我有一个Sping Boot 3.1.5应用程序。我刚刚在应用程序中实现了Spring Security,但当我尝试使用默认凭据登录时,它总是返回401错误。(错误的凭据)任何类型的请求(POST/PUT/POST/GET)我发送了。我有一个PostgreSQL数据源,我实现了密码作为BCrypt类型直接进入数据库。有人有任何想法,为什么我得到401错误或任何有用的参考?谢谢。
Response from Postman
下面是我的代码:
我的数据库续集:
CREATE TABLE IF NOT EXISTS public."user" (
userid SERIAL PRIMARY KEY,
username VARCHAR(255) NOT NULL,
password VARCHAR(255) NOT NULL,
email VARCHAR(255) NOT NULL,
roles VARCHAR(255) NOT NULL,
fullname VARCHAR(255) NOT NULL
);
-- Inserting data into the "user" table
INSERT INTO public."user" (userid, username, password, email, roles, fullname)
VALUES
(1, 'john', '$2a$12$A0/jY7NwmY4YTmqPHA0vSuJrhSY.k45sQR34XhEDMgxFJVSgc04tW', '[email protected]', 'admin user', 'John Doe'),
(2, 'eric', '$2a$12$AGmHEKS6hYzRMVdH0edkReu6OMbgI.F4gO1ENWrUr2/C7p5eMkN6y', '[email protected]', 'user', 'Eric Smith'),
(3, 'tom', '$2a$12$wOAnqh7frKwARxYsRNS1wO9slB5fNGTsMclkhuzxg6Fv/YcOrgZWa', '[email protected]', 'user', 'Tom Johnson');字符串
User.java:
@Entity
@Getter
@Setter
@Table(name = "user",schema = "public")
public class User implements Serializable {
@Id
@GeneratedValue(strategy = GenerationType.IDENTITY)
@Column(name = "userid")
private Integer userid;
@Column(name = "username")
@NotEmpty(message = "username is required.")
private String username;
@Column(name = "password")
@NotEmpty(message = "password is required.")
private String password;
@Column(name = "email")
@NotEmpty(message = "email is required.")
private String email;
@Column(name = "roles")
@NotEmpty(message = "roles are required.")
private String roles; // Space separated string
@Column(name = "fullname")
@NotEmpty(message = "fullname is required.")
private String fullname; // Space separated string
public User() {
}
}型
用户控制器:
@RestController
@RequestMapping("/users")
public class UserController {
private final UserService userService;
private final UserDtoToUserConverter userDtoToUserConverter; // Convert userDto to user.
private final UserToUserDtoConverter userToUserDtoConverter; // Convert user to userDto.
public UserController(UserService userService, UserDtoToUserConverter userDtoToUserConverter, UserToUserDtoConverter userToUserDtoConverter) {
this.userService = userService;
this.userDtoToUserConverter = userDtoToUserConverter;
this.userToUserDtoConverter = userToUserDtoConverter;
}
@GetMapping
public Result findAllUsers() {
List<User> foundUsers = this.userService.findAll();
// Convert foundUsers to a list of UserDtos.
List<UserDto> userDtos = foundUsers.stream()
.map(this.userToUserDtoConverter::convert)
.collect(Collectors.toList());
// Note that UserDto does not contain password field.
