I've been working on a little spring boot app using docker-compose. I've got a container with the web app and one with the database. For development/debugging I've been launching just the database container using docker-compose and running the spring boot app in debug mode in Eclipse. So far, so good.
Then I try to run the whole thing using docker-compose. This is my yml file and log output below (some names have been changed to protect the innocent)...for testing the docker part I've mapped the jar file rather than rebuild the docker image every time.
version: '3'
services:
myapp-service:
image: myapp-service
env_file:
- common.env
ports:
- 8080:8080
volumes:
- "./target/myapp-service.jar:/myapp-service.jar"
depends_on:
- database
database:
image: mongo
env_file:
- common.env
volumes:
- "./init-mongo.js:/docker-entrypoint-initdb.d/init-mongo.js:ro"
ports:
- "27017-27019:27017-27019"
I have a custom login form, and running in Eclipse it works just fine. This is what I get when I run the whole thing in docker and navigate to the web page:
myapp-service_1 | 2020-05-04 00:20:27.083 DEBUG 1 --- [nio-8080-exec-8] o.s.security.web.FilterChainProxy : /login reached end of additional filter chain; proceeding with original chain
myapp-service_1 | 2020-05-04 00:20:27.083 DEBUG 1 --- [nio-8080-exec-8] o.s.web.servlet.DispatcherServlet : GET "/login", parameters={}
myapp-service_1 | 2020-05-04 00:20:27.084 DEBUG 1 --- [nio-8080-exec-8] s.w.s.m.m.a.RequestMappingHandlerMapping : Mapped to com.sammckee.data.controller.LoginController#login()
myapp-service_1 | 2020-05-04 00:20:27.085 DEBUG 1 --- [nio-8080-exec-8] o.s.w.s.v.ContentNegotiatingViewResolver : Selected 'text/html' given [text/html, application/xhtml+xml, image/webp, image/apng, application/xml;q=0.9, application/signed-exchange;v=b3;q=0.9, */*;q=0.8]
myapp-service_1 | 2020-05-04 00:20:27.085 DEBUG 1 --- [nio-8080-exec-8] o.s.web.servlet.view.JstlView : View name 'login', model {}
myapp-service_1 | 2020-05-04 00:20:27.086 DEBUG 1 --- [nio-8080-exec-8] o.s.web.servlet.view.JstlView : Forwarding to [/WEB-INF/views/login.jsp]
myapp-service_1 | 2020-05-04 00:20:27.092 DEBUG 1 --- [nio-8080-exec-8] o.s.s.w.header.writers.HstsHeaderWriter : Not injecting HSTS header since it did not match the requestMatcher org.springframework.security.web.header.writers.HstsHeaderWriter$SecureRequestMatcher#49e79d09
myapp-service_1 | 2020-05-04 00:20:27.092 DEBUG 1 --- [nio-8080-exec-8] w.c.HttpSessionSecurityContextRepository : SecurityContext is empty or contents are anonymous - context will not be stored in HttpSession.
myapp-service_1 | 2020-05-04 00:20:27.093 DEBUG 1 --- [nio-8080-exec-8] o.s.web.servlet.DispatcherServlet : Completed 404 NOT_FOUND
myapp-service_1 | 2020-05-04 00:20:27.093 DEBUG 1 --- [nio-8080-exec-8] o.s.s.w.a.ExceptionTranslationFilter : Chain processed normally
myapp-service_1 | 2020-05-04 00:20:27.093 DEBUG 1 --- [nio-8080-exec-8] s.s.w.c.SecurityContextPersistenceFilter : SecurityContextHolder now cleared, as request processing completed
myapp-service_1 | 2020-05-04 00:20:27.093 DEBUG 1 --- [nio-8080-exec-8] o.s.security.web.FilterChainProxy : /error at position 1 of 11 in additional filter chain; firing Filter: 'WebAsyncManagerIntegrationFilter'
myapp-service_1 | 2020-05-04 00:20:27.093 DEBUG 1 --- [nio-8080-exec-8] o.s.security.web.FilterChainProxy : /error at position 2 of 11 in additional filter chain; firing Filter: 'SecurityContextPersistenceFilter'
myapp-service_1 | 2020-05-04 00:20:27.093 DEBUG 1 --- [nio-8080-exec-8] w.c.HttpSessionSecurityContextRepository : HttpSession returned null object for SPRING_SECURITY_CONTEXT
myapp-service_1 | 2020-05-04 00:20:27.093 DEBUG 1 --- [nio-8080-exec-8] w.c.HttpSessionSecurityContextRepository : No SecurityContext was available from the HttpSession: org.apache.catalina.session.StandardSessionFacade#6c18ca17. A new one will be created.
myapp-service_1 | 2020-05-04 00:20:27.093 DEBUG 1 --- [nio-8080-exec-8] o.s.security.web.FilterChainProxy : /error at position 3 of 11 in additional filter chain; firing Filter: 'HeaderWriterFilter'
myapp-service_1 | 2020-05-04 00:20:27.093 DEBUG 1 --- [nio-8080-exec-8] o.s.security.web.FilterChainProxy : /error at position 4 of 11 in additional filter chain; firing Filter: 'LogoutFilter'
myapp-service_1 | 2020-05-04 00:20:27.093 DEBUG 1 --- [nio-8080-exec-8] o.s.s.web.util.matcher.OrRequestMatcher : Trying to match using Ant [pattern='/logout', GET]
myapp-service_1 | 2020-05-04 00:20:27.093 DEBUG 1 --- [nio-8080-exec-8] o.s.s.w.u.matcher.AntPathRequestMatcher : Checking match of request : '/error'; against '/logout'
myapp-service_1 | 2020-05-04 00:20:27.093 DEBUG 1 --- [nio-8080-exec-8] o.s.s.web.util.matcher.OrRequestMatcher : Trying to match using Ant [pattern='/logout', POST]
myapp-service_1 | 2020-05-04 00:20:27.093 DEBUG 1 --- [nio-8080-exec-8] o.s.s.w.u.matcher.AntPathRequestMatcher : Request 'GET /error' doesn't match 'POST /logout'
myapp-service_1 | 2020-05-04 00:20:27.093 DEBUG 1 --- [nio-8080-exec-8] o.s.s.web.util.matcher.OrRequestMatcher : Trying to match using Ant [pattern='/logout', PUT]
myapp-service_1 | 2020-05-04 00:20:27.093 DEBUG 1 --- [nio-8080-exec-8] o.s.s.w.u.matcher.AntPathRequestMatcher : Request 'GET /error' doesn't match 'PUT /logout'
myapp-service_1 | 2020-05-04 00:20:27.093 DEBUG 1 --- [nio-8080-exec-8] o.s.s.web.util.matcher.OrRequestMatcher : Trying to match using Ant [pattern='/logout', DELETE]
myapp-service_1 | 2020-05-04 00:20:27.093 DEBUG 1 --- [nio-8080-exec-8] o.s.s.w.u.matcher.AntPathRequestMatcher : Request 'GET /error' doesn't match 'DELETE /logout'
myapp-service_1 | 2020-05-04 00:20:27.093 DEBUG 1 --- [nio-8080-exec-8] o.s.s.web.util.matcher.OrRequestMatcher : No matches found
myapp-service_1 | 2020-05-04 00:20:27.093 DEBUG 1 --- [nio-8080-exec-8] o.s.security.web.FilterChainProxy : /error at position 5 of 11 in additional filter chain; firing Filter: 'UsernamePasswordAuthenticationFilter'
myapp-service_1 | 2020-05-04 00:20:27.093 DEBUG 1 --- [nio-8080-exec-8] o.s.s.w.u.matcher.AntPathRequestMatcher : Request 'GET /error' doesn't match 'POST /login'
myapp-service_1 | 2020-05-04 00:20:27.093 DEBUG 1 --- [nio-8080-exec-8] o.s.security.web.FilterChainProxy : /error at position 6 of 11 in additional filter chain; firing Filter: 'RequestCacheAwareFilter'
myapp-service_1 | 2020-05-04 00:20:27.093 DEBUG 1 --- [nio-8080-exec-8] o.s.s.w.s.DefaultSavedRequest : pathInfo: both null (property equals)
myapp-service_1 | 2020-05-04 00:20:27.093 DEBUG 1 --- [nio-8080-exec-8] o.s.s.w.s.DefaultSavedRequest : queryString: both null (property equals)
myapp-service_1 | 2020-05-04 00:20:27.093 DEBUG 1 --- [nio-8080-exec-8] o.s.s.w.s.DefaultSavedRequest : requestURI: arg1=/; arg2=/error (property not equals)
myapp-service_1 | 2020-05-04 00:20:27.093 DEBUG 1 --- [nio-8080-exec-8] o.s.s.w.s.HttpSessionRequestCache : saved request doesn't match
myapp-service_1 | 2020-05-04 00:20:27.093 DEBUG 1 --- [nio-8080-exec-8] o.s.security.web.FilterChainProxy : /error at position 7 of 11 in additional filter chain; firing Filter: 'SecurityContextHolderAwareRequestFilter'
myapp-service_1 | 2020-05-04 00:20:27.093 DEBUG 1 --- [nio-8080-exec-8] o.s.security.web.FilterChainProxy : /error at position 8 of 11 in additional filter chain; firing Filter: 'AnonymousAuthenticationFilter'
myapp-service_1 | 2020-05-04 00:20:27.094 DEBUG 1 --- [nio-8080-exec-8] o.s.s.w.a.AnonymousAuthenticationFilter : Populated SecurityContextHolder with anonymous token: 'org.springframework.security.authentication.AnonymousAuthenticationToken#48fd2a32: Principal: anonymousUser; Credentials: [PROTECTED]; Authenticated: true; Details: org.springframework.security.web.authentication.WebAuthenticationDetails#0: RemoteIpAddress: 172.30.0.1; SessionId: 7F4F9718EE23E9AA0244329F374437D3; Granted Authorities: ROLE_ANONYMOUS'
myapp-service_1 | 2020-05-04 00:20:27.094 DEBUG 1 --- [nio-8080-exec-8] o.s.security.web.FilterChainProxy : /error at position 9 of 11 in additional filter chain; firing Filter: 'SessionManagementFilter'
myapp-service_1 | 2020-05-04 00:20:27.094 DEBUG 1 --- [nio-8080-exec-8] o.s.security.web.FilterChainProxy : /error at position 10 of 11 in additional filter chain; firing Filter: 'ExceptionTranslationFilter'
myapp-service_1 | 2020-05-04 00:20:27.094 DEBUG 1 --- [nio-8080-exec-8] o.s.security.web.FilterChainProxy : /error at position 11 of 11 in additional filter chain; firing Filter: 'FilterSecurityInterceptor'
myapp-service_1 | 2020-05-04 00:20:27.094 DEBUG 1 --- [nio-8080-exec-8] o.s.security.web.FilterChainProxy : /error reached end of additional filter chain; proceeding with original chain
myapp-service_1 | 2020-05-04 00:20:27.094 DEBUG 1 --- [nio-8080-exec-8] o.s.web.servlet.DispatcherServlet : "ERROR" dispatch for GET "/error", parameters={}
myapp-service_1 | 2020-05-04 00:20:27.094 DEBUG 1 --- [nio-8080-exec-8] s.w.s.m.m.a.RequestMappingHandlerMapping : Mapped to org.springframework.boot.autoconfigure.web.servlet.error.BasicErrorController#errorHtml(HttpServletRequest, HttpServletResponse)
myapp-service_1 | 2020-05-04 00:20:27.097 DEBUG 1 --- [nio-8080-exec-8] o.s.w.s.v.ContentNegotiatingViewResolver : Selected 'text/html' given [text/html, text/html;q=0.8]
myapp-service_1 | 2020-05-04 00:20:27.097 DEBUG 1 --- [nio-8080-exec-8] o.s.web.servlet.DispatcherServlet : Exiting from "ERROR" dispatch, status 404
myapp-service_1 | 2020-05-04 00:20:27.097 DEBUG 1 --- [nio-8080-exec-8] o.s.s.w.a.ExceptionTranslationFilter : Chain processed normally
myapp-service_1 | 2020-05-04 00:20:27.097 DEBUG 1 --- [nio-8080-exec-8] w.c.HttpSessionSecurityContextRepository : SecurityContext is empty or contents are anonymous - context will not be stored in HttpSession.
myapp-service_1 | 2020-05-04 00:20:27.097 DEBUG 1 --- [nio-8080-exec-8] s.s.w.c.SecurityContextPersistenceFilter : SecurityContextHolder now cleared, as request processing completed
Any thoughts on what I might be missing? Again, it works fine in Eclipse. Sorry for the long log text--I wanted to make sure I was giving all the info necessary.
Edit/addendum:
When I navigate to the web app I see this:
Whitelabel Error Page
This application has no explicit mapping for /error, so you are seeing this as a fallback.
Mon May 04 00:20:27 GMT 2020
There was an unexpected error (type=Not Found, status=404).
/WEB-INF/views/login.jsp
My DAOs derive from a class that connects to the database like this:
String client_url = "mongodb://" + dbuser + ":" + dbpassword + "#" + hostName + ":" + 27017 + "/"
+ databaseName;
...where the host name, database, user and password are passed in by environment variables.
For the hostname I'm passing in "database" because that's the container name--that's how it should work in the container, right? When I run it in Eclipse I pass in "localhost" for the host name because the database container exposes the same port number to the local environment, and it works fine. I sort of expect to see database error messages if it's a problem with my mongo connection, but maybe not.
Edit/Addendum 2:
It definitely looks like there's something Springy I'm doing wrong. I made a little shell script to set the environment variables and run the jar file standalone in bash, outside the container, and it works as expected. Inside the docker container, I get errors. This is the part of the log that catches my eye:
Returning cached instance of singleton bean 'loginController'
s.w.s.m.m.a.RequestMappingHandlerMapping : Mapped to com.myapp.bank.controller.LoginController#login()
.w.s.m.m.a.ServletInvocableHandlerMethod : Arguments: []
o.s.w.s.v.InternalResourceViewResolver : View with key [login] served from cache
o.s.w.s.v.ContentNegotiatingViewResolver : Selected 'text/html' given [text/html, application/xhtml+xml, image/webp, image/apng, application/xml;q=0.9, application/signed-exchange;v=b3;q=0.9, */*;q=0.8]
o.s.web.servlet.DispatcherServlet : Rendering view [org.springframework.web.servlet.view.JstlView: name 'login'; URL [/WEB-INF/views/login.jsp]]
o.s.web.servlet.view.JstlView : View name 'login', model {}
o.s.b.f.s.DefaultListableBeanFactory : Returning cached instance of singleton bean 'requestDataValueProcessor'
o.s.web.servlet.view.JstlView : Forwarding to [/WEB-INF/views/login.jsp]
o.s.s.w.header.writers.HstsHeaderWriter : Not injecting HSTS header since it did not match the requestMatcher org.springframework.security.web.header.writers.HstsHeaderWriter$SecureRequestMatcher#70ad1909
w.c.HttpSessionSecurityContextRepository : SecurityContext is empty or contents are anonymous - context will not be stored in HttpSession.
o.s.web.servlet.DispatcherServlet : Completed 404 NOT_FOUND, headers={masked}
o.s.s.w.a.ExceptionTranslationFilter : Chain processed normally
Edit/Addendum 3:
Still stumped. What I have confirmed is that I can copy the jar file to other places, and it runs fine there, serves up JSPs as expected and does everything I want it to do. So it seems to me the jar file itself must be okay. I'm mystified by what might be different when it's inside docker.
