.2.2.RELEASE]
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193) ~[tomcat-embed-core-9.0.29.jar:9.0.29]
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166) ~[tomcat-embed-core-9.0.29.jar:9.0.29]
at org.springframework.web.filter.CharacterEncodingFilter.doFilterInternal(CharacterEncodingFilter.java:201) ~[spring-web-5.2.2.RELEASE.jar:5.2.2.RELEASE]
at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:119) ~[spring-web-5.2.2.RELEASE.jar:5.2.2.RELEASE]
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193) ~[tomcat-embed-core-9.0.29.jar:9.0.29]
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166) ~[tomcat-embed-core-9.0.29.jar:9.0.29]
at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:202) ~[tomcat-embed-core-9.0.29.jar:9.0.29]
at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:96) ~[tomcat-embed-core-9.0.29.jar:9.0.29]
at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:526) ~[tomcat-embed-core-9.0.29.jar:9.0.29]
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:139) ~[tomcat-embed-core-9.0.29.jar:9.0.29]
at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:92) ~[tomcat-embed-core-9.0.29.jar:9.0.29]
at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:74) ~[tomcat-embed-core-9.0.29.jar:9.0.29]
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:343) ~[tomcat-embed-core-9.0.29.jar:9.0.29]
at org.apache.coyote.http11.Http11Processor.service(Http11Processor.java:367) ~[tomcat-embed-core-9.0.29.jar:9.0.29]
at org.apache.coyote.AbstractProcessorLight.process(AbstractProcessorLight.java:65) ~[tomcat-embed-core-9.0.29.jar:9.0.29]
at org.apache.coyote.AbstractProtocol$ConnectionHandler.process(AbstractProtocol.java:860) ~[tomcat-embed-core-9.0.29.jar:9.0.29]
at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1591) ~[tomcat-embed-core-9.0.29.jar:9.0.29]
at org.apache.tomcat.util.net.SocketProcessorBase.run(SocketProcessorBase.java:49) ~[tomcat-embed-core-9.0.29.jar:9.0.29]
at java.base/java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1128) ~[na:na]
at java.base/java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:628) ~[na:na]
at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61) ~[tomcat-embed-core-9.0.29.jar:9.0.29]
at java.base/java.lang.Thread.run(Thread.java:834) ~[na:na]
Caused by: java.lang.***Error: null
当我删除这一行 auth.parentAuthenticationManager(authenticationManagerBean()) 我得到
"error": "invalid_grant",
"error_description": "Bad credentials"
我的用户实体:
@Table
@Entity
public class User implements Serializable
private static final long serialVersionUID = 1L;
@Id
@GeneratedValue(strategy = GenerationType.IDENTITY)
@Column(name = "user_id", nullable = false)
private int userId;
@Column(unique = true, columnDefinition = "VARCHAR(50)", nullable = false)
private String username;
@Column(unique = true, columnDefinition = "VARCHAR(50)", nullable = false)
private String email;
@Column(nullable = false, columnDefinition = "BIT")
private boolean enabled;
@Column(columnDefinition = "VARCHAR(50)", nullable = false)
private String password;
@Column(columnDefinition = "VARCHAR(20)", nullable = false)
private String firstLogin;
@Column(columnDefinition = "VARCHAR(20)")
private String lastLogin;
@Column(unique = true, columnDefinition = "VARCHAR(50)")
private String firstName;
@Column(unique = true, columnDefinition = "VARCHAR(50)")
private String lastName;
@Column(nullable = false, columnDefinition = "BIT")
private boolean blocked;
@Column(columnDefinition = "TEXT")
private String description;
@JsonIgnore
@ManyToMany(fetch = FetchType.LAZY, cascade = CascadeType.PERSIST)
@JoinTable(name = "user_role",
joinColumns = @JoinColumn(name = "user_id"),
inverseJoinColumns = @JoinColumn(name = "role_id"))
private Set<Role> roles;
@JsonIgnore
@ManyToMany(fetch = FetchType.LAZY, cascade = CascadeType.PERSIST)
@JoinTable(name = "user_job",
joinColumns = @JoinColumn(name = "user_id"),
inverseJoinColumns = @JoinColumn(name = "job_id"))
private Set<Job> jobs = new HashSet<>();
@JsonIgnore
@ManyToMany(fetch = FetchType.LAZY, cascade = CascadeType.PERSIST)
@JoinTable(name = "user_thread",
joinColumns = @JoinColumn(name = "user_id"),
inverseJoinColumns = @JoinColumn(name = "thread_id"))
private Set<Thread> threads = new HashSet<>();
public User()
public User(User user)
super();
this.userId = user.getUserId();
this.roles = user.getRoles();
this.username = user.getUsername();
this.email = user.getEmail();
this.enabled = user.isEnabled();
this.blocked = user.isBlocked();
this.password = user.getPassword();
// getter, setter
我的卷曲请求
curl -i -v -X POST -H 'Content-Type: application/x-www-form-urlencoded' -k http://localhost:8080/oauth/token -H 'Authorization: Basic Y2xpZW50OnNlY3JldA==' -d 'grant_type=password&client_id=client&user=emoleumassi&password=today&scope=write'
此用户存在于数据库中,角色为 User。
我使用spring-security-oauth2 版本2.3.5.RELEASE 和引导父启动器2.2.2.RELEASE
【问题讨论】:
【参考方案1】:首先,我改变了
@Override
protected void configure(AuthenticationManagerBuilder auth) throws Exception
auth.parentAuthenticationManager(authenticationManagerBean())
.userDetailsService(customUserDetailsService)
.passwordEncoder(passwordEncoder());
到
@Override
protected void configure(AuthenticationManagerBuilder auth) throws Exception
auth.
.userDetailsService(customUserDetailsService)
.passwordEncoder(passwordEncoder());
其次,我加密了数据库中的密码today -> $2a$04$TwPX14ddISSYsW4/fvzxfu8uSyJQXq415OrlWwrLACxBycRmdS07u
我在没有加密密码的情况下发出了curl 请求:
curl -i -v -X POST -H 'Content-Type: application/x-www-form-urlencoded' -k http://localhost:8080/oauth/token -H 'Authorization: Basic Y2xpZW50OnNlY3JldA==' -d 'grant_type=password&client_id=client&username=emoleumassi&password=today&scope=write'
有人知道parentAuthenticationManager的影响吗?
【讨论】:
您描述的更改是否导致 curl 请求成功? @AlessandroScarlatti 是的以上是关于spring boot oauth ExceptionHandlerExceptionResolver : NestedServletException: 嵌套异常是 java.lang.***Err的主要内容,如果未能解决你的问题,请参考以下文章
使用 spring-boot-starter-oauth2-client 检索 OAuth2 3-legged 身份验证的访问令牌
让 oauth2 与 spring-boot 和 rest 一起工作
使用 Spring boot、Eureka、Zuul、Spring Oauth 创建 OAuth 安全微服务的问题