return new Result(true, StatusCode.SUCCESS, "Find All Success", userDtos);
}
@GetMapping("/{userid}")
public Result findUserById(@PathVariable Integer userid) {
User foundUser = this.userService.findById(userid);
UserDto userDto = this.userToUserDtoConverter.convert(foundUser);
return new Result(true, StatusCode.SUCCESS, "Find One Success", userDto);
}
@PostMapping
public Result addUser(@Valid @RequestBody User newuser) {
User savedUser = this.userService.save(newuser);
UserDto savedUserDto = this.userToUserDtoConverter.convert(savedUser);
return new Result(true, StatusCode.SUCCESS, "Add Success", savedUserDto);
}
@PutMapping("/{userid}")
public Result updateUser(@PathVariable Integer userid, @Valid @RequestBody UserDto userDto) {
User update = this.userDtoToUserConverter.convert(userDto);
User updatedUser = this.userService.update(userid, update);
UserDto updatedUserDto = this.userToUserDtoConverter.convert(updatedUser);
return new Result(true, StatusCode.SUCCESS, "Update Success", updatedUserDto);
}
@DeleteMapping("/{userid}")
public Result deleteUser(@PathVariable Integer userid) {
this.userService.delete(userid);
return new Result(true, StatusCode.SUCCESS, "Delete Success");
}
}型
UserService.java
@Service
@Transactional
public class UserService implements UserDetailsService {
private final UserRepository userRepository;
private final PasswordEncoder passwordEncoder;
public UserService(UserRepository userRepository, PasswordEncoder passwordEncoder) {
this.userRepository = userRepository;
this.passwordEncoder = passwordEncoder;
}
public List<User> findAll() {
return this.userRepository.findAll();
}
public User findById(Integer userid) {
return this.userRepository.findById(userid)
.orElseThrow(() -> new ObjectNotFoundException("user", userid));
}
public User save(User newUser) {
// We NEED to encode plain password before saving to the DB! TODO
newUser.setPassword(this.passwordEncoder.encode(newUser.getPassword()));
return this.userRepository.save(newUser);
}
public User update(Integer userid, User update) {
User oldUser = this.userRepository.findById(userid)
.orElseThrow(() -> new ObjectNotFoundException("user", userid));
oldUser.setUsername(update.getUsername());
oldUser.setFullname(update.getFullname());
oldUser.setRoles(update.getRoles());
return this.userRepository.save(oldUser);
}
public void delete(Integer userid) {
this.userRepository.findById(userid)
.orElseThrow(() -> new ObjectNotFoundException("user", userid));
this.userRepository.deleteById(userid);
}
@Override
public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException {
return this.userRepository.findByUsername(username)
.map(user -> {
MyUserPrincipal myUserPrincipal = new MyUserPrincipal(user);
// Log to check password got from MyUserPrincipal
System.out.println("myUserPrincipal password: "+myUserPrincipal.getPassword());
return myUserPrincipal;
})
.orElseThrow(() -> new UsernameNotFoundException("username " + username + " is not found."));
}
}型
MyUserPrincipal
public class MyUserPrincipal implements UserDetails {
private User user;
private Collection<? extends GrantedAuthority> authorities;
public MyUserPrincipal(User user) {
this.user = user;
this.authorities = Arrays.stream(StringUtils.tokenizeToStringArray(this.user.getRoles(), " "))
.map(role -> new SimpleGrantedAuthority("ROLE_" + role))
.toList();
// Log the authorities
System.out.println("Authorities: " + this.authorities);
}
// This is the method that is called when we want to get the authorities of the user
@Override
public Collection<? extends GrantedAuthority> getAuthorities() {
String[] roles = StringUtils.tokenizeToStringArray(this.user.getRoles(), " ");
System.out.println("Tokenized Roles: " + Arrays.toString(roles));
return Arrays.stream(roles)
.map(role -> new SimpleGrantedAuthority("ROLE_" + role))
.toList();
}
@Override
public String getPassword() {
return this.user.getPassword();
}
@Override
public String getUsername() {
return this.user.getUsername();
}
@Override
public boolean isEnabled(){
return true;
}
@Override
public boolean isAccountNonExpired() {
return true;
}
@Override
public boolean isAccountNonLocked() {
return true;
}
@Override
public boolean isCredentialsNonExpired() {
return true;
}
}型
WebConfiguration.java
@Configuration
public class WebConfiguration implements WebMvcConfigurer {
@Override
public void addCorsMappings(CorsRegistry registry) {
registry.addMapping("/**")
.allowedMethods("GET", "POST", "PUT", "DELETE", "OPTIONS")
.allowedOrigins("*")
.allowedHeaders("*");
}
}型
SecurityConfiguration.java
@Configuration
@EnableWebSecurity(debug = true)
public class SecurityConfiguration {
private final CustomBasicAuthenticationEntryPoint customBasicAuthenticationEntryPoint;
public SecurityConfiguration(CustomBasicAuthenticationEntryPoint customBasicAuthenticationEntryPoint, CustomBearerTokenAuthenticationEntryPoint customBearerTokenAuthenticationEntryPoint, CustomBearerTokenAccessDeniedHandler customBearerTokenAccessDeniedHandler) {
this.customBasicAuthenticationEntryPoint = customBasicAuthenticationEntryPoint;
}
@Bean
public BCryptPasswordEncoder passwordEncoder() {
return new BCryptPasswordEncoder();
}
@Bean
public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
return http
.authorizeHttpRequests(authorizeHttpRequests -> authorizeHttpRequests
.requestMatchers(HttpMethod.GET, "/users/**").authenticated() // Protect the endpoint.