Related
I try to use thymeleaf to pass an object to a spring controller but I have an error that I don't konow how to resolve it. The error is
There was an unexpected error (type=Not Found, status=404).
No message available
and in the console I can't find any error or warning.
I extend the debug of spring boot putting this two options in application.properties:
logging.level.web=debug
logging.level.root=debug
but I can't find an error that helps me, please I need some help to find a solution
can I extend more the debug of spring?
This is the popover when I try to load the object with thymeleaf:
<div th:fragment="search_exams">
<div id="popover-search-exams" style="display: none;">
<form th:action="#{/exams/search}" th:object="${exam}" method="get" id="form-search">
<div class="form-group">
<div class="form-group">
<label for="examDate">Fecha</label>
<input class="container-fluid" type="date" th:field="*{examDate}" name="examDate" id="search_date"/>
</div>
<div class="form-group">
<label for="examHour">Hora</label>
<input class="container-fluid" type="time" th:field="*{examHour}" name="examHour" id="search_hour"/>
</div>
<div class="form-group">
<label for="searchSubject">Asignatura</label>
<input class="container-fluid" type="text" name ="searchSubject" id="search_subject"/>
<span id="search_message" style="display:none;"></span>
<input class="container-fluid" type="hidden" th:field="*{subjectId}" name="subjectId" id="search_subjectId"/>
</div>
<div class="form-group">
<label for="lesson">Temas</label>
<input class="container-fluid" type="text" th:field="*{lesson}" name="lesson" id="search_lesson"/>
</div>
<div class="form-group" id="form-new-mark">
<label for="mark">Nota</label>
<input class="container-fluid" type="text" th:field="*{mark}" name="mark" step="0.01" id="search_mark" />
</div>
<div class="form-group">
<label for="notes">Observaciones</label>
<textarea class="container-fluid" type="text" th:field="*{notes}" name="notes" id="search_notes"></textarea>
</div>
</form>
</div>
<div class="modal-footer">
<button type="submit" class="btn btn-primary" id="btn-search-exams" value="submit" disabled>Buscar</button>
<button type="button" class="btn btn-secondary" data-dismiss="modal">Cerrar</button>
</div>
</div>
This is the controller
#Log4j2
#Controller
public class ExamController {
#Autowired
private ExamRestController examRestController;
#Autowired
private SubjectRestController subjectRestController;
public SubjectRestController getSubjectRestController() {
return subjectRestController;
}
public ExamRestController getExamRestController() {
return examRestController;
}
private final int NUM_ELEMENTS_PER_PAGE_IN_SEARCH = 25;
#GetMapping("/exams/search")
public String examSearch(#RequestBody Exam exam, #RequestParam(defaultValue = "0") int page, Model model) {
try {
Pageable pageableRequest = PageRequest.of(page, NUM_ELEMENTS_PER_PAGE_IN_SEARCH);
Page<Exam> pageExam = getExamRestController().getSearchExams(exam, pageableRequest);
model.addAttribute("exams", pageExam);
model.addAttribute("subjects", getSubjectRestController().getSubjects());
model.addAttribute("count", pageExam.getTotalElements());
model.addAttribute("page", page);
model.addAttribute("element", NUM_ELEMENTS_PER_PAGE_IN_SEARCH+page*NUM_ELEMENTS_PER_PAGE_IN_SEARCH);
model.addAttribute("elementsPerPage", NUM_ELEMENTS_PER_PAGE_IN_SEARCH);
log.info("loaded exams in a /exams/search");
return "search_exams";
}
catch(Exception e) {
log.error("error loading exams in /exams/search");
e.printStackTrace();
return null;
}
}
And this is the debug of console
Host: localhost:8080
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:73.0) Gecko/20100101 Firefox/73.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8
Accept-Language: es-ES,es;q=0.8,en-US;q=0.5,en;q=0.3
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://localhost:8080/exams
Cookie: JSESSIONID=EE7C7DF57B279D49A5248D9A7649ECC6; token=eyJhbGciOiJIUzI1NiJ9.eyJzdWIiOiJBbGJhIEJsYW5jbyIsInJvbGVzIjpbeyJpZCI6eyJ0aW1lc3RhbXAiOjE1Nzk4MDk2MDksIm1hY2hpbmVJZGVudGlmaWVyIjoxNDI2MzY5NCwicHJvY2Vzc0lkZW50aWZpZXIiOjE4ODM2LCJjb3VudGVyIjoxNDA1MjA1MCwiZGF0ZSI6MTU3OTgwOTYwOTAwMCwidGltZSI6MTU3OTgwOTYwOTAwMCwidGltZVNlY29uZCI6MTU3OTgwOTYwOX0sIm5hbWUiOiJST0xFX1NUVURFTlQifV0sImlhdCI6MTU4NDExOTY1NSwiZXhwIjoxNTg0MTIzMjU1fQ.Wy-zl1CeFNxs4jcpyfQEGg0R3yeu_C8e-KoIn4iuC9A
Upgrade-Insecure-Requests: 1
]
2020-03-13 18:18:17.961 DEBUG 15164 --- [nio-8080-exec-5] o.a.t.util.http.Rfc6265CookieProcessor : Cookies: Parsing b[]: JSESSIONID=EE7C7DF57B279D49A5248D9A7649ECC6; token=eyJhbGciOiJIUzI1NiJ9.eyJzdWIiOiJBbGJhIEJsYW5jbyIsInJvbGVzIjpbeyJpZCI6eyJ0aW1lc3RhbXAiOjE1Nzk4MDk2MDksIm1hY2hpbmVJZGVudGlmaWVyIjoxNDI2MzY5NCwicHJvY2Vzc0lkZW50aWZpZXIiOjE4ODM2LCJjb3VudGVyIjoxNDA1MjA1MCwiZGF0ZSI6MTU3OTgwOTYwOTAwMCwidGltZSI6MTU3OTgwOTYwOTAwMCwidGltZVNlY29uZCI6MTU3OTgwOTYwOX0sIm5hbWUiOiJST0xFX1NUVURFTlQifV0sImlhdCI6MTU4NDExOTY1NSwiZXhwIjoxNTg0MTIzMjU1fQ.Wy-zl1CeFNxs4jcpyfQEGg0R3yeu_C8e-KoIn4iuC9A
2020-03-13 18:18:17.963 DEBUG 15164 --- [nio-8080-exec-5] o.a.catalina.connector.CoyoteAdapter : Requested cookie session id is EE7C7DF57B279D49A5248D9A7649ECC6
2020-03-13 18:18:17.964 DEBUG 15164 --- [nio-8080-exec-5] o.a.c.authenticator.AuthenticatorBase : Security checking request GET /search/%7Bdata%7D
2020-03-13 18:18:17.965 DEBUG 15164 --- [nio-8080-exec-5] org.apache.catalina.realm.RealmBase : No applicable constraints defined
2020-03-13 18:18:17.965 DEBUG 15164 --- [nio-8080-exec-5] o.a.c.authenticator.AuthenticatorBase : Not subject to any constraint
2020-03-13 18:18:17.965 DEBUG 15164 --- [nio-8080-exec-5] o.s.b.w.s.f.OrderedRequestContextFilter : Bound request context to thread: org.apache.catalina.connector.RequestFacade#1a24094d
2020-03-13 18:18:17.965 DEBUG 15164 --- [nio-8080-exec-5] o.s.security.web.FilterChainProxy : /search/{data}?data= at position 1 of 13 in additional filter chain; firing Filter: 'WebAsyncManagerIntegrationFilter'
2020-03-13 18:18:17.965 DEBUG 15164 --- [nio-8080-exec-5] o.s.security.web.FilterChainProxy : /search/{data}?data= at position 2 of 13 in additional filter chain; firing Filter: 'SecurityContextPersistenceFilter'
2020-03-13 18:18:17.965 DEBUG 15164 --- [nio-8080-exec-5] o.s.security.web.FilterChainProxy : /search/{data}?data= at position 3 of 13 in additional filter chain; firing Filter: 'HeaderWriterFilter'
2020-03-13 18:18:17.966 DEBUG 15164 --- [nio-8080-exec-5] o.s.security.web.FilterChainProxy : /search/{data}?data= at position 4 of 13 in additional filter chain; firing Filter: 'LogoutFilter'
2020-03-13 18:18:17.966 DEBUG 15164 --- [nio-8080-exec-5] o.s.s.web.util.matcher.OrRequestMatcher : Trying to match using Ant [pattern='/logout', GET]
2020-03-13 18:18:17.966 DEBUG 15164 --- [nio-8080-exec-5] o.s.s.w.u.matcher.AntPathRequestMatcher : Checking match of request : '/search/{data}'; against '/logout'
2020-03-13 18:18:17.966 DEBUG 15164 --- [nio-8080-exec-5] o.s.s.web.util.matcher.OrRequestMatcher : Trying to match using Ant [pattern='/logout', POST]
2020-03-13 18:18:17.966 DEBUG 15164 --- [nio-8080-exec-5] o.s.s.w.u.matcher.AntPathRequestMatcher : Request 'GET /search/{data}' doesn't match 'POST /logout
2020-03-13 18:18:17.966 DEBUG 15164 --- [nio-8080-exec-5] o.s.s.web.util.matcher.OrRequestMatcher : Trying to match using Ant [pattern='/logout', PUT]
2020-03-13 18:18:17.966 DEBUG 15164 --- [nio-8080-exec-5] o.s.s.w.u.matcher.AntPathRequestMatcher : Request 'GET /search/{data}' doesn't match 'PUT /logout
2020-03-13 18:18:17.966 DEBUG 15164 --- [nio-8080-exec-5] o.s.s.web.util.matcher.OrRequestMatcher : Trying to match using Ant [pattern='/logout', DELETE]
2020-03-13 18:18:17.966 DEBUG 15164 --- [nio-8080-exec-5] o.s.s.w.u.matcher.AntPathRequestMatcher : Request 'GET /search/{data}' doesn't match 'DELETE /logout
2020-03-13 18:18:17.966 DEBUG 15164 --- [nio-8080-exec-5] o.s.s.web.util.matcher.OrRequestMatcher : No matches found
2020-03-13 18:18:17.966 DEBUG 15164 --- [nio-8080-exec-5] o.s.security.web.FilterChainProxy : /search/{data}?data= at position 5 of 13 in additional filter chain; firing Filter: 'RequestWrapperFilter'
2020-03-13 18:18:17.966 DEBUG 15164 --- [nio-8080-exec-5] o.s.security.web.FilterChainProxy : /search/{data}?data= at position 6 of 13 in additional filter chain; firing Filter: 'JwtTokenFilter'
2020-03-13 18:18:17.971 DEBUG 15164 --- [nio-8080-exec-5] o.s.d.m.r.query.MongoQueryCreator : Created query Query: { "username" : "Alba Blanco" }, Fields: { }, Sort: { }
2020-03-13 18:18:17.972 DEBUG 15164 --- [nio-8080-exec-5] o.s.data.mongodb.core.MongoTemplate : find using query: { "username" : "Alba Blanco" } fields: Document{{}} for class: class org.tutoring.web.models.Users in collection: users
2020-03-13 18:18:17.972 DEBUG 15164 --- [nio-8080-exec-5] org.mongodb.driver.protocol.command : Sending command {find : BsonString{value='users'}} to database tokensDb on connection [connectionId{localValue:6, serverValue:1724}] to server 127.0.0.1:27017
2020-03-13 18:18:17.973 DEBUG 15164 --- [nio-8080-exec-5] org.mongodb.driver.protocol.command : Command execution completed
2020-03-13 18:18:17.974 DEBUG 15164 --- [nio-8080-exec-5] o.s.security.web.FilterChainProxy : /search/{data}?data= at position 7 of 13 in additional filter chain; firing Filter: 'UsernamePasswordAuthenticationFilter'
2020-03-13 18:18:17.974 DEBUG 15164 --- [nio-8080-exec-5] o.s.s.w.u.matcher.AntPathRequestMatcher : Request 'GET /search/{data}' doesn't match 'POST /login
2020-03-13 18:18:17.974 DEBUG 15164 --- [nio-8080-exec-5] o.s.security.web.FilterChainProxy : /search/{data}?data= at position 8 of 13 in additional filter chain; firing Filter: 'RequestCacheAwareFilter'
2020-03-13 18:18:17.974 DEBUG 15164 --- [nio-8080-exec-5] o.s.security.web.FilterChainProxy : /search/{data}?data= at position 9 of 13 in additional filter chain; firing Filter: 'SecurityContextHolderAwareRequestFilter'
2020-03-13 18:18:17.974 DEBUG 15164 --- [nio-8080-exec-5] o.s.security.web.FilterChainProxy : /search/{data}?data= at position 10 of 13 in additional filter chain; firing Filter: 'AnonymousAuthenticationFilter'
2020-03-13 18:18:17.974 DEBUG 15164 --- [nio-8080-exec-5] o.s.s.w.a.AnonymousAuthenticationFilter : SecurityContextHolder not populated with anonymous token, as it already contained: 'org.springframework.security.authentication.UsernamePasswordAuthenticationToken#ddf42f4f: Principal: org.springframework.security.core.userdetails.User#f1887d9: Username: Alba Blanco; Password: [PROTECTED]; Enabled: true; AccountNonExpired: true; credentialsNonExpired: true; AccountNonLocked: true; Granted Authorities: ROLE_STUDENT; Credentials: [PROTECTED]; Authenticated: true; Details: null; Granted Authorities: ROLE_STUDENT'
2020-03-13 18:18:17.975 DEBUG 15164 --- [nio-8080-exec-5] o.s.security.web.FilterChainProxy : /search/{data}?data= at position 11 of 13 in additional filter chain; firing Filter: 'SessionManagementFilter'
2020-03-13 18:18:17.975 DEBUG 15164 --- [nio-8080-exec-5] s.CompositeSessionAuthenticationStrategy : Delegating to org.springframework.security.web.authentication.session.ChangeSessionIdAuthenticationStrategy#17d2b075
2020-03-13 18:18:17.975 DEBUG 15164 --- [nio-8080-exec-5] o.s.security.web.FilterChainProxy : /search/{data}?data= at position 12 of 13 in additional filter chain; firing Filter: 'ExceptionTranslationFilter'
2020-03-13 18:18:17.975 DEBUG 15164 --- [nio-8080-exec-5] o.s.security.web.FilterChainProxy : /search/{data}?data= at position 13 of 13 in additional filter chain; firing Filter: 'FilterSecurityInterceptor'
2020-03-13 18:18:17.976 DEBUG 15164 --- [nio-8080-exec-5] o.s.s.w.u.matcher.AntPathRequestMatcher : Checking match of request : '/search/{data}'; against '/'
2020-03-13 18:18:17.976 DEBUG 15164 --- [nio-8080-exec-5] o.s.s.w.u.matcher.AntPathRequestMatcher : Checking match of request : '/search/{data}'; against '/search_posts'
2020-03-13 18:18:17.976 DEBUG 15164 --- [nio-8080-exec-5] o.s.s.w.u.matcher.AntPathRequestMatcher : Checking match of request : '/search/{data}'; against '/wall/**'
2020-03-13 18:18:17.976 DEBUG 15164 --- [nio-8080-exec-5] o.s.s.w.u.matcher.AntPathRequestMatcher : Checking match of request : '/search/{data}'; against '/resources/**'
2020-03-13 18:18:17.976 DEBUG 15164 --- [nio-8080-exec-5] o.s.s.w.u.matcher.AntPathRequestMatcher : Checking match of request : '/search/{data}'; against '/css/**'
2020-03-13 18:18:17.976 DEBUG 15164 --- [nio-8080-exec-5] o.s.s.w.u.matcher.AntPathRequestMatcher : Checking match of request : '/search/{data}'; against '/js/**'
