hansonwang99 / spring-boot-in-action Goto Github PK
View Code? Open in Web Editor NEWSpring Boot 系列实战合集
Home Page: https://www.codesheep.cn
spring-boot-in-action's Issues
基于Tomcat版本造成的java.lang.IllegalStateException
部分情况会出现java.lang.IllegalStateException:Calling [asyncError()] is not valid for a request with Async state。
解决方法:排除Tomcat依赖,使用Jetty代替。
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-jetty</artifactId>
</dependency>
springbt_security_jwt 交流学习
博客访问不了
链接跳转的博客无法访问
数据库/缓存相关方面的建议
hi,hansonwang99.
我关注了你的这个项目,写的很不错,对我这个初级开发的帮助很大,这里先谢谢你啦!
但是我个人觉得在数据库/缓存相关这栏中,可以增加多数据源配置,springboot 集成 Jpa,springboot 集成 redis 这些内容,让你这个项目更加丰富。
springsecurity-sso
集成sso项目中,sso-client项目如何自定义权限校验呀,只能通过在方法上加注解吗,自己尝试了下rbac的方式,发现登录也会被拦截,不能重定向到sso-server的登录页面了,楼主知道的话,还望能够提供一些思路,谢谢,邮箱:[email protected]
大佬,随便上传一下sql啊,还是上传了我没有找到?
建议权限认证一块增加Shiro部分的内容
从B站来的,老哥能增加shiro权限认证的使用案例不咯
springboot-sso-jwt统一登出
由于项目只使用了几个简单的注解就实现了单点登录的效果,不清楚过程是啥样,所以怎么实现单点登录的统一登出?
springbt_security_jwt项目@Autowired出错
/springbt_security_jwt项目中,JWTFilter类中,
private UserDetailsService userDetailsService;使用@Autowired注解报错,
可以用@resource 代替
这里是不是没有处理登录失败的场景,为什么要把Authentication放入上下文?
被你坑了 你文档少贴了一个类 我就奇怪了你注入了进来 却没有看到实现 琢磨半天才发现 你源码有 文档没写
springbt_security_jwt调用注册方法时jpa返回user数据序列化的时候提示空指针异常
异常信息如下
Resolved [org.springframework.http.converter.HttpMessageNotWritableException: Could not write JSON: (was java.lang.NullPointerException); nested exception is com.fasterxml.jackson.databind.JsonMappingException: (was java.lang.NullPointerException) (through reference chain: cn.codesheep.springbt_security_jwt.model.entity.User["authorities"])]
我自建一个模块不使用springbt security测试注册方法就是正常 望羊哥有空帮忙看看 谢谢
Using predictable/constant cryptographic key when creating and verifing Json Web Token.
Hi, we are a research group to help developers build secure applications. We designed a cryptographic misuse detector on Java language(Our main concern is the secure implementation and use of Json Web Token). We found your great public repository (i.e.,
Spring-Boot-In-Action) from Github, and several security issues detected by our detector are shown in the following. The specific security issues we found are as follows:
(1) Location: Package: cn.codesheep.springbt_security_jwt.controller; Class: JwtAuthController.class
and Package cn.codesheep.springbt_security_jwt.comm; Class:Const.class
Security issue: Using predictable/constant cryptographic key when creating and verifing Json Web Token.
Using a predictable/constant secret does not conform to the security implementation specification of JWT, which may bring security risks to your system. It is recommended to use a more secure way to store the secret used to generate the JWT and use a strong enough key to improve the security of the project. (For the hazards of predictable/constant secret, you can refer to CWE-321, NIST Special Publication 800-57).
We wish the above security issues cloud truly help you to build a secure application. If you have any concern or suggestion, please feel free to contact us, we are looking forwart to your reply. Thanks.
SSO + JWT 认证服务 客户端启动失败!