.requestMatchers(HttpMethod.POST, "/users").hasAuthority("ROLE_admin") // Protect the endpoint.
.requestMatchers(HttpMethod.PUT, "/users/**").hasAuthority("ROLE_admin") // Protect the endpoint.
.requestMatchers(HttpMethod.DELETE, "/users/**").hasAuthority("ROLE_user") // Protect the endpoint.
// Disallow everything else.
.requestMatchers(AntPathRequestMatcher.antMatcher("/actuator")).permitAll()
.anyRequest().authenticated()
)
.cors(Customizer.withDefaults())
.csrf(csrf -> csrf.disable())
.httpBasic(httpBasic -> httpBasic.authenticationEntryPoint(this.customBasicAuthenticationEntryPoint))
.sessionManagement(sessionManagement ->
sessionManagement.sessionCreationPolicy(SessionCreationPolicy.STATELESS))
.build();
}
}型
CustomBasicAuthenticationEntryPoint:
@Component
public class CustomBasicAuthenticationEntryPoint implements AuthenticationEntryPoint {
private final HandlerExceptionResolver resolver;
public CustomBasicAuthenticationEntryPoint(@Qualifier("handlerExceptionResolver") HandlerExceptionResolver resolver) {
this.resolver = resolver;
}
@Override
public void commence(HttpServletRequest request, HttpServletResponse response, AuthenticationException authException) throws IOException, ServletException {
response.addHeader("WWW-Authenicate", "Basic realm=\"Realm\"");
this.resolver.resolveException(request, response, null, authException)2;
}型
下面是我向Postman发送请求时的堆栈跟踪:
************************************************************
Request received for GET '/users/2':
org.apache.catalina.connector.RequestFacade@797f85f8
servletPath:/users/2
pathInfo:null
headers:
authorization: Basic am9objokMmEkMTIkQTAvalk3TndtWTRZVG1xUEhBMHZTdUpyaFNZLms0NXNRUjM0WGhFRE1neEZKVlNnYzA0dFc=
user-agent: PostmanRuntime/7.35.0
accept: */*
postman-token: 843acd44-ee4d-459b-9f95-50b25fbf4032
host: localhost:8080
accept-encoding: gzip, deflate, br
connection: keep-alive
Security filter chain: [
DisableEncodeUrlFilter
WebAsyncManagerIntegrationFilter
SecurityContextHolderFilter
HeaderWriterFilter
CorsFilter
LogoutFilter
BasicAuthenticationFilter
RequestCacheAwareFilter
SecurityContextHolderAwareRequestFilter
AnonymousAuthenticationFilter
SessionManagementFilter
ExceptionTranslationFilter
AuthorizationFilter
]
************************************************************
Authorities: [ROLE_admin, ROLE_user]
myUserPrincipal password: $2a$12$A0/jY7NwmY4YTmqPHA0vSuJrhSY.k45sQR34XhEDMgxFJVSgc04tW
2023-11-21T20:37:13.391-06:00 ERROR 13532 --- [nio-8080-exec-1] e.t.c.m.s.e.ExceptionHandlerAdvice : Authentication failed: username or password is incorrect.