2020-03-13 18:18:17.976 DEBUG 15164 --- [nio-8080-exec-5] o.s.s.w.u.matcher.AntPathRequestMatcher : Checking match of request : '/search/{data}'; against '/webjars/**'
2020-03-13 18:18:17.976 DEBUG 15164 --- [nio-8080-exec-5] o.s.s.w.u.matcher.AntPathRequestMatcher : Checking match of request : '/search/{data}'; against '/register'
2020-03-13 18:18:17.976 DEBUG 15164 --- [nio-8080-exec-5] o.s.s.w.u.matcher.AntPathRequestMatcher : Checking match of request : '/search/{data}'; against '/api/auth/**'
2020-03-13 18:18:17.976 DEBUG 15164 --- [nio-8080-exec-5] o.s.s.w.u.matcher.AntPathRequestMatcher : Checking match of request : '/search/{data}'; against '/exams/**'
2020-03-13 18:18:17.976 DEBUG 15164 --- [nio-8080-exec-5] o.s.s.w.a.i.FilterSecurityInterceptor : Secure object: FilterInvocation: URL: /search/{data}?data=; Attributes: [authenticated]
2020-03-13 18:18:17.976 DEBUG 15164 --- [nio-8080-exec-5] o.s.s.w.a.i.FilterSecurityInterceptor : Previously Authenticated: org.springframework.security.authentication.UsernamePasswordAuthenticationToken#ddf42f4f: Principal: org.springframework.security.core.userdetails.User#f1887d9: Username: Alba Blanco; Password: [PROTECTED]; Enabled: true; AccountNonExpired: true; credentialsNonExpired: true; AccountNonLocked: true; Granted Authorities: ROLE_STUDENT; Credentials: [PROTECTED]; Authenticated: true; Details: null; Granted Authorities: ROLE_STUDENT
2020-03-13 18:18:17.977 DEBUG 15164 --- [nio-8080-exec-5] o.s.s.access.vote.AffirmativeBased : Voter: org.springframework.security.web.access.expression.WebExpressionVoter#3040768d, returned: 1
2020-03-13 18:18:17.977 DEBUG 15164 --- [nio-8080-exec-5] o.s.s.w.a.i.FilterSecurityInterceptor : Authorization successful
2020-03-13 18:18:17.977 DEBUG 15164 --- [nio-8080-exec-5] o.s.s.w.a.i.FilterSecurityInterceptor : RunAsManager did not change Authentication object
2020-03-13 18:18:17.977 DEBUG 15164 --- [nio-8080-exec-5] o.s.security.web.FilterChainProxy : /search/{data}?data= reached end of additional filter chain; proceeding with original chain
2020-03-13 18:18:17.977 DEBUG 15164 --- [nio-8080-exec-5] o.s.web.servlet.DispatcherServlet : DispatcherServlet with name 'dispatcherServlet' processing GET request for [/search/%7Bdata%7D]
2020-03-13 18:18:17.977 DEBUG 15164 --- [nio-8080-exec-5] s.w.s.m.m.a.RequestMappingHandlerMapping : Looking up handler method for path /search/{data}
2020-03-13 18:18:17.980 DEBUG 15164 --- [nio-8080-exec-5] s.w.s.m.m.a.RequestMappingHandlerMapping : Did not find handler method for [/search/{data}]
2020-03-13 18:18:17.981 DEBUG 15164 --- [nio-8080-exec-5] o.s.w.s.handler.SimpleUrlHandlerMapping : Matching patterns for request [/search/{data}] are [/**]
2020-03-13 18:18:17.981 DEBUG 15164 --- [nio-8080-exec-5] o.s.w.s.handler.SimpleUrlHandlerMapping : URI Template variables for request [/search/{data}] are {}
2020-03-13 18:18:17.981 DEBUG 15164 --- [nio-8080-exec-5] o.s.w.s.handler.SimpleUrlHandlerMapping : Mapping [/search/{data}] to HandlerExecutionChain with handler [ResourceHttpRequestHandler [locations=[class path resource [META-INF/resources/], class path resource [resources/], class path resource [static/], class path resource [public/], ServletContext resource [/]], resolvers=[org.springframework.web.servlet.resource.PathResourceResolver#10817f46]]] and 1 interceptor
2020-03-13 18:18:17.981 DEBUG 15164 --- [nio-8080-exec-5] o.s.web.servlet.DispatcherServlet : Last-Modified value for [/search/%7Bdata%7D] is: -1
2020-03-13 18:18:17.982 DEBUG 15164 --- [nio-8080-exec-5] o.s.s.w.header.writers.HstsHeaderWriter : Not injecting HSTS header since it did not match the requestMatcher org.springframework.security.web.header.writers.HstsHeaderWriter$SecureRequestMatcher#763a8ad2
2020-03-13 18:18:17.982 DEBUG 15164 --- [nio-8080-exec-5] o.s.web.servlet.DispatcherServlet : Null ModelAndView returned to DispatcherServlet with name 'dispatcherServlet': assuming HandlerAdapter completed request handling
2020-03-13 18:18:17.982 DEBUG 15164 --- [nio-8080-exec-5] o.s.web.servlet.DispatcherServlet : Successfully completed request
2020-03-13 18:18:17.983 DEBUG 15164 --- [nio-8080-exec-5] o.s.s.w.a.ExceptionTranslationFilter : Chain processed normally
2020-03-13 18:18:17.983 DEBUG 15164 --- [nio-8080-exec-5] s.s.w.c.SecurityContextPersistenceFilter : SecurityContextHolder now cleared, as request processing completed
2020-03-13 18:18:17.983 DEBUG 15164 --- [nio-8080-exec-5] o.s.b.w.s.f.OrderedRequestContextFilter : Cleared thread-bound request context: org.apache.catalina.connector.RequestFacade#1a24094d
2020-03-13 18:18:17.983 DEBUG 15164 --- [nio-8080-exec-5] o.a.c.c.C.[Tomcat].[localhost] : Processing ErrorPage[errorCode=0, location=/error]
2020-03-13 18:18:17.985 DEBUG 15164 --- [nio-8080-exec-5] o.s.security.web.FilterChainProxy : /error?data= at position 1 of 13 in additional filter chain; firing Filter: 'WebAsyncManagerIntegrationFilter'
2020-03-13 18:18:17.985 DEBUG 15164 --- [nio-8080-exec-5] o.s.security.web.FilterChainProxy : /error?data= at position 2 of 13 in additional filter chain; firing Filter: 'SecurityContextPersistenceFilter'
2020-03-13 18:18:17.985 DEBUG 15164 --- [nio-8080-exec-5] o.s.security.web.FilterChainProxy : /error?data= at position 3 of 13 in additional filter chain; firing Filter: 'HeaderWriterFilter'
2020-03-13 18:18:17.985 DEBUG 15164 --- [nio-8080-exec-5] o.s.security.web.FilterChainProxy : /error?data= at position 4 of 13 in additional filter chain; firing Filter: 'LogoutFilter'
2020-03-13 18:18:17.985 DEBUG 15164 --- [nio-8080-exec-5] o.s.s.web.util.matcher.OrRequestMatcher : Trying to match using Ant [pattern='/logout', GET]
2020-03-13 18:18:17.985 DEBUG 15164 --- [nio-8080-exec-5] o.s.s.w.u.matcher.AntPathRequestMatcher : Checking match of request : '/error'; against '/logout'
2020-03-13 18:18:17.986 DEBUG 15164 --- [nio-8080-exec-5] o.s.s.web.util.matcher.OrRequestMatcher : Trying to match using Ant [pattern='/logout', POST]
2020-03-13 18:18:17.986 DEBUG 15164 --- [nio-8080-exec-5] o.s.s.w.u.matcher.AntPathRequestMatcher : Request 'GET /error' doesn't match 'POST /logout
2020-03-13 18:18:17.986 DEBUG 15164 --- [nio-8080-exec-5] o.s.s.web.util.matcher.OrRequestMatcher : Trying to match using Ant [pattern='/logout', PUT]
2020-03-13 18:18:17.986 DEBUG 15164 --- [nio-8080-exec-5] o.s.s.w.u.matcher.AntPathRequestMatcher : Request 'GET /error' doesn't match 'PUT /logout
2020-03-13 18:18:17.986 DEBUG 15164 --- [nio-8080-exec-5] o.s.s.web.util.matcher.OrRequestMatcher : Trying to match using Ant [pattern='/logout', DELETE]
2020-03-13 18:18:17.986 DEBUG 15164 --- [nio-8080-exec-5] o.s.s.w.u.matcher.AntPathRequestMatcher : Request 'GET /error' doesn't match 'DELETE /logout
2020-03-13 18:18:17.986 DEBUG 15164 --- [nio-8080-exec-5] o.s.s.web.util.matcher.OrRequestMatcher : No matches found
2020-03-13 18:18:17.986 DEBUG 15164 --- [nio-8080-exec-5] o.s.security.web.FilterChainProxy : /error?data= at position 5 of 13 in additional filter chain; firing Filter: 'RequestWrapperFilter'
2020-03-13 18:18:17.986 DEBUG 15164 --- [nio-8080-exec-5] o.s.security.web.FilterChainProxy : /error?data= at position 6 of 13 in additional filter chain; firing Filter: 'JwtTokenFilter'
2020-03-13 18:18:17.986 DEBUG 15164 --- [nio-8080-exec-5] o.s.security.web.FilterChainProxy : /error?data= at position 7 of 13 in additional filter chain; firing Filter: 'UsernamePasswordAuthenticationFilter'
2020-03-13 18:18:17.986 DEBUG 15164 --- [nio-8080-exec-5] o.s.s.w.u.matcher.AntPathRequestMatcher : Request 'GET /error' doesn't match 'POST /login
2020-03-13 18:18:17.986 DEBUG 15164 --- [nio-8080-exec-5] o.s.security.web.FilterChainProxy : /error?data= at position 8 of 13 in additional filter chain; firing Filter: 'RequestCacheAwareFilter'
2020-03-13 18:18:17.986 DEBUG 15164 --- [nio-8080-exec-5] o.s.security.web.FilterChainProxy : /error?data= at position 9 of 13 in additional filter chain; firing Filter: 'SecurityContextHolderAwareRequestFilter'
2020-03-13 18:18:17.986 DEBUG 15164 --- [nio-8080-exec-5] o.s.security.web.FilterChainProxy : /error?data= at position 10 of 13 in additional filter chain; firing Filter: 'AnonymousAuthenticationFilter'
2020-03-13 18:18:17.986 DEBUG 15164 --- [nio-8080-exec-5] o.s.s.w.a.AnonymousAuthenticationFilter : Populated SecurityContextHolder with anonymous token: 'org.springframework.security.authentication.AnonymousAuthenticationToken#d2caebe0: Principal: anonymousUser; Credentials: [PROTECTED]; Authenticated: true; Details: org.springframework.security.web.authentication.WebAuthenticationDetails#fffbcba8: RemoteIpAddress: 0:0:0:0:0:0:0:1; SessionId: A45269E85E76F8D731914F24A2F2E639; Granted Authorities: ROLE_ANONYMOUS'
2020-03-13 18:18:17.986 DEBUG 15164 --- [nio-8080-exec-5] o.s.security.web.FilterChainProxy : /error?data= at position 11 of 13 in additional filter chain; firing Filter: 'SessionManagementFilter'
2020-03-13 18:18:17.986 DEBUG 15164 --- [nio-8080-exec-5] o.s.security.web.FilterChainProxy : /error?data= at position 12 of 13 in additional filter chain; firing Filter: 'ExceptionTranslationFilter'
2020-03-13 18:18:17.986 DEBUG 15164 --- [nio-8080-exec-5] o.s.security.web.FilterChainProxy : /error?data= at position 13 of 13 in additional filter chain; firing Filter: 'FilterSecurityInterceptor'
2020-03-13 18:18:17.987 DEBUG 15164 --- [nio-8080-exec-5] o.s.security.web.FilterChainProxy : /error?data= reached end of additional filter chain; proceeding with original chain
2020-03-13 18:18:17.987 DEBUG 15164 --- [nio-8080-exec-5] o.s.web.servlet.DispatcherServlet : DispatcherServlet with name 'dispatcherServlet' processing GET request for [/error]
2020-03-13 18:18:17.987 DEBUG 15164 --- [nio-8080-exec-5] s.w.s.m.m.a.RequestMappingHandlerMapping : Looking up handler method for path /error
2020-03-13 18:18:17.988 DEBUG 15164 --- [nio-8080-exec-5] s.w.s.m.m.a.RequestMappingHandlerMapping : Returning handler method [public org.springframework.web.servlet.ModelAndView org.springframework.boot.autoconfigure.web.servlet.error.BasicErrorController.errorHtml(javax.servlet.http.HttpServletRequest,javax.servlet.http.HttpServletResponse)]
2020-03-13 18:18:17.988 DEBUG 15164 --- [nio-8080-exec-5] o.s.b.f.s.DefaultListableBeanFactory : Returning cached instance of singleton bean 'basicErrorController'
2020-03-13 18:18:17.988 DEBUG 15164 --- [nio-8080-exec-5] o.s.web.servlet.DispatcherServlet : Last-Modified value for [/error] is: -1
2020-03-13 18:18:17.989 DEBUG 15164 --- [nio-8080-exec-5] o.s.c.e.PropertySourcesPropertyResolver : Could not find key 'spring.template.provider.cache' in any property source
2020-03-13 18:18:17.991 DEBUG 15164 --- [nio-8080-exec-5] o.s.c.e.PropertySourcesPropertyResolver : Could not find key 'spring.template.provider.cache' in any property source
2020-03-13 18:18:17.992 DEBUG 15164 --- [nio-8080-exec-5] o.s.w.s.v.ContentNegotiatingViewResolver : Requested media types are [text/html, text/html;q=0.8] based on Accept header types and producible media types [text/html])
2020-03-13 18:18:17.992 DEBUG 15164 --- [nio-8080-exec-5] o.s.b.f.s.DefaultListableBeanFactory : Returning cached instance of singleton bean 'error'
2020-03-13 18:18:17.993 DEBUG 15164 --- [nio-8080-exec-5] o.s.w.s.v.ContentNegotiatingViewResolver : Returning [org.springframework.boot.autoconfigure.web.servlet.error.ErrorMvcAutoConfiguration$SpelView#a99792d] based on requested media type 'text/html'
2020-03-13 18:18:17.993 DEBUG 15164 --- [nio-8080-exec-5] o.s.web.servlet.DispatcherServlet : Rendering view [org.springframework.boot.autoconfigure.web.servlet.error.ErrorMvcAutoConfiguration$SpelView#a99792d] in DispatcherServlet with name 'dispatcherServlet'
2020-03-13 18:18:17.993 DEBUG 15164 --- [nio-8080-exec-5] o.s.web.servlet.DispatcherServlet : Successfully completed request
2020-03-13 18:18:17.993 DEBUG 15164 --- [nio-8080-exec-5] o.s.s.w.a.ExceptionTranslationFilter : Chain processed normally
2020-03-13 18:18:17.993 DEBUG 15164 --- [nio-8080-exec-5] s.s.w.c.SecurityContextPersistenceFilter : SecurityContextHolder now cleared, as request processing completed
2020-03-13 18:18:17.993 DEBUG 15164 --- [nio-8080-exec-5] o.a.c.c.C.[.[.[/].[dispatcherServlet] : Disabling the response for further output
2020-03-13 18:18:17.994 DEBUG 15164 --- [nio-8080-exec-5] o.a.tomcat.util.net.SocketWrapperBase : Socket: [org.apache.tomcat.util.net.NioEndpoint$NioSocketWrapper#5777be98:org.apache.tomcat.util.net.NioChannel#87be136:java.nio.channels.SocketChannel[connected local=/0:0:0:0:0:0:0:1:8080 remote=/0:0:0:0:0:0:0:1:61734]], Read from buffer: [0]