Caused by: org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'jwtTokenEnhancer' defined in class path resource [org/springframework/boot/autoconfigure/security/oauth2/resource/ResourceServerTokenServicesConfiguration$JwtTokenServicesConfiguration.class]: Bean instantiation via factory method failed; nested exception is org.springframework.beans.BeanInstantiationException: Failed to instantiate [org.springframework.security.oauth2.provider.token.store.JwtAccessTokenConverter]: Factory method 'jwtTokenEnhancer' threw exception; nested exception is org.springframework.web.client.HttpClientErrorException$Unauthorized: 401 null
at org.springframework.beans.factory.support.ConstructorResolver.instantiate(ConstructorResolver.java:627) ~[spring-beans-5.1.9.RELEASE.jar:5.1.9.RELEASE]
at org.springframework.beans.factory.support.ConstructorResolver.instantiateUsingFactoryMethod(ConstructorResolver.java:456) ~[spring-beans-5.1.9.RELEASE.jar:5.1.9.RELEASE]
at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.instantiateUsingFactoryMethod(AbstractAutowireCapableBeanFactory.java:1321) ~[spring-beans-5.1.9.RELEASE.jar:5.1.9.RELEASE]
at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.createBeanInstance(AbstractAutowireCapableBeanFactory.java:1160) ~[spring-beans-5.1.9.RELEASE.jar:5.1.9.RELEASE]
at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.doCreateBean(AbstractAutowireCapableBeanFactory.java:555) ~[spring-beans-5.1.9.RELEASE.jar:5.1.9.RELEASE]
at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.createBean(AbstractAutowireCapableBeanFactory.java:515) ~[spring-beans-5.1.9.RELEASE.jar:5.1.9.RELEASE]
at org.springframework.beans.factory.support.AbstractBeanFactory.lambda$doGetBean$0(AbstractBeanFactory.java:320) ~[spring-beans-5.1.9.RELEASE.jar:5.1.9.RELEASE]
at org.springframework.beans.factory.support.DefaultSingletonBeanRegistry.getSingleton(DefaultSingletonBeanRegistry.java:222) ~[spring-beans-5.1.9.RELEASE.jar:5.1.9.RELEASE]
at org.springframework.beans.factory.support.AbstractBeanFactory.doGetBean(AbstractBeanFactory.java:318) ~[spring-beans-5.1.9.RELEASE.jar:5.1.9.RELEASE]
at org.springframework.beans.factory.support.AbstractBeanFactory.getBean(AbstractBeanFactory.java:199) ~[spring-beans-5.1.9.RELEASE.jar:5.1.9.RELEASE]
at org.springframework.context.annotation.ConfigurationClassEnhancer$BeanMethodInterceptor.resolveBeanReference(ConfigurationClassEnhancer.java:394) ~[spring-context-5.1.9.RELEASE.jar:5.1.9.RELEASE]
at org.springframework.context.annotation.ConfigurationClassEnhancer$BeanMethodInterceptor.intercept(ConfigurationClassEnhancer.java:366) ~[spring-context-5.1.9.RELEASE.jar:5.1.9.RELEASE]
at org.springframework.boot.autoconfigure.security.oauth2.resource.ResourceServerTokenServicesConfiguration$JwtTokenServicesConfiguration$$EnhancerBySpringCGLIB$$4186f2ce.jwtTokenEnhancer() ~[spring-security-oauth2-autoconfigure-2.1.8.RELEASE.jar:2.1.8.RELEASE]
at org.springframework.boot.autoconfigure.security.oauth2.resource.ResourceServerTokenServicesConfiguration$JwtTokenServicesConfiguration.jwtTokenStore(ResourceServerTokenServicesConfiguration.java:275) ~[spring-security-oauth2-autoconfigure-2.1.8.RELEASE.jar:2.1.8.RELEASE]
at org.springframework.boot.autoconfigure.security.oauth2.resource.ResourceServerTokenServicesConfiguration$JwtTokenServicesConfiguration$$EnhancerBySpringCGLIB$$4186f2ce.CGLIB$jwtTokenStore$1() ~[spring-security-oauth2-autoconfigure-2.1.8.RELEASE.jar:2.1.8.RELEASE]
at org.springframework.boot.autoconfigure.security.oauth2.resource.ResourceServerTokenServicesConfiguration$JwtTokenServicesConfiguration$$EnhancerBySpringCGLIB$$4186f2ce$$FastClassBySpringCGLIB$$816bda61.invoke() ~[spring-security-oauth2-autoconfigure-2.1.8.RELEASE.jar:2.1.8.RELEASE]
at org.springframework.cglib.proxy.MethodProxy.invokeSuper(MethodProxy.java:244) ~[spring-core-5.1.9.RELEASE.jar:5.1.9.RELEASE]
at org.springframework.context.annotation.ConfigurationClassEnhancer$BeanMethodInterceptor.intercept(ConfigurationClassEnhancer.java:363) ~[spring-context-5.1.9.RELEASE.jar:5.1.9.RELEASE]
at org.springframework.boot.autoconfigure.security.oauth2.resource.ResourceServerTokenServicesConfiguration$JwtTokenServicesConfiguration$$EnhancerBySpringCGLIB$$4186f2ce.jwtTokenStore() ~[spring-security-oauth2-autoconfigure-2.1.8.RELEASE.jar:2.1.8.RELEASE]
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) ~[na:1.8.0_211]
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) ~[na:1.8.0_211]
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) ~[na:1.8.0_211]
