问题描述
我正在使用apache karaf容器以及码头,弹簧和cxf。 并且在使用Spring Security进行身份验证时注意到很多警告。
试图在网上查找信息,但找不到太多。 任何人都遇到过类似的问题。 为什么会有这样的警告? 有影响吗?
代码段 public void prepareSecurityContext(ServletRequest request, ServletResponse response, FilterChain chain, MeetingRef user, String username, String token) throws IOException, ServletException {
// Build an Authentication object with the user's info AbstractAuthenticationToken auth = new UserTokenAuthentication( username, token, getAuthorities(user)); auth.setDetails(new WebAuthenticationDetailsSource() .buildDetails((HttpServletRequest) request)); // Set the authentication into the SecurityContext SecurityContextHolder.getContext().setAuthentication(auth); // Continue through the filter chain chain.doFilter(request, response); }
下面是异常堆栈跟踪的代码段:
2015-07-23T09:37:42.0 localhost.localdomain org.apache.cxf.interceptor.Fault: [warning] org.eclipse.jetty.io.EofException: timeout 2015-07-23T09:37:42.0 localhost.localdomain at [warning] org.apache.cxf.jaxrs.utils.JAXRSUtils.readFromMessageBody(JAXRSUtils.java:1243) 2015-07-23T09:37:42.0 localhost.localdomain at [warning] org.apache.cxf.jaxrs.utils.JAXRSUtils.processParameter(JAXRSUtils.java:782) 2015-07-23T09:37:42.0 localhost.localdomain at [warning] org.apache.cxf.jaxrs.utils.JAXRSUtils.processParameters(JAXRSUtils.java:741)
......................................................
2015-07-23T09:37:42.0 localhost.localdomain Caused [warning] by: java.lang.RuntimeException: org.eclipse.jetty.io.EofException: timeout 2015-07-23T09:37:42.0 localhost.localdomain at [warning] org.apache.cxf.attachment.LazyAttachmentCollection.loadAll(LazyAttachmentCollection.java:58) 2015-07-23T09:37:42.0 localhost.localdomain at [warning]
....................................................... org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342) 2015-07-23T09:37:42.0 localhost.localdomain at [warning] com.mypackage.UserAuthenticationProcessingFilter.prepareSecurityContext(UserAuthenticationProcessingFilter.java:132)
1楼
您可以尝试以这种方式手动设置身份验证吗:
// Below gets the object from the database for the user which you want to authenticate.
Person person1 = this.personService.findPersonByUsername(username);
Collection<GrantedAuthority> authorities = new ArrayList<>();
// Add the role of the user
authorities.add(new SimpleGrantedAuthority("ROLE_USER"));
Authentication authentication = new UsernamePasswordAuthenticationToken(person1, null, authorities);
SecurityContextHolder.getContext().setAuthentication(authentication);
尝试一下,请使用正确的格式更正确地发布日志,因此现在只能看到警告,并且流程无法理解。 莱姆知道这是否有帮助。