2020-03-13 18:18:17.994 DEBUG 15164 --- [nio-8080-exec-5] org.apache.tomcat.util.net.NioEndpoint : Socket: [org.apache.tomcat.util.net.NioEndpoint$NioSocketWrapper#5777be98:org.apache.tomcat.util.net.NioChannel#87be136:java.nio.channels.SocketChannel[connected local=/0:0:0:0:0:0:0:1:8080 remote=/0:0:0:0:0:0:0:1:61734]], Read direct from socket: [0]
2020-03-13 18:18:17.994 DEBUG 15164 --- [nio-8080-exec-5] o.apache.coyote.http11.Http11Processor : Socket: [org.apache.tomcat.util.net.NioEndpoint$NioSocketWrapper#5777be98:org.apache.tomcat.util.net.NioChannel#87be136:java.nio.channels.SocketChannel[connected local=/0:0:0:0:0:0:0:1:8080 remote=/0:0:0:0:0:0:0:1:61734]], Status in: [OPEN_READ], State out: [OPEN]
2020-03-13 18:18:18.609 DEBUG 15164 --- [Engine[Tomcat]]] org.apache.catalina.session.ManagerBase : Start expire sessions StandardManager at 1584119898609 sessioncount 1
2020-03-13 18:18:18.609 DEBUG 15164 --- [Engine[Tomcat]]] org.apache.catalina.session.ManagerBase : End expire sessions StandardManager processingTime 0 expired sessions: 0
2020-03-13 18:18:22.110 DEBUG 15164 --- [127.0.0.1:27017] org.mongodb.driver.cluster : Checking status of 127.0.0.1:27017
2020-03-13 18:18:22.111 DEBUG 15164 --- [127.0.0.1:27017] org.mongodb.driver.cluster : Updating cluster description to {type=STANDALONE, servers=[{address=127.0.0.1:27017, type=STANDALONE, roundTripTime=1.1 ms, state=CONNECTED}]
2020-03-13 18:18:22.117 DEBUG 15164 --- [127.0.0.1:27017] org.mongodb.driver.cluster : Checking status of 127.0.0.1:27017
2020-03-13 18:18:22.117 DEBUG 15164 --- [127.0.0.1:27017] org.mongodb.driver.cluster : Updating cluster description to {type=STANDALONE, servers=[{address=127.0.0.1:27017, type=STANDALONE, roundTripTime=1.0 ms, state=CONNECTED}]
2020-03-13 18:18:22.118 DEBUG 15164 --- [localhost:27017] org.mongodb.driver.cluster : Checking status of localhost:27017
2020-03-13 18:18:22.118 DEBUG 15164 --- [localhost:27017] org.mongodb.driver.cluster : Updating cluster description to {type=STANDALONE, servers=[{address=localhost:27017, type=STANDALONE, roundTripTime=1.2 ms, state=CONNECTED}]
Any help will be appreciated, please if someone has any clue make me know
Thanks
I am trying to set up an angular 6 application that talks to a local spring boot REST application.
I have finally been able to login, and use GET requests, which seem to use the correct cookies. There are 2 cookies, a JSESSION cookie, and a XSRF cookie. The issue is I am getting a 403 response from any POST request. I am pretty confident that it is more of an issue with my Spring set up.
Spring Security config:
#Configuration
public class CORSConfig implements WebMvcConfigurer {
#Override
public void addCorsMappings(CorsRegistry registry) {
registry.addMapping("/**")
.allowedOrigins("http://localhost:4200")
.allowCredentials(true)
.allowedHeaders("*")
.allowedMethods("GET", "POST", "*")
.exposedHeaders("Set-Cookie","Authorization");
}
And
#Override
protected void configure(HttpSecurity http) throws Exception {
http
.cors()
.and()
.httpBasic()
.and()
.authorizeRequests()
.antMatchers("/", "/main", "/user", "/runtime.js","/polyfills.js",
"/main.js", "/styles.js", "/vendor.js").permitAll()
.anyRequest().authenticated()
.and()
.csrf()
.csrfTokenRepository(CookieCsrfTokenRepository.withHttpOnlyFalse())
.and().sessionManagement().maximumSessions(1).and()
.sessionCreationPolicy(SessionCreationPolicy.IF_REQUIRED);
}
Please note the antMatchers besides "/user" aren't actually being used in this set up. Those files are being served locally using ng serve.
My angular set up:
#Injectable()
export class AuthenticationInterceptor implements HttpInterceptor{
intercept(req: HttpRequest<any>, next: HttpHandler):
Observable<HttpEvent<any>>
{
const xhr = req.clone({
headers: req.headers.set('X-Requested-With', 'XMLHttpRequest'),
withCredentials: true
});
return next.handle(xhr);
}
This call will work now:
getExercise(id:Number): Observable<Exercise>
{
return this.http.get<Exercise>(environment.baseUrl + '/api/exercise/' + id);
}
But this one, a POST, will not.
saveExercise(exercise: Exercise): Observable<Exercise>
{
return this.http.post<Exercise>(environment.baseUrl +
'/newExercise',exercise);
}
Spring Security logs for the GET:
DEBUG 18776 --- [nio-8080-exec-1] o.s.b.w.s.f.OrderedRequestContextFilter : Bound request context to thread: org.apache.catalina.connector.RequestFacade#29dbd699
DEBUG 18776 --- [nio-8080-exec-1] o.s.security.web.FilterChainProxy : /api/exercise/2 at position 1 of 14 in additional filter chain; firing Filter: 'WebAsyncManagerIntegrationFilter'
DEBUG 18776 --- [nio-8080-exec-1] o.s.security.web.FilterChainProxy : /api/exercise/2 at position 2 of 14 in additional filter chain; firing Filter: 'SecurityContextPersistenceFilter'
DEBUG 18776 --- [nio-8080-exec-1] w.c.HttpSessionSecurityContextRepository : No HttpSession currently exists
DEBUG 18776 --- [nio-8080-exec-1] w.c.HttpSessionSecurityContextRepository : No SecurityContext was available from the HttpSession: null. A new one will be created.
DEBUG 18776 --- [nio-8080-exec-1] o.s.security.web.FilterChainProxy : /api/exercise/2 at position 3 of 14 in additional filter chain; firing Filter: 'HeaderWriterFilter'
DEBUG 18776 --- [nio-8080-exec-1] o.s.security.web.FilterChainProxy : /api/exercise/2 at position 4 of 14 in additional filter chain; firing Filter: 'CorsFilter'
DEBUG 18776 --- [nio-8080-exec-1] o.s.s.w.header.writers.HstsHeaderWriter : Not injecting HSTS header since it did not match the requestMatcher org.springframework.security.web.header.writers.HstsHeaderWriter$SecureRequestMatcher#2de4577a
DEBUG 18776 --- [nio-8080-exec-1] w.c.HttpSessionSecurityContextRepository : SecurityContext is empty or contents are anonymous - context will not be stored in HttpSession.
DEBUG 18776 --- [nio-8080-exec-1] s.s.w.c.SecurityContextPersistenceFilter : SecurityContextHolder now cleared, as request processing completed
DEBUG 18776 --- [nio-8080-exec-1] o.s.b.w.s.f.OrderedRequestContextFilter : Cleared thread-bound request context: org.apache.catalina.connector.RequestFacade#29dbd699
DEBUG 18776 --- [nio-8080-exec-4] o.s.b.w.s.f.OrderedRequestContextFilter : Bound request context to thread: org.apache.catalina.connector.RequestFacade#29dbd699
DEBUG 18776 --- [nio-8080-exec-4] o.s.security.web.FilterChainProxy : /api/exercise/2 at position 1 of 14 in additional filter chain; firing Filter: 'WebAsyncManagerIntegrationFilter'
DEBUG 18776 --- [nio-8080-exec-4] o.s.security.web.FilterChainProxy : /api/exercise/2 at position 2 of 14 in additional filter chain; firing Filter: 'SecurityContextPersistenceFilter'
DEBUG 18776 --- [nio-8080-exec-4] w.c.HttpSessionSecurityContextRepository : Obtained a valid SecurityContext from SPRING_SECURITY_CONTEXT: 'org.springframework.security.core.context.SecurityContextImpl#84a2a85a: Authentication: org.springframework.security.authentication.UsernamePasswordAuthenticationToken#84a2a85a: Principal: com.op.movement.model.ApplicationUserDetails#7b5de4fa; Credentials: [PROTECTED]; Authenticated: true; Details: org.springframework.security.web.authentication.WebAuthenticationDetails#b364: RemoteIpAddress: 0:0:0:0:0:0:0:1; SessionId: null; Not granted any authorities'
DEBUG 18776 --- [nio-8080-exec-4] o.s.security.web.FilterChainProxy : /api/exercise/2 at position 3 of 14 in additional filter chain; firing Filter: 'HeaderWriterFilter'
DEBUG 18776 --- [nio-8080-exec-4] o.s.security.web.FilterChainProxy : /api/exercise/2 at position 4 of 14 in additional filter chain; firing Filter: 'CorsFilter'
DEBUG 18776 --- [nio-8080-exec-4] o.s.security.web.FilterChainProxy : /api/exercise/2 at position 5 of 14 in additional filter chain; firing Filter: 'CsrfFilter'
DEBUG 18776 --- [nio-8080-exec-4] o.s.security.web.FilterChainProxy : /api/exercise/2 at position 6 of 14 in additional filter chain; firing Filter: 'LogoutFilter'
DEBUG 18776 --- [nio-8080-exec-4] o.s.s.w.u.matcher.AntPathRequestMatcher : Request 'GET /api/exercise/2' doesn't match 'POST /logout
DEBUG 18776 --- [nio-8080-exec-4] o.s.security.web.FilterChainProxy : /api/exercise/2 at position 7 of 14 in additional filter chain; firing Filter: 'ConcurrentSessionFilter'
DEBUG 18776 --- [nio-8080-exec-4] o.s.security.web.FilterChainProxy : /api/exercise/2 at position 8 of 14 in additional filter chain; firing Filter: 'BasicAuthenticationFilter'
DEBUG 18776 --- [nio-8080-exec-4] o.s.security.web.FilterChainProxy : /api/exercise/2 at position 9 of 14 in additional filter chain; firing Filter: 'RequestCacheAwareFilter'
DEBUG 18776 --- [nio-8080-exec-4] o.s.security.web.FilterChainProxy : /api/exercise/2 at position 10 of 14 in additional filter chain; firing Filter: 'SecurityContextHolderAwareRequestFilter'
DEBUG 18776 --- [nio-8080-exec-4] o.s.security.web.FilterChainProxy : /api/exercise/2 at position 11 of 14 in additional filter chain; firing Filter: 'AnonymousAuthenticationFilter'
DEBUG 18776 --- [nio-8080-exec-4] o.s.s.w.a.AnonymousAuthenticationFilter : SecurityContextHolder not populated with anonymous token, as it already contained: 'org.springframework.security.authentication.UsernamePasswordAuthenticationToken#84a2a85a: Principal: com.op.movement.model.ApplicationUserDetails#7b5de4fa; Credentials: [PROTECTED]; Authenticated: true; Details: org.springframework.security.web.authentication.WebAuthenticationDetails#b364: RemoteIpAddress: 0:0:0:0:0:0:0:1; SessionId: null; Not granted any authorities'
DEBUG 18776 --- [nio-8080-exec-4] o.s.security.web.FilterChainProxy : /api/exercise/2 at position 12 of 14 in additional filter chain; firing Filter: 'SessionManagementFilter'
DEBUG 18776 --- [nio-8080-exec-4] o.s.security.web.FilterChainProxy : /api/exercise/2 at position 13 of 14 in additional filter chain; firing Filter: 'ExceptionTranslationFilter'
DEBUG 18776 --- [nio-8080-exec-4] o.s.security.web.FilterChainProxy : /api/exercise/2 at position 14 of 14 in additional filter chain; firing Filter: 'FilterSecurityInterceptor'
DEBUG 18776 --- [nio-8080-exec-4] o.s.s.w.u.matcher.AntPathRequestMatcher : Checking match of request : '/api/exercise/2'; against '/'
DEBUG 18776 --- [nio-8080-exec-4] o.s.s.w.u.matcher.AntPathRequestMatcher : Checking match of request : '/api/exercise/2'; against '/main'
DEBUG 18776 --- [nio-8080-exec-4] o.s.s.w.u.matcher.AntPathRequestMatcher : Checking match of request : '/api/exercise/2'; against '/user'
DEBUG 18776 --- [nio-8080-exec-4] o.s.s.w.u.matcher.AntPathRequestMatcher : Checking match of request : '/api/exercise/2'; against '/runtime.js'
DEBUG 18776 --- [nio-8080-exec-4] o.s.s.w.u.matcher.AntPathRequestMatcher : Checking match of request : '/api/exercise/2'; against '/polyfills.js'
DEBUG 18776 --- [nio-8080-exec-4] o.s.s.w.u.matcher.AntPathRequestMatcher : Checking match of request : '/api/exercise/2'; against '/main.js'
DEBUG 18776 --- [nio-8080-exec-4] o.s.s.w.u.matcher.AntPathRequestMatcher : Checking match of request : '/api/exercise/2'; against '/styles.js'
DEBUG 18776 --- [nio-8080-exec-4] o.s.s.w.u.matcher.AntPathRequestMatcher : Checking match of request : '/api/exercise/2'; against '/vendor.js'
DEBUG 18776 --- [nio-8080-exec-4] o.s.s.w.a.i.FilterSecurityInterceptor : Secure object: FilterInvocation: URL: /api/exercise/2; Attributes: [authenticated]
DEBUG 18776 --- [nio-8080-exec-4] o.s.s.w.a.i.FilterSecurityInterceptor : Previously Authenticated: org.springframework.security.authentication.UsernamePasswordAuthenticationToken#84a2a85a: Principal: com.op.movement.model.ApplicationUserDetails#7b5de4fa; Credentials: [PROTECTED]; Authenticated: true; Details: org.springframework.security.web.authentication.WebAuthenticationDetails#b364: RemoteIpAddress: 0:0:0:0:0:0:0:1; SessionId: null; Not granted any authorities
DEBUG 18776 --- [nio-8080-exec-4] o.s.s.access.vote.AffirmativeBased : Voter: org.springframework.security.web.access.expression.WebExpressionVoter#74ead523, returned: 1
DEBUG 18776 --- [nio-8080-exec-4] o.s.s.w.a.i.FilterSecurityInterceptor : Authorization successful
DEBUG 18776 --- [nio-8080-exec-4] o.s.s.w.a.i.FilterSecurityInterceptor : RunAsManager did not change Authentication object
DEBUG 18776 --- [nio-8080-exec-4] o.s.security.web.FilterChainProxy : /api/exercise/2 reached end of additional filter chain; proceeding with original chain
Getting exercise by ID: 2
DEBUG 18776 --- [nio-8080-exec-4] org.hibernate.SQL : select exercise0_.id as id1_0_0_, exercise0_.instructions as instruct2_0_0_, exercise0_.name as name3_0_0_ from operation_movement.exercises exercise0_ where exercise0_.id=?