org.springframework.security.authentication.BadCredentialsException: Bad credentials
at org.springframework.security.authentication.dao.DaoAuthenticationProvider.additionalAuthenticationChecks(DaoAuthenticationProvider.java:89) ~[spring-security-core-6.1.5.jar:6.1.5]
at org.springframework.security.authentication.dao.AbstractUserDetailsAuthenticationProvider.authenticate(AbstractUserDetailsAuthenticationProvider.java:147) ~[spring-security-core-6.1.5.jar:6.1.5]
at org.springframework.security.authentication.ProviderManager.authenticate(ProviderManager.java:182) ~[spring-security-core-6.1.5.jar:6.1.5]
at org.springframework.security.authentication.ProviderManager.authenticate(ProviderManager.java:201) ~[spring-security-core-6.1.5.jar:6.1.5]
at org.springframework.security.authentication.ObservationAuthenticationManager.lambda$authenticate$1(ObservationAuthenticationManager.java:54) ~[spring-security-core-6.1.5.jar:6.1.5]
at io.micrometer.observation.Observation.lambda$observe$4(Observation.java:544) ~[micrometer-observation-1.11.5.jar:1.11.5]
at io.micrometer.observation.Observation.observeWithContext(Observation.java:603) ~[micrometer-observation-1.11.5.jar:1.11.5]
at io.micrometer.observation.Observation.observe(Observation.java:544) ~[micrometer-observation-1.11.5.jar:1.11.5]
at org.springframework.security.authentication.ObservationAuthenticationManager.authenticate(ObservationAuthenticationManager.java:53) ~[spring-security-core-6.1.5.jar:6.1.5]
at org.springframework.security.web.authentication.www.BasicAuthenticationFilter.doFilterInternal(BasicAuthenticationFilter.java:174) ~[spring-security-web-6.1.5.jar:6.1.5]
at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:116) ~[spring-web-6.0.13.jar:6.0.13]
at org.springframework.security.web.ObservationFilterChainDecorator$ObservationFilter.wrapFilter(ObservationFilterChainDecorator.java:240) ~[spring-security-web-6.1.5.jar:6.1.5]
at org.springframework.security.web.ObservationFilterChainDecorator$ObservationFilter.doFilter(ObservationFilterChainDecorator.java:227) ~[spring-security-web-6.1.5.jar:6.1.5]
at org.springframework.security.web.ObservationFilterChainDecorator$VirtualFilterChain.doFilter(ObservationFilterChainDecorator.java:137) ~[spring-security-web-6.1.5.jar:6.1.5]
at org.springframework.security.web.authentication.logout.LogoutFilter.doFilter(LogoutFilter.java:107) ~[spring-security-web-6.1.5.jar:6.1.5]
at org.springframework.security.web.authentication.logout.LogoutFilter.doFilter(LogoutFilter.java:93) ~[spring-security-web-6.1.5.jar:6.1.5]
at org.springframework.security.web.ObservationFilterChainDecorator$ObservationFilter.wrapFilter(ObservationFilterChainDecorator.java:240) ~[spring-security-web-6.1.5.jar:6.1.5]
at org.springframework.security.web.ObservationFilterChainDecorator$ObservationFilter.doFilter(ObservationFilterChainDecorator.java:227) ~[spring-security-web-6.1.5.jar:6.1.5]
at org.springframework.security.web.ObservationFilterChainDecorator$VirtualFilterChain.doFilter(ObservationFilterChainDecorator.java:137) ~[spring-security-web-6.1.5.jar:6.1.5]
at org.springframework.web.filter.CorsFilter.doFilterInternal(CorsFilter.java:91) ~[spring-web-6.0.13.jar:6.0.13]
at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:116) ~[spring-web-6.0.13.jar:6.0.13]
at org.springframework.security.web.ObservationFilterChainDecorator$ObservationFilter.wrapFilter(ObservationFilterChainDecorator.java:240) ~[spring-security-web-6.1.5.jar:6.1.5]
at org.springframework.security.web.ObservationFilterChainDecorator$ObservationFilter.doFilter(ObservationFilterChainDecorator.java:227) ~[spring-security-web-6.1.5.jar:6.1.5]
at org.springframework.security.web.ObservationFilterChainDecorator$VirtualFilterChain.doFilter(ObservationFilterChainDecorator.java:137) ~[spring-security-web-6.1.5.jar:6.1.5]
at org.springframework.security.web.header.HeaderWriterFilter.doHeadersAfter(HeaderWriterFilter.java:90) ~[spring-security-web-6.1.5.jar:6.1.5]
