尝试在spring应用程序中获取OAuth2访问令牌时找不到404 404
我正在尝试创建一个Web应用程序,我们可以通过调用一些http基本请求来获取“密码”授权类型中的访问令牌
例如
我打电话的时候
HTTP://本地主机:8080 / demo4ssh-安全的oauth2 /的OAuth /令牌的client_id = mobile_1&client_secret = secret_1&grant_type =密码&用户名=张三&密码= 123456?
我可以得到以下令牌
{"access_token":"4219a91f-45d5-4a07-9e8e-3acbadd0c23e","token_type":"bearer","refresh_token":"d41df9fd-3d36-4a20-b0b7-1a1883c7439d","expires_in":43199,"scope":"read write trust"} 但是我的令牌网站总是返回404.我尝试在网上进行一些搜索,但仍然没有帮助…
这是我的代码:
web.xml中
contextConfigLocation /WEB-INF/security-context.xml org.springframework.web.context.ContextLoaderListener springSecurityFilterChain org.springframework.web.filter.DelegatingFilterProxy springSecurityFilterChain /* user-dispatcher org.springframework.web.servlet.DispatcherServlet 1
安全的context.xml
我的控制器类
@Controller @RequestMapping("/operation") public class UserOperationController { private static final Logger logger = Logger.getLogger(UserOperationController.class); @RequestMapping("/Login") public ModelAndView home() { return new ModelAndView("login"); } @RequestMapping("/Error") public ModelAndView error() { return new ModelAndView("error"); } @RequestMapping("/Healthcheck") public ModelAndView healthCheck() { ...Some Operations.... return new ModelAndView("healthcheck", "result", "positive"); } @RequestMapping(value = "/Registration", method = RequestMethod.POST, consumes = "application/json") public @ResponseBody void registration(@RequestBody UserModel user) { ...Some Operations.... } }
在我使用ajax post调用提交http请求后,我收到了404错误代码和以下Tomcat7日志
2015-09-29 00:36:04 DEBUG AntPathRequestMatcher:151 - Checking match of request : '/oauth/token'; against '/user/operation/registration' 2015-09-29 00:36:04 DEBUG AntPathRequestMatcher:151 - Checking match of request : '/oauth/token'; against '/oauth/token' 2015-09-29 00:36:04 DEBUG FilterChainProxy:324 - /oauth/token?username=user 001&password=Passw0rd!&client_id=mobile_1&client_secret=secret_1&grant_type=pass word at position 1 of 8 in additional filter chain; firing Filter: 'SecurityCont extPersistenceFilter' 2015-09-29 00:36:04 DEBUG FilterChainProxy:324 - /oauth/token?username=user 001&password=Passw0rd!&client_id=mobile_1&client_secret=secret_1&grant_type=pass word at position 2 of 8 in additional filter chain; firing Filter: 'WebAsyncMana gerIntegrationFilter' 2015-09-29 00:36:04 DEBUG FilterChainProxy:324 - /oauth/token?username=user 001&password=Passw0rd!&client_id=mobile_1&client_secret=secret_1&grant_type=pass word at position 3 of 8 in additional filter chain; firing Filter: 'HeaderWriter Filter' 2015-09-29 00:36:04 DEBUG HstsHeaderWriter:128 - Not injecting HSTS header since it did not match the requestMatcher org.springframework.security.web.header.wri ters.HstsHeaderWriter$SecureRequestMatcher@2c3ed15e 2015-09-29 00:36:04 DEBUG FilterChainProxy:324 - /oauth/token?username=user 001&password=Passw0rd!