DEBUG 18776 --- [nio-8080-exec-4] org.hibernate.SQL : select goaltypes0_.exercise_id as exercise1_1_0_, goaltypes0_.goal_types_id as goal_typ2_1_0_, goaltype1_.id as id1_2_1_, goaltype1_.name as name2_2_1_ from operation_movement.exercises_goal_types goaltypes0_ inner join operation_movement.goaltypes goaltype1_ on goaltypes0_.goal_types_id=goaltype1_.id where goaltypes0_.exercise_id=?
DEBUG 18776 --- [nio-8080-exec-4] o.s.s.w.header.writers.HstsHeaderWriter : Not injecting HSTS header since it did not match the requestMatcher org.springframework.security.web.header.writers.HstsHeaderWriter$SecureRequestMatcher#2de4577a
DEBUG 18776 --- [nio-8080-exec-4] o.s.s.w.a.ExceptionTranslationFilter : Chain processed normally
DEBUG 18776 --- [nio-8080-exec-4] s.s.w.c.SecurityContextPersistenceFilter : SecurityContextHolder now cleared, as request processing completed
DEBUG 18776 --- [nio-8080-exec-4] o.s.b.w.s.f.OrderedRequestContextFilter : Cleared thread-bound request context: org.apache.catalina.connector.RequestFacade#29dbd699
Spring logs for the POST which returns a 403 response:
DEBUG 18776 --- [nio-8080-exec-7] o.s.security.web.FilterChainProxy : /newExercise at position 1 of 14 in additional filter chain; firing Filter: 'WebAsyncManagerIntegrationFilter'
DEBUG 18776 --- [nio-8080-exec-7] o.s.security.web.FilterChainProxy : /newExercise at position 2 of 14 in additional filter chain; firing Filter: 'SecurityContextPersistenceFilter'
DEBUG 18776 --- [nio-8080-exec-7] w.c.HttpSessionSecurityContextRepository : Obtained a valid SecurityContext from SPRING_SECURITY_CONTEXT: 'org.springframework.security.core.context.SecurityContextImpl#84a2a85a: Authentication: org.springframework.security.authentication.UsernamePasswordAuthenticationToken#84a2a85a: Principal: com.op.movement.model.ApplicationUserDetails#7b5de4fa; Credentials: [PROTECTED]; Authenticated: true; Details: org.springframework.security.web.authentication.WebAuthenticationDetails#b364: RemoteIpAddress: 0:0:0:0:0:0:0:1; SessionId: null; Not granted any authorities'
DEBUG 18776 --- [nio-8080-exec-7] o.s.security.web.FilterChainProxy : /newExercise at position 3 of 14 in additional filter chain; firing Filter: 'HeaderWriterFilter'
DEBUG 18776 --- [nio-8080-exec-7] o.s.security.web.FilterChainProxy : /newExercise at position 4 of 14 in additional filter chain; firing Filter: 'CorsFilter'
DEBUG 18776 --- [nio-8080-exec-7] o.s.security.web.FilterChainProxy : /newExercise at position 5 of 14 in additional filter chain; firing Filter: 'CsrfFilter'
DEBUG 18776 --- [nio-8080-exec-7] o.s.security.web.csrf.CsrfFilter : Invalid CSRF token found for http://localhost:8080/newExercise
DEBUG 18776 --- [nio-8080-exec-7] o.s.s.w.header.writers.HstsHeaderWriter : Not injecting HSTS header since it did not match the requestMatcher org.springframework.security.web.header.writers.HstsHeaderWriter$SecureRequestMatcher#2de4577a
DEBUG 18776 --- [nio-8080-exec-7] s.s.w.c.SecurityContextPersistenceFilter : SecurityContextHolder now cleared, as request processing completed
DEBUG 18776 --- [nio-8080-exec-7] o.s.b.w.s.f.OrderedRequestContextFilter : Cleared thread-bound request context: org.apache.catalina.connector.RequestFacade#29dbd699
DEBUG 18776 --- [nio-8080-exec-7] o.s.security.web.FilterChainProxy : /error at position 1 of 14 in additional filter chain; firing Filter: 'WebAsyncManagerIntegrationFilter'
DEBUG 18776 --- [nio-8080-exec-7] o.s.security.web.FilterChainProxy : /error at position 2 of 14 in additional filter chain; firing Filter: 'SecurityContextPersistenceFilter'
DEBUG 18776 --- [nio-8080-exec-7] w.c.HttpSessionSecurityContextRepository : Obtained a valid SecurityContext from SPRING_SECURITY_CONTEXT: 'org.springframework.security.core.context.SecurityContextImpl#84a2a85a: Authentication: org.springframework.security.authentication.UsernamePasswordAuthenticationToken#84a2a85a: Principal: com.op.movement.model.ApplicationUserDetails#7b5de4fa; Credentials: [PROTECTED]; Authenticated: true; Details: org.springframework.security.web.authentication.WebAuthenticationDetails#b364: RemoteIpAddress: 0:0:0:0:0:0:0:1; SessionId: null; Not granted any authorities'
DEBUG 18776 --- [nio-8080-exec-7] o.s.security.web.FilterChainProxy : /error at position 3 of 14 in additional filter chain; firing Filter: 'HeaderWriterFilter'
DEBUG 18776 --- [nio-8080-exec-7] o.s.security.web.FilterChainProxy : /error at position 4 of 14 in additional filter chain; firing Filter: 'CorsFilter'
DEBUG 18776 --- [nio-8080-exec-7] o.s.security.web.FilterChainProxy : /error at position 5 of 14 in additional filter chain; firing Filter: 'CsrfFilter'
DEBUG 18776 --- [nio-8080-exec-7] o.s.security.web.FilterChainProxy : /error at position 6 of 14 in additional filter chain; firing Filter: 'LogoutFilter'
DEBUG 18776 --- [nio-8080-exec-7] o.s.s.w.u.matcher.AntPathRequestMatcher : Checking match of request : '/error'; against '/logout'
DEBUG 18776 --- [nio-8080-exec-7] o.s.security.web.FilterChainProxy : /error at position 7 of 14 in additional filter chain; firing Filter: 'ConcurrentSessionFilter'
DEBUG 18776 --- [nio-8080-exec-7] o.s.security.web.FilterChainProxy : /error at position 8 of 14 in additional filter chain; firing Filter: 'BasicAuthenticationFilter'
DEBUG 18776 --- [nio-8080-exec-7] o.s.security.web.FilterChainProxy : /error at position 9 of 14 in additional filter chain; firing Filter: 'RequestCacheAwareFilter'
DEBUG 18776 --- [nio-8080-exec-7] o.s.security.web.FilterChainProxy : /error at position 10 of 14 in additional filter chain; firing Filter: 'SecurityContextHolderAwareRequestFilter'
DEBUG 18776 --- [nio-8080-exec-7] o.s.security.web.FilterChainProxy : /error at position 11 of 14 in additional filter chain; firing Filter: 'AnonymousAuthenticationFilter'
DEBUG 18776 --- [nio-8080-exec-7] o.s.s.w.a.AnonymousAuthenticationFilter : SecurityContextHolder not populated with anonymous token, as it already contained: 'org.springframework.security.authentication.UsernamePasswordAuthenticationToken#84a2a85a: Principal: com.op.movement.model.ApplicationUserDetails#7b5de4fa; Credentials: [PROTECTED]; Authenticated: true; Details: org.springframework.security.web.authentication.WebAuthenticationDetails#b364: RemoteIpAddress: 0:0:0:0:0:0:0:1; SessionId: null; Not granted any authorities'
DEBUG 18776 --- [nio-8080-exec-7] o.s.security.web.FilterChainProxy : /error at position 12 of 14 in additional filter chain; firing Filter: 'SessionManagementFilter'
DEBUG 18776 --- [nio-8080-exec-7] o.s.security.web.FilterChainProxy : /error at position 13 of 14 in additional filter chain; firing Filter: 'ExceptionTranslationFilter'
DEBUG 18776 --- [nio-8080-exec-7] o.s.security.web.FilterChainProxy : /error at position 14 of 14 in additional filter chain; firing Filter: 'FilterSecurityInterceptor'
DEBUG 18776 --- [nio-8080-exec-7] o.s.s.w.u.matcher.AntPathRequestMatcher : Checking match of request : '/error'; against '/'
DEBUG 18776 --- [nio-8080-exec-7] o.s.s.w.u.matcher.AntPathRequestMatcher : Checking match of request : '/error'; against '/main'
DEBUG 18776 --- [nio-8080-exec-7] o.s.s.w.u.matcher.AntPathRequestMatcher : Checking match of request : '/error'; against '/user'
DEBUG 18776 --- [nio-8080-exec-7] o.s.s.w.u.matcher.AntPathRequestMatcher : Checking match of request : '/error'; against '/runtime.js'
DEBUG 18776 --- [nio-8080-exec-7] o.s.s.w.u.matcher.AntPathRequestMatcher : Checking match of request : '/error'; against '/polyfills.js'
DEBUG 18776 --- [nio-8080-exec-7] o.s.s.w.u.matcher.AntPathRequestMatcher : Checking match of request : '/error'; against '/main.js'
DEBUG 18776 --- [nio-8080-exec-7] o.s.s.w.u.matcher.AntPathRequestMatcher : Checking match of request : '/error'; against '/styles.js'
DEBUG 18776 --- [nio-8080-exec-7] o.s.s.w.u.matcher.AntPathRequestMatcher : Checking match of request : '/error'; against '/vendor.js'
DEBUG 18776 --- [nio-8080-exec-7] o.s.s.w.a.i.FilterSecurityInterceptor : Secure object: FilterInvocation: URL: /error; Attributes: [authenticated]
DEBUG 18776 --- [nio-8080-exec-7] o.s.s.w.a.i.FilterSecurityInterceptor : Previously Authenticated: org.springframework.security.authentication.UsernamePasswordAuthenticationToken#84a2a85a: Principal: com.op.movement.model.ApplicationUserDetails#7b5de4fa; Credentials: [PROTECTED]; Authenticated: true; Details: org.springframework.security.web.authentication.WebAuthenticationDetails#b364: RemoteIpAddress: 0:0:0:0:0:0:0:1; SessionId: null; Not granted any authorities
DEBUG 18776 --- [nio-8080-exec-7] o.s.s.access.vote.AffirmativeBased : Voter: org.springframework.security.web.access.expression.WebExpressionVoter#74ead523, returned: 1
DEBUG 18776 --- [nio-8080-exec-7] o.s.s.w.a.i.FilterSecurityInterceptor : Authorization successful
DEBUG 18776 --- [nio-8080-exec-7] o.s.s.w.a.i.FilterSecurityInterceptor : RunAsManager did not change Authentication object
DEBUG 18776 --- [nio-8080-exec-7] o.s.security.web.FilterChainProxy : /error reached end of additional filter chain; proceeding with original chain
DEBUG 18776 --- [nio-8080-exec-7] o.s.s.w.a.ExceptionTranslationFilter : Chain processed normally
DEBUG 18776 --- [nio-8080-exec-7] s.s.w.c.SecurityContextPersistenceFilter : SecurityContextHolder now cleared, as request processing completed
For any one having the same issue, doing
csrf().disable()
will fix this, though I have no idea why. It seems as spring CSRF and CORS clash in some way when using cookies...
If I had to guess, the below is not working as expected
.csrf().csrfTokenRepository(CookieCsrfTokenRepository.withHttpOnlyFalse())
which is strange because it makes direct reference to Angular:
A CsrfTokenRepository that persists the CSRF token in a cookie named "XSRF-TOKEN" and
reads from the header "X-XSRF-TOKEN" following the conventions of AngularJS. When
using with AngularJS be sure to use withHttpOnlyFalse().
The above seems to be true - I see that the CSRF token is set and sent by the browser, but Spring is not accepting it as valid. (see logs above)
Invalid CSRF token found for http://localhost:8080/newExercise
Request Cookies
JSESSIONID 31AD5A7891F8BB83072BFC040AABBB35
XSRF-TOKEN 579db734-412c-4ce8-82a2-20aa097e47f
For now, disabling CSRF will work for development, but there is a real world use case for serving my angular app from a separate server, which is the ONLY server that should be able to make requests to my spring server. Hopefully the additional information can help someone, and I will try to post a real answer here if I ever find it.