at org.springframework.security.web.header.HeaderWriterFilter.doFilterInternal(HeaderWriterFilter.java:75) ~[spring-security-web-6.1.5.jar:6.1.5]
at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:116) ~[spring-web-6.0.13.jar:6.0.13]
at org.springframework.security.web.ObservationFilterChainDecorator$ObservationFilter.wrapFilter(ObservationFilterChainDecorator.java:240) ~[spring-security-web-6.1.5.jar:6.1.5]
at org.springframework.security.web.ObservationFilterChainDecorator$ObservationFilter.doFilter(ObservationFilterChainDecorator.java:227) ~[spring-security-web-6.1.5.jar:6.1.5]
at org.springframework.security.web.ObservationFilterChainDecorator$VirtualFilterChain.doFilter(ObservationFilterChainDecorator.java:137) ~[spring-security-web-6.1.5.jar:6.1.5]
at org.springframework.security.web.context.SecurityContextHolderFilter.doFilter(SecurityContextHolderFilter.java:82) ~[spring-security-web-6.1.5.jar:6.1.5]
at org.springframework.security.web.context.SecurityContextHolderFilter.doFilter(SecurityContextHolderFilter.java:69) ~[spring-security-web-6.1.5.jar:6.1.5]
at org.springframework.security.web.ObservationFilterChainDecorator$ObservationFilter.wrapFilter(ObservationFilterChainDecorator.java:240) ~[spring-security-web-6.1.5.jar:6.1.5]
at org.springframework.security.web.ObservationFilterChainDecorator$ObservationFilter.doFilter(ObservationFilterChainDecorator.java:227) ~[spring-security-web-6.1.5.jar:6.1.5]
at org.springframework.security.web.ObservationFilterChainDecorator$VirtualFilterChain.doFilter(ObservationFilterChainDecorator.java:137) ~[spring-security-web-6.1.5.jar:6.1.5]
at org.springframework.security.web.context.request.async.WebAsyncManagerIntegrationFilter.doFilterInternal(WebAsyncManagerIntegrationFilter.java:62) ~[spring-security-web-6.1.5.jar:6.1.5]
at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:116) ~[spring-web-6.0.13.jar:6.0.13]
at org.springframework.security.web.ObservationFilterChainDecorator$ObservationFilter.wrapFilter(ObservationFilterChainDecorator.java:240) ~[spring-security-web-6.1.5.jar:6.1.5]
at org.springframework.security.web.ObservationFilterChainDecorator$ObservationFilter.doFilter(ObservationFilterChainDecorator.java:227) ~[spring-security-web-6.1.5.jar:6.1.5]
at org.springframework.security.web.ObservationFilterChainDecorator$VirtualFilterChain.doFilter(ObservationFilterChainDecorator.java:137) ~[spring-security-web-6.1.5.jar:6.1.5]
at org.springframework.security.web.session.DisableEncodeUrlFilter.doFilterInternal(DisableEncodeUrlFilter.java:42) ~[spring-security-web-6.1.5.jar:6.1.5]
at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:116) ~[spring-web-6.0.13.jar:6.0.13]
at org.springframework.security.web.ObservationFilterChainDecorator$ObservationFilter.wrapFilter(ObservationFilterChainDecorator.java:240) ~[spring-security-web-6.1.5.jar:6.1.5]
at org.springframework.security.web.ObservationFilterChainDecorator$AroundFilterObservation$SimpleAroundFilterObservation.lambda$wrap$0(ObservationFilterChainDecorator.java:323) ~[spring-security-web-6.1.5.jar:6.1.5]
at org.springframework.security.web.ObservationFilterChainDecorator$ObservationFilter.doFilter(ObservationFilterChainDecorator.java:224) ~[spring-security-web-6.1.5.jar:6.1.5]
at org.springframework.security.web.ObservationFilterChainDecorator$VirtualFilterChain.doFilter(ObservationFilterChainDecorator.java:137) ~[spring-security-web-6.1.5.jar:6.1.5]
at org.springframework.security.web.FilterChainProxy.doFilterInternal(FilterChainProxy.java:233) ~[spring-security-web-6.1.5.jar:6.1.5]
at org.springframework.security.web.FilterChainProxy.doFilter(FilterChainProxy.java:191) ~[spring-security-web-6.1.5.jar:6.1.5]
at org.springframework.security.web.debug.DebugFilter.invokeWithWrappedRequest(DebugFilter.java:90) ~[spring-security-web-6.1.5.jar:6.1.5]
at org.springframework.security.web.debug.DebugFilter.doFilter(DebugFilter.java:78) ~[spring-security-web-6.1.5.jar:6.1.5]
at org.springframework.security.web.debug.DebugFilter.doFilter(DebugFilter.java:67) ~[spring-security-web-6.1.5.jar:6.1.5]
