Spring报错解决一览

Spring错误持续更新贴......     

问题一

springcloud-OAuth2.0配置的时候报错

Method springSecurityFilterChain in org.springframework.security.config.annotation.web.configuration.WebSecurityConfiguration required a bean of type 'org.springframework.boot.autoconfigure.security.oauth2.resource.UserInfoRestTemplateFactory' that could not be found. The following candidates were found but could not be injected:     - Bean method 'userInfoRestTemplateFactory' in 'ResourceServerTokenServicesConfiguration' not loaded because @ConditionalOnMissingBean (types: org.springframework.security.oauth2.config.annotation.web.configuration.AuthorizationServerEndpointsConfiguration; SearchStrategy: all) found beans of type 'org.springframework.security.oauth2.config.annotation.web.configuration.AuthorizationServerEndpointsConfiguration' org.springframework.security.oauth2.config.annotation.web.configuration.AuthorizationServerEndpointsConfiguration Action: Consider revisiting the entries above or defining a bean of type 'org.springframework.boot.autoconfigure.security.oauth2.resource.UserInfoRestTemplateFactory' in your configuration.

问题原因： (1)做服务器端OAuth,引用了客户端的相关jar，并且还没有配置；

问题二：

spring cloud security oauth2.0 默认是禁用Client模式进行授权的；Oauth2.0 client模式无法授权；

allowFormAuthenticationForClients()方法开启；

问题三：

密码模式获取token的情况下， Basic校验写错了

{     "timestamp": "2019-05-16T15:31:11.450+0000",     "status": 401,     "error": "Unauthorized",     "message": "Unauthorized",     "path": "/oauth/token" }

解决： 这个一种情况是Basic用户名密码写错了，在拦截器BasicAuthenticationFilter中校验不通过抛出异常

问题三：springSeurity明明配置了password授权，但是在做改动的时候提示如下

{     "error": "unsupported_grant_type",     "error_description": "Unsupported grant type: password" }

解答： AuthorizationServerEndpointsConfigurer类中获取所有的granter的时候，需要判断authenticationmananager是否为空，才能默认加载password权限分配器