Try to replace your .csrfTokenRepository(CookieCsrfTokenRepository.withHttpOnlyFalse()) with csrfTokenRepository and CsrfFilter:
.csrfTokenRepository(csrfTokenRepository()).and()
.addFilterAfter(csrfHeaderFilter(), CsrfFilter.class);
See full answer
#Override
protected void configure(HttpSecurity http) throws Exception {
http.httpBasic().and().authorizeRequests()
.antMatchers("/send-pin").permitAll()
.antMatchers("/check-pin").permitAll()
.antMatchers("/index.html", "/", "/login", "/someotherrurl")
.permitAll().anyRequest().authenticated().and().csrf()
.csrfTokenRepository(csrfTokenRepository()).and()
.addFilterAfter(csrfHeaderFilter(), CsrfFilter.class);
My goal is to secure REST API endpoint in Spring Boot app using #PreAuthorize(hasRole('ROLE_NEW')) annotation.
Role has to be extracted from JWT supplied by KeyCloak.
RestController is below. The project is the same as SpringBoot REST Service Protected Using Keycloak Authorization Services.
#RestController
public class ApplicationController {
#PreAuthorize(hasRole('ROLE_NEW'))
#RequestMapping(value = "/api/resourceannotated", method = RequestMethod.GET)
public String handleResourceAnnotated() {
return createResponse();
}
#RequestMapping(value = "/api/resourcea", method = RequestMethod.GET)
public String handleResourceA() {
return createResponse();
}
#RequestMapping(value = "/api/resourceb", method = RequestMethod.GET)
public String handleResourceB() {
return createResponse();
}
#RequestMapping(value = "/api/premium", method = RequestMethod.GET)
public String handlePremiumResource() {
return createResponse();
}
#RequestMapping(value = "/api/admin", method = RequestMethod.GET)
public String handleAdminResource() {
return createResponse();
}
private String createResponse() {
return "Access Granted";
}
User test with role NEW was added to KeyCloak and I expected requests sent with JWTs to /api/resourceannotated endpoint to be authorized only for users with role NEW which will be extracted from JWT.
The motivation is saving request to KeyCloak which enforces access control to
/api/resourcea, /api/resourceb, /api/premium, /api/admin endpoints using policy enforcers.
How to do it correctly?
Tried Using JWT's with Spring Security's #PreAuthorize annotation for method specific security and USE KEYCLOAK WITH YOUR SPRING BOOT 2 APPLICATION without success. I get the below error:
{
"timestamp": "2018-08-30T14:37:39.409+0000",
"status": 401,
"error": "Unauthorized",
"message": "Unauthorized",
"path": "/api/resourceannotated" }
When run in debug mode 2 messages are printed:
2018-08-30 17:55:47.586 DEBUG 31006 --- [nio-8180-exec-3]
o.s.b.w.s.f.OrderedRequestContextFilter : Bound request context to
thread: org.apache.catalina.connector.RequestFacade#62b92856
2018-08-30 17:55:47.592 DEBUG 31006 --- [nio-8180-exec-3]
o.s.b.w.s.f.OrderedRequestContextFilter : Cleared thread-bound
request context: org.apache.catalina.connector.RequestFacade#62b92856
Enabled debug logging for org.springframework.security
and getting the below errors:
DEBUG 30677 --- [ main] s.s.c.a.w.c.WebSecurityConfigurerAdapter : Using default configure(HttpSecurity). If subclassed this will potentially override subclass configure(HttpSecurity).
DEBUG 30677 --- [ main] edFilterInvocationSecurityMetadataSource : Adding web access control expression 'authenticated', for org.springframework.security.web.util.matcher.AnyRequestMatcher#1
DEBUG 30677 --- [ main] o.s.s.w.a.i.FilterSecurityInterceptor : Validated configuration attributes
DEBUG 30677 --- [ main] o.s.s.w.a.i.FilterSecurityInterceptor : Validated configuration attributes
INFO 30677 --- [ main] o.s.s.web.DefaultSecurityFilterChain : Creating filter chain: org.springframework.security.web.util.matcher.AnyRequestMatcher#1, [org.springframework.security.web.context.request.async.WebAsyncManagerIntegrationFilter#31c2affc, org.springframework.security.web.context.SecurityContextPersistenceFilter#f72203, org.springframework.security.web.header.HeaderWriterFilter#2d2acd89, org.springframework.security.web.csrf.CsrfFilter#6e1d4137, org.springframework.security.web.authentication.logout.LogoutFilter#149f5761, org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter#1237e0be, org.springframework.security.web.authentication.ui.DefaultLoginPageGeneratingFilter#2ab2710, org.springframework.security.web.authentication.www.BasicAuthenticationFilter#6441c486, org.springframework.security.web.savedrequest.RequestCacheAwareFilter#540dbda9, org.springframework.security.web.servletapi.SecurityContextHolderAwareRequestFilter#27b000f7, org.springframework.security.web.authentication.AnonymousAuthenticationFilter#1dc2de84, org.springframework.security.web.session.SessionManagementFilter#1e6dad8, org.springframework.security.web.access.ExceptionTranslationFilter#2d5f7182, org.springframework.security.web.access.intercept.FilterSecurityInterceptor#58a4a74d]
INFO 30677 --- [ main] o.s.j.e.a.AnnotationMBeanExporter : Registering beans for JMX exposure on startup
INFO 30677 --- [ main] o.s.b.w.embedded.tomcat.TomcatWebServer : Tomcat started on port(s): 8180 (http) with context path ''
INFO 30677 --- [ main] o.k.quickstart.springboot.MyApplication : Started MyApplication in 14.439 seconds (JVM running for 17.843)
INFO 30677 --- [] o.k.a.authorization.PolicyEnforcer : Paths provided in configuration.
INFO 30677 --- [] o.a.c.c.C.[Tomcat].[localhost].[/] : Initializing Spring FrameworkServlet 'dispatcherServlet'
INFO 30677 --- [] o.s.web.servlet.DispatcherServlet : FrameworkServlet 'dispatcherServlet': initialization started
INFO 30677 --- [] o.s.web.servlet.DispatcherServlet : FrameworkServlet 'dispatcherServlet': initialization completed in 73 ms
DEBUG 30677 --- [] o.s.security.web.FilterChainProxy : /api/resourceannotated at position 1 of 14 in additional filter chain; firing Filter: 'WebAsyncManagerIntegrationFilter'
DEBUG 30677 --- [] o.s.security.web.FilterChainProxy : /api/resourceannotated at position 2 of 14 in additional filter chain; firing Filter: 'SecurityContextPersistenceFilter'
DEBUG 30677 --- [] w.c.HttpSessionSecurityContextRepository : No HttpSession currently exists
DEBUG 30677 --- [] w.c.HttpSessionSecurityContextRepository : No SecurityContext was available from the HttpSession: null. A new one will be created.
DEBUG 30677 --- [] o.s.security.web.FilterChainProxy : /api/resourceannotated at position 3 of 14 in additional filter chain; firing Filter: 'HeaderWriterFilter'
DEBUG 30677 --- [] o.s.security.web.FilterChainProxy : /api/resourceannotated at position 4 of 14 in additional filter chain; firing Filter: 'CsrfFilter'
DEBUG 30677 --- [] o.s.security.web.FilterChainProxy : /api/resourceannotated at position 5 of 14 in additional filter chain; firing Filter: 'LogoutFilter'
DEBUG 30677 --- [] o.s.s.w.u.matcher.AntPathRequestMatcher : Request 'GET /api/resourceannotated' doesn't match 'POST /logout
DEBUG 30677 --- [] o.s.security.web.FilterChainProxy : /api/resourceannotated at position 6 of 14 in additional filter chain; firing Filter: 'UsernamePasswordAuthenticationFilter'
DEBUG 30677 --- [] o.s.s.w.u.matcher.AntPathRequestMatcher : Request 'GET /api/resourceannotated' doesn't match 'POST /login
DEBUG 30677 --- [] o.s.security.web.FilterChainProxy : /api/resourceannotated at position 7 of 14 in additional filter chain; firing Filter: 'DefaultLoginPageGeneratingFilter'
DEBUG 30677 --- [] o.s.security.web.FilterChainProxy : /api/resourceannotated at position 8 of 14 in additional filter chain; firing Filter: 'BasicAuthenticationFilter'
DEBUG 30677 --- [] o.s.security.web.FilterChainProxy : /api/resourceannotated at position 9 of 14 in additional filter chain; firing Filter: 'RequestCacheAwareFilter'
DEBUG 30677 --- [] o.s.security.web.FilterChainProxy : /api/resourceannotated at position 10 of 14 in additional filter chain; firing Filter: 'SecurityContextHolderAwareRequestFilter'
DEBUG 30677 --- [] o.s.security.web.FilterChainProxy : /api/resourceannotated at position 11 of 14 in additional filter chain; firing Filter: 'AnonymousAuthenticationFilter'
DEBUG 30677 --- [] o.s.s.w.a.AnonymousAuthenticationFilter : Populated SecurityContextHolder with anonymous token: 'org.springframework.security.authentication.AnonymousAuthenticationToken#c551e2ad: Principal: anonymousUser; Credentials: [PROTECTED]; Authenticated: true; Details: org.springframework.security.web.authentication.WebAuthenticationDetails#1de6: RemoteIpAddress: 10.88.0.23; SessionId: null; Granted Authorities: ROLE_ANONYMOUS'
DEBUG 30677 --- [] o.s.security.web.FilterChainProxy : /api/resourceannotated at position 12 of 14 in additional filter chain; firing Filter: 'SessionManagementFilter'
DEBUG 30677 --- [] o.s.s.w.session.SessionManagementFilter : Requested session ID A64F605948A7B529457A226B238A5EEC is invalid.
DEBUG 30677 --- [] o.s.security.web.FilterChainProxy : /api/resourceannotated at position 13 of 14 in additional filter chain; firing Filter: 'ExceptionTranslationFilter'
DEBUG 30677 --- [] o.s.security.web.FilterChainProxy : /api/resourceannotated at position 14 of 14 in additional filter chain; firing Filter: 'FilterSecurityInterceptor'
DEBUG 30677 --- [] o.s.s.w.a.i.FilterSecurityInterceptor : Secure object: FilterInvocation: URL: /api/resourceannotated; Attributes: [authenticated]
DEBUG 30677 --- [] o.s.s.w.a.i.FilterSecurityInterceptor : Previously Authenticated: org.springframework.security.authentication.AnonymousAuthenticationToken#c551e2ad: Principal: anonymousUser; Credentials: [PROTECTED]; Authenticated: true; Details: org.springframework.security.web.authentication.WebAuthenticationDetails#1de6: RemoteIpAddress: 10.88.0.23; SessionId: null; Granted Authorities: ROLE_ANONYMOUS
DEBUG 30677 --- [] o.s.s.access.vote.AffirmativeBased : Voter: org.springframework.security.web.access.expression.WebExpressionVoter#14cd10fa, returned: -1
DEBUG 30677 --- [] o.s.s.w.a.ExceptionTranslationFilter : Access is denied (user is anonymous); redirecting to authentication entry point
org.springframework.security.access.AccessDeniedException: Access is denied
I have an oauth2 authorization server in spring which is also using spring security. The oauth endpoint (http://localhost:8080/oauth/token) keeps returning 401 even when I try to completely disable authorization.