&client_id=mobile_1&client_secret=secret_1&grant_type=pass word at position 4 of 8 in additional filter chain; firing Filter: 'ClientCreden tialsTokenEndpointFilter' 2015-09-29 00:36:04 DEBUG ClientCredentialsTokenEndpointFilter:211 - Request is to process authentication 2015-09-29 00:36:04 DEBUG ProviderManager:162 - Authentication attempt using org .springframework.security.authentication.dao.DaoAuthenticationProvider 2015-09-29 00:36:04 DEBUG ClientCredentialsTokenEndpointFilter:317 - Authenticat ion success. Updating SecurityContextHolder to contain: org.springframework.secu rity.authentication.UsernamePasswordAuthenticationToken@93f5f9e4: Principal: org .springframework.security.core.userdetails.User@d7e8fbd4: Username: mobile_1; Pa ssword: [PROTECTED]; Enabled: true; AccountNonExpired: true; credentialsNonExpir ed: true; AccountNonLocked: true; Granted Authorities: ROLE_USER; Credentials: [ PROTECTED]; Authenticated: true; Details: null; Granted Authorities: ROLE_USER 2015-09-29 00:36:04 DEBUG FilterChainProxy:324 - /oauth/token?username=user 001&password=Passw0rd!&client_id=mobile_1&client_secret=secret_1&grant_type=pass word at position 5 of 8 in additional filter chain; firing Filter: 'BasicAuthent icationFilter' 2015-09-29 00:36:04 DEBUG FilterChainProxy:324 - /oauth/token?username=user 001&password=Passw0rd!&client_id=mobile_1&client_secret=secret_1&grant_type=pass word at position 6 of 8 in additional filter chain; firing Filter: 'SecurityCont extHolderAwareRequestFilter' 2015-09-29 00:36:04 DEBUG FilterChainProxy:324 - /oauth/token?username=user 001&password=Passw0rd!&client_id=mobile_1&client_secret=secret_1&grant_type=pass word at position 7 of 8 in additional filter chain; firing Filter: 'ExceptionTra nslationFilter' 2015-09-29 00:36:04 DEBUG FilterChainProxy:324 - /oauth/token?username=user 001&password=Passw0rd!&client_id=mobile_1&client_secret=secret_1&grant_type=pass word at position 8 of 8 in additional filter chain; firing Filter: 'FilterSecuri tyInterceptor' 2015-09-29 00:36:04 DEBUG AntPathRequestMatcher:151 - Checking match of request : '/oauth/token'; against '/oauth/token' 2015-09-29 00:36:04 DEBUG FilterSecurityInterceptor:218 - Secure object: FilterI nvocation: URL: /oauth/token?username=user001&password=Passw0rd!&client_id= mobile_1&client_secret=secret_1&grant_type=password; Attributes: [permitAll()] 2015-09-29 00:36:04 DEBUG FilterSecurityInterceptor:347 - Previously Authenticat ed: org.springframework.security.authentication.UsernamePasswordAuthenticationTo ken@93f5f9e4: Principal: org.springframework.security.core.userdetails.User@d7e8 fbd4: Username: mobile_1; Password: [PROTECTED]; Enabled: true; AccountNonExpire d: true; credentialsNonExpired: true; AccountNonLocked: true; Granted Authoritie s: ROLE_USER; Credentials: [PROTECTED]; Authenticated: true; Details: null; Gran ted Authorities: ROLE_USER 2015-09-29 00:36:04 DEBUG AffirmativeBased:65 - Voter: org.springframework.secur ity.web.access.expression.WebExpressionVoter@f1a22b, returned: 1 2015-09-29 00:36:04 DEBUG FilterSecurityInterceptor:242 - Authorization successf ul 2015-09-29 00:36:04 DEBUG FilterSecurityInterceptor:255 - RunAsManager did not c hange Authentication object 2015-09-29 00:36:04 DEBUG FilterChainProxy:309 - /oauth/token?username=user 001&password=Passw0rd!&client_id=mobile_1&client_secret=secret_1&grant_type=pass word reached end of additional filter chain; proceeding with original chain 2015-09-29 00:36:04 DEBUG ExceptionTranslationFilter:116 - Chain processed norma lly 2015-09-29 00:36:04 DEBUG SecurityContextPersistenceFilter:105 - SecurityContext Holder now cleared, as request processing completed
我使用的Spring Security版本:
4.0.2.RELEASE