at org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:352) ~[spring-web-6.0.13.jar:6.0.13]
at org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:268) ~[spring-web-6.0.13.jar:6.0.13]
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:174) ~[tomcat-embed-core-10.1.15.jar:10.1.15]
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:149) ~[tomcat-embed-core-10.1.15.jar:10.1.15]
at org.springframework.web.filter.RequestContextFilter.doFilterInternal(RequestContextFilter.java:100) ~[spring-web-6.0.13.jar:6.0.13]
at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:116) ~[spring-web-6.0.13.jar:6.0.13]
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:174) ~[tomcat-embed-core-10.1.15.jar:10.1.15]
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:149) ~[tomcat-embed-core-10.1.15.jar:10.1.15]
at org.springframework.web.filter.FormContentFilter.doFilterInternal(FormContentFilter.java:93) ~[spring-web-6.0.13.jar:6.0.13]
at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:116) ~[spring-web-6.0.13.jar:6.0.13]
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:174) ~[tomcat-embed-core-10.1.15.jar:10.1.15]
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:149) ~[tomcat-embed-core-10.1.15.jar:10.1.15]
at org.springframework.web.filter.ServerHttpObservationFilter.doFilterInternal(ServerHttpObservationFilter.java:109) ~[spring-web-6.0.13.jar:6.0.13]
at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:116) ~[spring-web-6.0.13.jar:6.0.13]
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:174) ~[tomcat-embed-core-10.1.15.jar:10.1.15]
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:149) ~[tomcat-embed-core-10.1.15.jar:10.1.15]
at org.springframework.web.filter.CharacterEncodingFilter.doFilterInternal(CharacterEncodingFilter.java:201) ~[spring-web-6.0.13.jar:6.0.13]
at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:116) ~[spring-web-6.0.13.jar:6.0.13]
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:174) ~[tomcat-embed-core-10.1.15.jar:10.1.15]
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:149) ~[tomcat-embed-core-10.1.15.jar:10.1.15]
at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:167) ~[tomcat-embed-core-10.1.15.jar:10.1.15]
at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:90) ~[tomcat-embed-core-10.1.15.jar:10.1.15]
at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:482) ~[tomcat-embed-core-10.1.15.jar:10.1.15]
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:115) ~[tomcat-embed-core-10.1.15.jar:10.1.15]
at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:93) ~[tomcat-embed-core-10.1.15.jar:10.1.15]
at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:74) ~[tomcat-embed-core-10.1.15.jar:10.1.15]
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:340) ~[tomcat-embed-core-10.1.15.jar:10.1.15]
at org.apache.coyote.http11.Http11Processor.service(Http11Processor.java:391) ~[tomcat-embed-core-10.1.15.jar:10.1.15]
at org.apache.coyote.AbstractProcessorLight.process(AbstractProcessorLight.java:63) ~[tomcat-embed-core-10.1.15.jar:10.1.15]
at org.apache.coyote.AbstractProtocol$ConnectionHandler.process(AbstractProtocol.java:896) ~[tomcat-embed-core-10.1.15.jar:10.1.15]
at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1744) ~[tomcat-embed-core-10.1.15.jar:10.1.15]
at org.apache.tomcat.util.net.SocketProcessorBase.run(SocketProcessorBase.java:52) ~[tomcat-embed-core-10.1.15.jar:10.1.15]
at org.apache.tomcat.util.threads.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1191) ~[tomcat-embed-core-10.1.15.jar:10.1.15]
at org.apache.tomcat.util.threads.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:659) ~[tomcat-embed-core-10.1.15.jar:10.1.15]
at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61) ~[tomcat-embed-core-10.1.15.jar:10.1.15]
at java.base/java.lang.Thread.run(Thread.java:1583) ~[na:na]型
1条答案
按热度按时间zzlelutf1#
你用Postman发送了错误的密码。如果我解码了你的base64凭据,我得到:
字符串
这意味着您发送的是Bcrypt散列密码而不是正常密码。