I tried all of these solutions but none of them worked for me:
https://stackoverflow.com/a/42019669/2468620
https://stackoverflow.com/a/25674724/2468620
https://stackoverflow.com/a/43931256/2468620
Here is my security config:
#Override
public void configure(HttpSecurity http) throws Exception {
http.csrf().disable();
http.authorizeRequests().anyRequest().permitAll();
http.httpBasic().disable();
}
Here are the logs from processing the request:
2017-07-31 16:25:25.875 DEBUG 6892 --- [nio-8080-exec-4] o.s.s.web.util.matcher.OrRequestMatcher : Trying to match using Ant [pattern='/css/**']
2017-07-31 16:25:25.875 DEBUG 6892 --- [nio-8080-exec-4] o.s.s.w.u.matcher.AntPathRequestMatcher : Checking match of request : '/oauth/token'; against '/css/**'
2017-07-31 16:25:25.876 DEBUG 6892 --- [nio-8080-exec-4] o.s.s.web.util.matcher.OrRequestMatcher : Trying to match using Ant [pattern='/js/**']
2017-07-31 16:25:25.876 DEBUG 6892 --- [nio-8080-exec-4] o.s.s.w.u.matcher.AntPathRequestMatcher : Checking match of request : '/oauth/token'; against '/js/**'
2017-07-31 16:25:25.876 DEBUG 6892 --- [nio-8080-exec-4] o.s.s.web.util.matcher.OrRequestMatcher : Trying to match using Ant [pattern='/images/**']
2017-07-31 16:25:25.876 DEBUG 6892 --- [nio-8080-exec-4] o.s.s.w.u.matcher.AntPathRequestMatcher : Checking match of request : '/oauth/token'; against '/images/**'
2017-07-31 16:25:25.876 DEBUG 6892 --- [nio-8080-exec-4] o.s.s.web.util.matcher.OrRequestMatcher : Trying to match using Ant [pattern='/webjars/**']
2017-07-31 16:25:25.876 DEBUG 6892 --- [nio-8080-exec-4] o.s.s.w.u.matcher.AntPathRequestMatcher : Checking match of request : '/oauth/token'; against '/webjars/**'
2017-07-31 16:25:25.876 DEBUG 6892 --- [nio-8080-exec-4] o.s.s.web.util.matcher.OrRequestMatcher : Trying to match using Ant [pattern='/**/favicon.ico']
2017-07-31 16:25:25.876 DEBUG 6892 --- [nio-8080-exec-4] o.s.s.w.u.matcher.AntPathRequestMatcher : Checking match of request : '/oauth/token'; against '/**/favicon.ico'
2017-07-31 16:25:25.876 DEBUG 6892 --- [nio-8080-exec-4] o.s.s.web.util.matcher.OrRequestMatcher : Trying to match using Ant [pattern='/error']
2017-07-31 16:25:25.876 DEBUG 6892 --- [nio-8080-exec-4] o.s.s.w.u.matcher.AntPathRequestMatcher : Checking match of request : '/oauth/token'; against '/error'
2017-07-31 16:25:25.876 DEBUG 6892 --- [nio-8080-exec-4] o.s.s.web.util.matcher.OrRequestMatcher : No matches found
2017-07-31 16:25:25.876 DEBUG 6892 --- [nio-8080-exec-4] o.s.s.web.util.matcher.OrRequestMatcher : Trying to match using Ant [pattern='/oauth/token']
2017-07-31 16:25:25.876 DEBUG 6892 --- [nio-8080-exec-4] o.s.s.w.u.matcher.AntPathRequestMatcher : Checking match of request : '/oauth/token'; against '/oauth/token'
2017-07-31 16:25:25.876 DEBUG 6892 --- [nio-8080-exec-4] o.s.s.web.util.matcher.OrRequestMatcher : matched
2017-07-31 16:25:25.876 DEBUG 6892 --- [nio-8080-exec-4] o.s.security.web.FilterChainProxy : /oauth/token at position 1 of 11 in additional filter chain; firing Filter: 'WebAsyncManagerIntegrationFilter'
2017-07-31 16:25:25.876 DEBUG 6892 --- [nio-8080-exec-4] o.s.security.web.FilterChainProxy : /oauth/token at position 2 of 11 in additional filter chain; firing Filter: 'SecurityContextPersistenceFilter'
2017-07-31 16:25:25.876 DEBUG 6892 --- [nio-8080-exec-4] o.s.security.web.FilterChainProxy : /oauth/token at position 3 of 11 in additional filter chain; firing Filter: 'HeaderWriterFilter'
2017-07-31 16:25:25.876 DEBUG 6892 --- [nio-8080-exec-4] o.s.security.web.FilterChainProxy : /oauth/token at position 4 of 11 in additional filter chain; firing Filter: 'LogoutFilter'
2017-07-31 16:25:25.876 DEBUG 6892 --- [nio-8080-exec-4] o.s.s.web.util.matcher.OrRequestMatcher : Trying to match using Ant [pattern='/logout', GET]
2017-07-31 16:25:25.876 DEBUG 6892 --- [nio-8080-exec-4] o.s.s.w.u.matcher.AntPathRequestMatcher : Request 'POST /oauth/token' doesn't match 'GET /logout
2017-07-31 16:25:25.876 DEBUG 6892 --- [nio-8080-exec-4] o.s.s.web.util.matcher.OrRequestMatcher : Trying to match using Ant [pattern='/logout', POST]
2017-07-31 16:25:25.876 DEBUG 6892 --- [nio-8080-exec-4] o.s.s.w.u.matcher.AntPathRequestMatcher : Checking match of request : '/oauth/token'; against '/logout'
2017-07-31 16:25:25.876 DEBUG 6892 --- [nio-8080-exec-4] o.s.s.web.util.matcher.OrRequestMatcher : Trying to match using Ant [pattern='/logout', PUT]
2017-07-31 16:25:25.876 DEBUG 6892 --- [nio-8080-exec-4] o.s.s.w.u.matcher.AntPathRequestMatcher : Request 'POST /oauth/token' doesn't match 'PUT /logout
2017-07-31 16:25:25.876 DEBUG 6892 --- [nio-8080-exec-4] o.s.s.web.util.matcher.OrRequestMatcher : Trying to match using Ant [pattern='/logout', DELETE]
2017-07-31 16:25:25.877 DEBUG 6892 --- [nio-8080-exec-4] o.s.s.w.u.matcher.AntPathRequestMatcher : Request 'POST /oauth/token' doesn't match 'DELETE /logout
2017-07-31 16:25:25.877 DEBUG 6892 --- [nio-8080-exec-4] o.s.s.web.util.matcher.OrRequestMatcher : No matches found
2017-07-31 16:25:25.877 DEBUG 6892 --- [nio-8080-exec-4] o.s.security.web.FilterChainProxy : /oauth/token at position 5 of 11 in additional filter chain; firing Filter: 'BasicAuthenticationFilter'
2017-07-31 16:25:25.877 DEBUG 6892 --- [nio-8080-exec-4] o.s.security.web.FilterChainProxy : /oauth/token at position 6 of 11 in additional filter chain; firing Filter: 'RequestCacheAwareFilter'
2017-07-31 16:25:25.877 DEBUG 6892 --- [nio-8080-exec-4] o.s.security.web.FilterChainProxy : /oauth/token at position 7 of 11 in additional filter chain; firing Filter: 'SecurityContextHolderAwareRequestFilter'
2017-07-31 16:25:25.877 DEBUG 6892 --- [nio-8080-exec-4] o.s.security.web.FilterChainProxy : /oauth/token at position 8 of 11 in additional filter chain; firing Filter: 'AnonymousAuthenticationFilter'
2017-07-31 16:25:25.877 DEBUG 6892 --- [nio-8080-exec-4] o.s.s.w.a.AnonymousAuthenticationFilter : Populated SecurityContextHolder with anonymous token: 'org.springframework.security.authentication.AnonymousAuthenticationToken#9055c2bc: Principal: anonymousUser; Credentials: [PROTECTED]; Authenticated: true; Details: org.springframework.security.web.authentication.WebAuthenticationDetails#b364: RemoteIpAddress: 0:0:0:0:0:0:0:1; SessionId: null; Granted Authorities: ROLE_ANONYMOUS'
2017-07-31 16:25:25.877 DEBUG 6892 --- [nio-8080-exec-4] o.s.security.web.FilterChainProxy : /oauth/token at position 9 of 11 in additional filter chain; firing Filter: 'SessionManagementFilter'
2017-07-31 16:25:25.877 DEBUG 6892 --- [nio-8080-exec-4] o.s.security.web.FilterChainProxy : /oauth/token at position 10 of 11 in additional filter chain; firing Filter: 'ExceptionTranslationFilter'
2017-07-31 16:25:25.877 DEBUG 6892 --- [nio-8080-exec-4] o.s.security.web.FilterChainProxy : /oauth/token at position 11 of 11 in additional filter chain; firing Filter: 'FilterSecurityInterceptor'
2017-07-31 16:25:25.877 DEBUG 6892 --- [nio-8080-exec-4] o.s.s.w.u.matcher.AntPathRequestMatcher : Checking match of request : '/oauth/token'; against '/oauth/token'
2017-07-31 16:25:25.877 DEBUG 6892 --- [nio-8080-exec-4] o.s.s.w.a.i.FilterSecurityInterceptor : Secure object: FilterInvocation: URL: /oauth/token; Attributes: [fullyAuthenticated]
2017-07-31 16:25:25.877 DEBUG 6892 --- [nio-8080-exec-4] o.s.s.w.a.i.FilterSecurityInterceptor : Previously Authenticated: org.springframework.security.authentication.AnonymousAuthenticationToken#9055c2bc: Principal: anonymousUser; Credentials: [PROTECTED]; Authenticated: true; Details: org.springframework.security.web.authentication.WebAuthenticationDetails#b364: RemoteIpAddress: 0:0:0:0:0:0:0:1; SessionId: null; Granted Authorities: ROLE_ANONYMOUS
2017-07-31 16:25:25.877 DEBUG 6892 --- [nio-8080-exec-4] o.s.s.access.vote.AffirmativeBased : Voter: org.springframework.security.web.access.expression.WebExpressionVoter#3c264a1d, returned: -1
2017-07-31 16:25:25.879 DEBUG 6892 --- [nio-8080-exec-4] o.s.s.w.a.ExceptionTranslationFilter : Access is denied (user is anonymous); redirecting to authentication entry point
org.springframework.security.access.AccessDeniedException: Access is denied
at org.springframework.security.access.vote.AffirmativeBased.decide(AffirmativeBased.java:84) ~[spring-security-core-4.1.3.RELEASE.jar:4.1.3.RELEASE]
at org.springframework.security.access.intercept.AbstractSecurityInterceptor.beforeInvocation(AbstractSecurityInterceptor.java:233) ~[spring-security-core-4.1.3.RELEASE.jar:4.1.3.RELEASE]
at org.springframework.security.web.access.intercept.FilterSecurityInterceptor.invoke(FilterSecurityInterceptor.java:124) ~[spring-security-web-4.1.3.RELEASE.jar:4.1.3.RELEASE]
at org.springframework.security.web.access.intercept.FilterSecurityInterceptor.doFilter(FilterSecurityInterceptor.java:91) ~[spring-security-web-4.1.3.RELEASE.jar:4.1.3.RELEASE]
...
I am trying to learn how to set up OAuth2 with Spring Boot and Spring Cloud by following the instructions in this link, which is part 5 of a larger tutorial. After reading the tutorial several times and going step by step through it, I decided to study it again by simply downloading the completed version from github at this link.
The authserver, resource, and ui apps launch, but when I try to login, the authorization app does not accept the credentials given in the tutorial. I would like to get the example working as intended on my devbox before decomposing it and testing the effects of small changes.
The specific line in the debug logs that states the error sent by Spring to the view is:
o.s.security.web.FilterChainProxy :
/login?error reached end of additional filter chain;
proceeding with original chain
What specific steps need to be taken in order to 1.) download and install the apps and 2.) login successfully using the authentication server?
Here is what I have done so far:
On my CentOS 7 devbox terminal, I typed:
cd /home/user/spring_boot_apps/
mkdir whole_security_tutorial && cd whole_security_tutorial
git clone https://github.com/spring-guides/tut-spring-security-and-angular-js
cd /home/user/spring_boot_apps/whole_security_tutorial/tut-spring-security-and-angular-js/oauth2/authserver
mvn spring-boot:run
cd /home/user/spring_boot_apps/whole_security_tutorial/tut-spring-security-and-angular-js/oauth2/resource
mvn spring-boot:run
cd /home/user/spring_boot_apps/whole_security_tutorial/tut-spring-security-and-angular-js/oauth2/ui
mvn spring-boot:run
Then, in FireFox, I typed http://localhost:8080. This caused a page to load that included the home and login links that are intended, so I clicked on the login link, which redirected to the authorization app, which displayed a login page.
I typed in acme as the username and acmesecret as the password, but the authentication failed with the message There was a problem logging in. Please try again.
What am I doing wrong?
Note: I did not launch the app at /home/user/spring_boot_apps/whole_security_tutorial/tut-spring-security-and-angular-js/oauth2 because doing so in a prior attempt failed to give access to the other child apps while also causing the other apps to fail to launch due to port 9000 already being in use errors.
The Spring Boot debug log for the login attempt is as follows:
2016-04-11 01:56:10.805 DEBUG 17850 --- [nio-9999-exec-7] o.s.s.web.util.matcher.OrRequestMatcher : Trying to match using Ant [pattern='/css/**']
2016-04-11 01:56:10.805 DEBUG 17850 --- [nio-9999-exec-7] o.s.s.w.u.matcher.AntPathRequestMatcher : Checking match of request : '/login'; against '/css/**'
2016-04-11 01:56:10.805 DEBUG 17850 --- [nio-9999-exec-7] o.s.s.web.util.matcher.OrRequestMatcher : Trying to match using Ant [pattern='/js/**']
2016-04-11 01:56:10.805 DEBUG 17850 --- [nio-9999-exec-7] o.s.s.w.u.matcher.AntPathRequestMatcher : Checking match of request : '/login'; against '/js/**'
2016-04-11 01:56:10.805 DEBUG 17850 --- [nio-9999-exec-7] o.s.s.web.util.matcher.OrRequestMatcher : Trying to match using Ant [pattern='/images/**']
2016-04-11 01:56:10.805 DEBUG 17850 --- [nio-9999-exec-7] o.s.s.w.u.matcher.AntPathRequestMatcher : Checking match of request : '/login'; against '/images/**'
2016-04-11 01:56:10.805 DEBUG 17850 --- [nio-9999-exec-7] o.s.s.web.util.matcher.OrRequestMatcher : Trying to match using Ant [pattern='/**/favicon.ico']
2016-04-11 01:56:10.805 DEBUG 17850 --- [nio-9999-exec-7] o.s.s.w.u.matcher.AntPathRequestMatcher : Checking match of request : '/login'; against '/**/favicon.ico'
2016-04-11 01:56:10.805 DEBUG 17850 --- [nio-9999-exec-7] o.s.s.web.util.matcher.OrRequestMatcher : Trying to match using Ant [pattern='/error']
2016-04-11 01:56:10.805 DEBUG 17850 --- [nio-9999-exec-7] o.s.s.w.u.matcher.AntPathRequestMatcher : Checking match of request : '/login'; against '/error'
2016-04-11 01:56:10.805 DEBUG 17850 --- [nio-9999-exec-7] o.s.s.web.util.matcher.OrRequestMatcher : No matches found
2016-04-11 01:56:10.805 DEBUG 17850 --- [nio-9999-exec-7] o.s.s.web.util.matcher.OrRequestMatcher : Trying to match using Ant [pattern='/login']
2016-04-11 01:56:10.805 DEBUG 17850 --- [nio-9999-exec-7] o.s.s.w.u.matcher.AntPathRequestMatcher : Checking match of request : '/login'; against '/login'
2016-04-11 01:56:10.805 DEBUG 17850 --- [nio-9999-exec-7] o.s.s.web.util.matcher.OrRequestMatcher : matched
2016-04-11 01:56:10.805 DEBUG 17850 --- [nio-9999-exec-7] o.s.security.web.FilterChainProxy : /login at position 1 of 12 in additional filter chain; firing Filter: 'WebAsyncManagerIntegrationFilter'
2016-04-11 01:56:10.805 DEBUG 17850 --- [nio-9999-exec-7] o.s.security.web.FilterChainProxy : /login at position 2 of 12 in additional filter chain; firing Filter: 'SecurityContextPersistenceFilter'
2016-04-11 01:56:10.805 DEBUG 17850 --- [nio-9999-exec-7] w.c.HttpSessionSecurityContextRepository : HttpSession returned null object for SPRING_SECURITY_CONTEXT
2016-04-11 01:56:10.805 DEBUG 17850 --- [nio-9999-exec-7] w.c.HttpSessionSecurityContextRepository : No SecurityContext was available from the HttpSession: org.apache.catalina.session.StandardSessionFacade#2f575638. A new one will be created.
2016-04-11 01:56:10.805 DEBUG 17850 --- [nio-9999-exec-7] o.s.security.web.FilterChainProxy : /login at position 3 of 12 in additional filter chain; firing Filter: 'HeaderWriterFilter'
2016-04-11 01:56:10.805 DEBUG 17850 --- [nio-9999-exec-7] o.s.s.w.header.writers.HstsHeaderWriter : Not injecting HSTS header since it did not match the requestMatcher org.springframework.security.web.header.writers.HstsHeaderWriter$SecureRequestMatcher#63eea474
2016-04-11 01:56:10.805 DEBUG 17850 --- [nio-9999-exec-7] o.s.security.web.FilterChainProxy : /login at position 4 of 12 in additional filter chain; firing Filter: 'CsrfFilter'
2016-04-11 01:56:10.805 DEBUG 17850 --- [nio-9999-exec-7] o.s.security.web.FilterChainProxy : /login at position 5 of 12 in additional filter chain; firing Filter: 'LogoutFilter'
2016-04-11 01:56:10.805 DEBUG 17850 --- [nio-9999-exec-7] o.s.s.w.u.matcher.AntPathRequestMatcher : Checking match of request : '/login'; against '/logout'
2016-04-11 01:56:10.805 DEBUG 17850 --- [nio-9999-exec-7] o.s.security.web.FilterChainProxy : /login at position 6 of 12 in additional filter chain; firing Filter: 'UsernamePasswordAuthenticationFilter'
2016-04-11 01:56:10.806 DEBUG 17850 --- [nio-9999-exec-7] o.s.s.w.u.matcher.AntPathRequestMatcher : Checking match of request : '/login'; against '/login'
2016-04-11 01:56:10.806 DEBUG 17850 --- [nio-9999-exec-7] w.a.UsernamePasswordAuthenticationFilter : Request is to process authentication
2016-04-11 01:56:10.806 DEBUG 17850 --- [nio-9999-exec-7] o.s.s.authentication.ProviderManager : Authentication attempt using org.springframework.security.authentication.dao.DaoAuthenticationProvider
2016-04-11 01:56:10.806 DEBUG 17850 --- [nio-9999-exec-7] o.s.s.a.dao.DaoAuthenticationProvider : User 'acme' not found
2016-04-11 01:56:10.806 DEBUG 17850 --- [nio-9999-exec-7] w.a.UsernamePasswordAuthenticationFilter : Authentication request failed: org.springframework.security.authentication.BadCredentialsException: Bad credentials
2016-04-11 01:56:10.806 DEBUG 17850 --- [nio-9999-exec-7] w.a.UsernamePasswordAuthenticationFilter : Updated SecurityContextHolder to contain null Authentication
2016-04-11 01:56:10.806 DEBUG 17850 --- [nio-9999-exec-7] w.a.UsernamePasswordAuthenticationFilter : Delegating to authentication failure handler org.springframework.security.web.authentication.SimpleUrlAuthenticationFailureHandler#15daee11
2016-04-11 01:56:10.806 DEBUG 17850 --- [nio-9999-exec-7] .a.SimpleUrlAuthenticationFailureHandler : Redirecting to /login?error
2016-04-11 01:56:10.806 DEBUG 17850 --- [nio-9999-exec-7] o.s.s.web.DefaultRedirectStrategy : Redirecting to '/uaa/login?error'
2016-04-11 01:56:10.806 DEBUG 17850 --- [nio-9999-exec-7] w.c.HttpSessionSecurityContextRepository : SecurityContext is empty or contents are anonymous - context will not be stored in HttpSession.