at java.lang.reflect.Method.invoke(Method.java:498) ~[na:1.8.0_211]
at org.springframework.beans.factory.support.SimpleInstantiationStrategy.instantiate(SimpleInstantiationStrategy.java:154) ~[spring-beans-5.1.9.RELEASE.jar:5.1.9.RELEASE]
... 71 common frames omitted
Caused by: org.springframework.beans.BeanInstantiationException: Failed to instantiate [org.springframework.security.oauth2.provider.token.store.JwtAccessTokenConverter]: Factory method 'jwtTokenEnhancer' threw exception; nested exception is org.springframework.web.client.HttpClientErrorException$Unauthorized: 401 null
at org.springframework.beans.factory.support.SimpleInstantiationStrategy.instantiate(SimpleInstantiationStrategy.java:185) ~[spring-beans-5.1.9.RELEASE.jar:5.1.9.RELEASE]
at org.springframework.beans.factory.support.ConstructorResolver.instantiate(ConstructorResolver.java:622) ~[spring-beans-5.1.9.RELEASE.jar:5.1.9.RELEASE]
... 94 common frames omitted
Caused by: org.springframework.web.client.HttpClientErrorException$Unauthorized: 401 null
at org.springframework.web.client.HttpClientErrorException.create(HttpClientErrorException.java:81) ~[spring-web-5.1.9.RELEASE.jar:5.1.9.RELEASE]
at org.springframework.web.client.DefaultResponseErrorHandler.handleError(DefaultResponseErrorHandler.java:122) ~[spring-web-5.1.9.RELEASE.jar:5.1.9.RELEASE]
at org.springframework.web.client.DefaultResponseErrorHandler.handleError(DefaultResponseErrorHandler.java:102) ~[spring-web-5.1.9.RELEASE.jar:5.1.9.RELEASE]
at org.springframework.web.client.ResponseErrorHandler.handleError(ResponseErrorHandler.java:63) ~[spring-web-5.1.9.RELEASE.jar:5.1.9.RELEASE]
at org.springframework.web.client.RestTemplate.handleResponse(RestTemplate.java:778) ~[spring-web-5.1.9.RELEASE.jar:5.1.9.RELEASE]
at org.springframework.web.client.RestTemplate.doExecute(RestTemplate.java:736) ~[spring-web-5.1.9.RELEASE.jar:5.1.9.RELEASE]
at org.springframework.web.client.RestTemplate.execute(RestTemplate.java:670) ~[spring-web-5.1.9.RELEASE.jar:5.1.9.RELEASE]
at org.springframework.web.client.RestTemplate.exchange(RestTemplate.java:579) ~[spring-web-5.1.9.RELEASE.jar:5.1.9.RELEASE]
at org.springframework.boot.autoconfigure.security.oauth2.resource.ResourceServerTokenServicesConfiguration$JwtTokenServicesConfiguration.getKeyFromServer(ResourceServerTokenServicesConfiguration.java:319) ~[spring-security-oauth2-autoconfigure-2.1.8.RELEASE.jar:2.1.8.RELEASE]
at org.springframework.boot.autoconfigure.security.oauth2.resource.ResourceServerTokenServicesConfiguration$JwtTokenServicesConfiguration.jwtTokenEnhancer(ResourceServerTokenServicesConfiguration.java:284) ~[spring-security-oauth2-autoconfigure-2.1.8.RELEASE.jar:2.1.8.RELEASE]
at org.springframework.boot.autoconfigure.security.oauth2.resource.ResourceServerTokenServicesConfiguration$JwtTokenServicesConfiguration$$EnhancerBySpringCGLIB$$4186f2ce.CGLIB$jwtTokenEnhancer$2() ~[spring-security-oauth2-autoconfigure-2.1.8.RELEASE.jar:2.1.8.RELEASE]
at org.springframework.boot.autoconfigure.security.oauth2.resource.ResourceServerTokenServicesConfiguration$JwtTokenServicesConfiguration$$EnhancerBySpringCGLIB$$4186f2ce$$FastClassBySpringCGLIB$$816bda61.invoke() ~[spring-security-oauth2-autoconfigure-2.1.8.RELEASE.jar:2.1.8.RELEASE]
at org.springframework.cglib.proxy.MethodProxy.invokeSuper(MethodProxy.java:244) ~[spring-core-5.1.9.RELEASE.jar:5.1.9.RELEASE]
at org.springframework.context.annotation.ConfigurationClassEnhancer$BeanMethodInterceptor.intercept(ConfigurationClassEnhancer.java:363) ~[spring-context-5.1.9.RELEASE.jar:5.1.9.RELEASE]
at org.springframework.boot.autoconfigure.security.oauth2.resource.ResourceServerTokenServicesConfiguration$JwtTokenServicesConfiguration$$EnhancerBySpringCGLIB$$4186f2ce.jwtTokenEnhancer() ~[spring-security-oauth2-autoconfigure-2.1.8.RELEASE.jar:2.1.8.RELEASE]
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) ~[na:1.8.0_211]
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) ~[na:1.8.0_211]
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) ~[na:1.8.0_211]
at java.lang.reflect.Method.invoke(Method.java:498) ~[na:1.8.0_211]
at org.springframework.beans.factory.support.SimpleInstantiationStrategy.instantiate(SimpleInstantiationStrategy.java:154) ~[spring-beans-5.1.9.RELEASE.jar:5.1.9.RELEASE]
... 95 common frames omitted
怎么id-spring-boot-starter在maven库没了?
添加不上依赖
id-spring-boot-starter
测试
测试 @
-
[ ]
-
如何获取带水印的图片?
您好 postman 返回
{
"imageUrl": "static/images//yogan.png",
"logoImageUrl": "static/images//watermark_yogan.png"
}
请问如何获取带水印的图片吗?
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.