2016-04-11 01:56:10.806 DEBUG 17850 --- [nio-9999-exec-7] s.s.w.c.SecurityContextPersistenceFilter : SecurityContextHolder now cleared, as request processing completed
2016-04-11 01:56:10.824 DEBUG 17850 --- [nio-9999-exec-8] o.s.s.web.util.matcher.OrRequestMatcher : Trying to match using Ant [pattern='/css/**']
2016-04-11 01:56:10.824 DEBUG 17850 --- [nio-9999-exec-8] o.s.s.w.u.matcher.AntPathRequestMatcher : Checking match of request : '/login'; against '/css/**'
2016-04-11 01:56:10.824 DEBUG 17850 --- [nio-9999-exec-8] o.s.s.web.util.matcher.OrRequestMatcher : Trying to match using Ant [pattern='/js/**']
2016-04-11 01:56:10.824 DEBUG 17850 --- [nio-9999-exec-8] o.s.s.w.u.matcher.AntPathRequestMatcher : Checking match of request : '/login'; against '/js/**'
2016-04-11 01:56:10.824 DEBUG 17850 --- [nio-9999-exec-8] o.s.s.web.util.matcher.OrRequestMatcher : Trying to match using Ant [pattern='/images/**']
2016-04-11 01:56:10.824 DEBUG 17850 --- [nio-9999-exec-8] o.s.s.w.u.matcher.AntPathRequestMatcher : Checking match of request : '/login'; against '/images/**'
2016-04-11 01:56:10.824 DEBUG 17850 --- [nio-9999-exec-8] o.s.s.web.util.matcher.OrRequestMatcher : Trying to match using Ant [pattern='/**/favicon.ico']
2016-04-11 01:56:10.824 DEBUG 17850 --- [nio-9999-exec-8] o.s.s.w.u.matcher.AntPathRequestMatcher : Checking match of request : '/login'; against '/**/favicon.ico'
2016-04-11 01:56:10.824 DEBUG 17850 --- [nio-9999-exec-8] o.s.s.web.util.matcher.OrRequestMatcher : Trying to match using Ant [pattern='/error']
2016-04-11 01:56:10.824 DEBUG 17850 --- [nio-9999-exec-8] o.s.s.w.u.matcher.AntPathRequestMatcher : Checking match of request : '/login'; against '/error'
2016-04-11 01:56:10.824 DEBUG 17850 --- [nio-9999-exec-8] o.s.s.web.util.matcher.OrRequestMatcher : No matches found
2016-04-11 01:56:10.824 DEBUG 17850 --- [nio-9999-exec-8] o.s.s.web.util.matcher.OrRequestMatcher : Trying to match using Ant [pattern='/login']
2016-04-11 01:56:10.824 DEBUG 17850 --- [nio-9999-exec-8] o.s.s.w.u.matcher.AntPathRequestMatcher : Checking match of request : '/login'; against '/login'
2016-04-11 01:56:10.824 DEBUG 17850 --- [nio-9999-exec-8] o.s.s.web.util.matcher.OrRequestMatcher : matched
2016-04-11 01:56:10.824 DEBUG 17850 --- [nio-9999-exec-8] o.s.security.web.FilterChainProxy : /login?error at position 1 of 12 in additional filter chain; firing Filter: 'WebAsyncManagerIntegrationFilter'
2016-04-11 01:56:10.824 DEBUG 17850 --- [nio-9999-exec-8] o.s.security.web.FilterChainProxy : /login?error at position 2 of 12 in additional filter chain; firing Filter: 'SecurityContextPersistenceFilter'
2016-04-11 01:56:10.824 DEBUG 17850 --- [nio-9999-exec-8] w.c.HttpSessionSecurityContextRepository : HttpSession returned null object for SPRING_SECURITY_CONTEXT
2016-04-11 01:56:10.824 DEBUG 17850 --- [nio-9999-exec-8] w.c.HttpSessionSecurityContextRepository : No SecurityContext was available from the HttpSession: org.apache.catalina.session.StandardSessionFacade#2f575638. A new one will be created.
2016-04-11 01:56:10.824 DEBUG 17850 --- [nio-9999-exec-8] o.s.security.web.FilterChainProxy : /login?error at position 3 of 12 in additional filter chain; firing Filter: 'HeaderWriterFilter'
2016-04-11 01:56:10.824 DEBUG 17850 --- [nio-9999-exec-8] o.s.s.w.header.writers.HstsHeaderWriter : Not injecting HSTS header since it did not match the requestMatcher org.springframework.security.web.header.writers.HstsHeaderWriter$SecureRequestMatcher#63eea474
2016-04-11 01:56:10.824 DEBUG 17850 --- [nio-9999-exec-8] o.s.security.web.FilterChainProxy : /login?error at position 4 of 12 in additional filter chain; firing Filter: 'CsrfFilter'
2016-04-11 01:56:10.824 DEBUG 17850 --- [nio-9999-exec-8] o.s.security.web.FilterChainProxy : /login?error at position 5 of 12 in additional filter chain; firing Filter: 'LogoutFilter'
2016-04-11 01:56:10.824 DEBUG 17850 --- [nio-9999-exec-8] o.s.s.w.u.matcher.AntPathRequestMatcher : Request 'GET /login' doesn't match 'POST /logout
2016-04-11 01:56:10.824 DEBUG 17850 --- [nio-9999-exec-8] o.s.security.web.FilterChainProxy : /login?error at position 6 of 12 in additional filter chain; firing Filter: 'UsernamePasswordAuthenticationFilter'
2016-04-11 01:56:10.828 DEBUG 17850 --- [nio-9999-exec-8] o.s.s.w.u.matcher.AntPathRequestMatcher : Request 'GET /login' doesn't match 'POST /login
2016-04-11 01:56:10.828 DEBUG 17850 --- [nio-9999-exec-8] o.s.security.web.FilterChainProxy : /login?error at position 7 of 12 in additional filter chain; firing Filter: 'RequestCacheAwareFilter'
2016-04-11 01:56:10.828 DEBUG 17850 --- [nio-9999-exec-8] o.s.s.w.s.DefaultSavedRequest : pathInfo: both null (property equals)
2016-04-11 01:56:10.828 DEBUG 17850 --- [nio-9999-exec-8] o.s.s.w.s.DefaultSavedRequest : queryString: arg1=client_id=acme&redirect_uri=http://localhost:8080/login&response_type=code&state=q0YqtY; arg2=error (property not equals)
2016-04-11 01:56:10.828 DEBUG 17850 --- [nio-9999-exec-8] o.s.s.w.s.HttpSessionRequestCache : saved request doesn't match
2016-04-11 01:56:10.828 DEBUG 17850 --- [nio-9999-exec-8] o.s.security.web.FilterChainProxy : /login?error at position 8 of 12 in additional filter chain; firing Filter: 'SecurityContextHolderAwareRequestFilter'
2016-04-11 01:56:10.828 DEBUG 17850 --- [nio-9999-exec-8] o.s.security.web.FilterChainProxy : /login?error at position 9 of 12 in additional filter chain; firing Filter: 'AnonymousAuthenticationFilter'
2016-04-11 01:56:10.865 DEBUG 17850 --- [nio-9999-exec-8] o.s.s.w.a.AnonymousAuthenticationFilter : Populated SecurityContextHolder with anonymous token: 'org.springframework.security.authentication.AnonymousAuthenticationToken#905571d8: Principal: anonymousUser; Credentials: [PROTECTED]; Authenticated: true; Details: org.springframework.security.web.authentication.WebAuthenticationDetails#0: RemoteIpAddress: 127.0.0.1; SessionId: 49C866D11F4CC5AF4ACDC58145A672BA; Granted Authorities: ROLE_ANONYMOUS'
2016-04-11 01:56:10.865 DEBUG 17850 --- [nio-9999-exec-8] o.s.security.web.FilterChainProxy : /login?error at position 10 of 12 in additional filter chain; firing Filter: 'SessionManagementFilter'
2016-04-11 01:56:10.865 DEBUG 17850 --- [nio-9999-exec-8] o.s.security.web.FilterChainProxy : /login?error at position 11 of 12 in additional filter chain; firing Filter: 'ExceptionTranslationFilter'
2016-04-11 01:56:10.865 DEBUG 17850 --- [nio-9999-exec-8] o.s.security.web.FilterChainProxy : /login?error at position 12 of 12 in additional filter chain; firing Filter: 'FilterSecurityInterceptor'
2016-04-11 01:56:10.865 DEBUG 17850 --- [nio-9999-exec-8] o.s.s.w.a.i.FilterSecurityInterceptor : Secure object: FilterInvocation: URL: /login?error; Attributes: [permitAll]
2016-04-11 01:56:10.865 DEBUG 17850 --- [nio-9999-exec-8] o.s.s.w.a.i.FilterSecurityInterceptor : Previously Authenticated: org.springframework.security.authentication.AnonymousAuthenticationToken#905571d8: Principal: anonymousUser; Credentials: [PROTECTED]; Authenticated: true; Details: org.springframework.security.web.authentication.WebAuthenticationDetails#0: RemoteIpAddress: 127.0.0.1; SessionId: 49C866D11F4CC5AF4ACDC58145A672BA; Granted Authorities: ROLE_ANONYMOUS
2016-04-11 01:56:10.865 DEBUG 17850 --- [nio-9999-exec-8] o.s.s.access.vote.AffirmativeBased : Voter: org.springframework.security.web.access.expression.WebExpressionVoter#5cb57e17, returned: 1
2016-04-11 01:56:10.865 DEBUG 17850 --- [nio-9999-exec-8] o.s.s.w.a.i.FilterSecurityInterceptor : Authorization successful
2016-04-11 01:56:10.865 DEBUG 17850 --- [nio-9999-exec-8] o.s.s.w.a.i.FilterSecurityInterceptor : RunAsManager did not change Authentication object
2016-04-11 01:56:10.865 DEBUG 17850 --- [nio-9999-exec-8] o.s.security.web.FilterChainProxy : /login?error reached end of additional filter chain; proceeding with original chain
2016-04-11 01:56:10.867 DEBUG 17850 --- [nio-9999-exec-8] w.c.HttpSessionSecurityContextRepository : SecurityContext is empty or contents are anonymous - context will not be stored in HttpSession.
2016-04-11 01:56:10.867 DEBUG 17850 --- [nio-9999-exec-8] o.s.s.w.a.ExceptionTranslationFilter : Chain processed normally
2016-04-11 01:56:10.867 DEBUG 17850 --- [nio-9999-exec-8] s.s.w.c.SecurityContextPersistenceFilter : SecurityContextHolder now cleared, as request processing completed
2016-04-11 01:56:10.958 DEBUG 17850 --- [nio-9999-exec-9] o.s.s.web.util.matcher.OrRequestMatcher : Trying to match using Ant [pattern='/css/**']
2016-04-11 01:56:10.958 DEBUG 17850 --- [nio-9999-exec-9] o.s.s.w.u.matcher.AntPathRequestMatcher : Checking match of request : '/css/wro.css'; against '/css/**'
2016-04-11 01:56:10.958 DEBUG 17850 --- [nio-9999-exec-9] o.s.s.web.util.matcher.OrRequestMatcher : matched
2016-04-11 01:56:10.958 DEBUG 17850 --- [nio-9999-exec-9] o.s.security.web.FilterChainProxy : /css/wro.css has an empty filter list
2016-04-11 01:56:10.959 DEBUG 17850 --- [nio-9999-exec-9] .s.o.p.e.FrameworkEndpointHandlerMapping : Looking up handler method for path /css/wro.css
2016-04-11 01:56:10.959 DEBUG 17850 --- [nio-9999-exec-9] .s.o.p.e.FrameworkEndpointHandlerMapping : Did not find handler method for [/css/wro.css]
2016-04-11 01:56:10.961 DEBUG 17850 --- [io-9999-exec-10] o.s.s.web.util.matcher.OrRequestMatcher : Trying to match using Ant [pattern='/css/**']
2016-04-11 01:56:10.961 DEBUG 17850 --- [io-9999-exec-10] o.s.s.w.u.matcher.AntPathRequestMatcher : Checking match of request : '/js/wro.js'; against '/css/**'
2016-04-11 01:56:10.961 DEBUG 17850 --- [io-9999-exec-10] o.s.s.web.util.matcher.OrRequestMatcher : Trying to match using Ant [pattern='/js/**']
2016-04-11 01:56:10.961 DEBUG 17850 --- [io-9999-exec-10] o.s.s.w.u.matcher.AntPathRequestMatcher : Checking match of request : '/js/wro.js'; against '/js/**'
2016-04-11 01:56:10.961 DEBUG 17850 --- [io-9999-exec-10] o.s.s.web.util.matcher.OrRequestMatcher : matched
2016-04-11 01:56:10.961 DEBUG 17850 --- [io-9999-exec-10] o.s.security.web.FilterChainProxy : /js/wro.js has an empty filter list
2016-04-11 01:56:10.962 DEBUG 17850 --- [io-9999-exec-10] .s.o.p.e.FrameworkEndpointHandlerMapping : Looking up handler method for path /js/wro.js
2016-04-11 01:56:10.962 DEBUG 17850 --- [io-9999-exec-10] .s.o.p.e.FrameworkEndpointHandlerMapping : Did not find handler method for [/js/wro.js]
Alternatively, giving the credentials user and password, as per application.properties, results in a redirect to localhost:9000/uaa with an xml error message which states that you must be fully authenticated to view this resource.