问题四：

java.lang.IllegalStateException: Cannot apply org.springframework.security.config.annotation.web.configurers.ExpressionUrlAuthorizationConfigurer@6d8b7ea9 to already built object     at org.springframework.security.config.annotation.AbstractConfiguredSecurityBuilder.add(AbstractConfiguredSecurityBuilder.java:196) ~[spring-security-config-5.1.4.RELEASE.jar:5.1.4.RELEASE]     at org.springframework.security.config.annotation.AbstractConfiguredSecurityBuilder.apply(AbstractConfiguredSecurityBuilder.java:133) ~[spring-security-config-5.1.4.RELEASE.jar:5.1.4.RELEASE]     at org.springframework.security.config.annotation.web.builders.HttpSecurity.getOrApply(HttpSecurity.java:1501) ~[spring-security-config-5.1.4.RELEASE.jar:5.1.4.RELEASE]     at org.springframework.security.config.annotation.web.builders.HttpSecurity.authorizeRequests(HttpSecurity.java:654) ~[spring-security-config-5.1.4.RELEASE.jar:5.1.4.RELEASE]     at org.springframework.security.oauth2.config.annotation.web.configurers.ResourceServerSecurityConfigurer.configure(ResourceServerSecurityConfigurer.java:222) ~[spring-security-oauth2-2.3.4.RELEASE.jar:na]     at org.springframework.security.oauth2.config.annotation.web.configurers.ResourceServerSecurityConfigurer.configure(ResourceServerSecurityConfigurer.java:59) ~[spring-security-oauth2-2.3.4.RELEASE.jar:na]     at org.springframework.security.config.annotation.AbstractConfiguredSecurityBuilder.configure(AbstractConfiguredSecurityBuilder.java:384) ~[spring-security-config-5.1.4.RELEASE.jar:5.1.4.RELEASE]     at org.springframework.security.config.annotation.AbstractConfiguredSecurityBuilder.doBuild(AbstractConfiguredSecurityBuilder.java:330) ~[spring-security-config-5.1.4.RELEASE.jar:5.1.4.RELEASE]     at org.springframework.security.config.annotation.AbstractSecurityBuilder.build(AbstractSecurityBuilder.java:41) ~[spring-security-config-5.1.4.RELEASE.jar:5.1.4.RELEASE]     at org.springframework.security.config.annotation.web.builders.WebSecurity.performBuild(WebSecurity.java:294) ~[spring-security-config-5.1.4.RELEASE.jar:5.1.4.RELEASE]     at org.springframework.security.config.annotation.web.builders.WebSecurity.performBuild(WebSecurity.java:79) ~[spring-security-config-5.1.4.RELEASE.jar:5.1.4.RELEASE]     at org.springframework.security.config.annotation.AbstractConfiguredSecurityBuilder.doBuild(AbstractConfiguredSecurityBuilder.java:334) ~[spring-security-config-5.1.4.RELEASE.jar:5.1.4.RELEASE]     at org.springframework.security.config.annotation.AbstractSecurityBuilder.build(AbstractSecurityBuilder.java:41) ~[spring-security-config-5.1.4.RELEASE.jar:5.1.4.RELEASE]     at org.springframework.security.config.annotation.web.configuration.WebSecurityConfiguration.springSecurityFilterChain(WebSecurityConfiguration.java:104) ~[spring-security-config-5.1.4.RELEASE.jar:5.1.4.RELEASE]     at org.springframework.security.config.annotation.web.configuration.WebSecurityConfiguration$$EnhancerBySpringCGLIB$$415a6f9.CGLIB$springSecurityFilterChain$2(<generated>) ~[spring-security-config-5.1.4.RELEASE.jar:5.1.4.RELEASE]     at org.springframework.security.config.annotation.web.configuration.WebSecurityConfiguration$$EnhancerBySpringCGLIB$$415a6f9$$FastClassBySpringCGLIB$$55f25315.invoke(<generated>) ~[spring-security-config-5.1.4.RELEASE.jar:5.1.4.RELEASE]     at org.springframework.cglib.proxy.MethodProxy.invokeSuper(MethodProxy.java:244) ~[spring-core-5.1.5.RELEASE.jar:5.1.5.RELEASE]     at org.springframework.context.annotation.ConfigurationClassEnhancer$BeanMethodInterceptor.intercept(ConfigurationClassEnhancer.java:363) ~[spring-context-5.1.5.RELEASE.jar:5.1.5.RELEASE]     at org.springframework.security.config.annotation.web.configuration.WebSecurityConfiguration$$EnhancerBySpringCGLIB$$415a6f9.springSecurityFilterChain(<generated>) ~[spring-security-config-5.1.4.RELEASE.jar:5.1.4.RELEASE]     at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) ~[na:1.8.0_162]     at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) ~[na:1.8.0_162]     at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) ~[na:1.8.0_162]     at java.lang.reflect.Method.invoke(Method.java:498) ~[na:1.8.0_162]     at org.springframework.beans.factory.support.SimpleInstantiationStrategy.instantiate(SimpleInstantiationStrategy.java:154) ~[spring-beans-5.1.5.RELEASE.jar:5.1.5.RELEASE]     ... 22 common frames omitted

问题5：

{     "error": "invalid_token",     "error_description": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOlsidXNlci1zZXJ2aWNlcyJdLCJleHAiOjE1NTg2NzcwNjgsInVzZXJfbmFtZSI6ImFkbWluIiwianRpIjoiYjlkMjY5YjgtOGE4Yi00ZDI1LTk4YzktMzkwNzRlNGNhMzk3IiwiY2xpZW50X2lkIjoibGl4aWFvaGFvIiwic2NvcGUiOlsidXNlciJdfQ.Pa03fAoN0APHQMh5FSUWRtxtQbn5vVN1JQGLu-Ql8k4" }

解决： 原因多样，总的来说就是去服务器端根据token查询用户信息错误（1）就是token失效等 （2）地址在没有配置ssl的时候使用https等

问题6：

{     "error": "access_denied",     "error_description": "Invalid token does not contain resource id (oauth2-resource)" }

解决： 用户去资源服务器锁清秋的资源标识，在token中不存在； 如你生成的token中可用资源包括 查询用户信息，但是在请求用户信息的时候，它有拦截会查看你token中的标识是否跟自己的标识相同

问题7：

java.lang.IllegalArgumentException: Invalid character found in method name. HTTP method names must be tokens

解决:请求协议不一致，应该都为http或https

问题8：

Caused by: feign.FeignException: status 403 reading OAuthUserService#testautherization()     at feign.FeignException.errorStatus(FeignException.java:78)     at feign.codec.ErrorDecoder$Default.decode(ErrorDecoder.java:93)     at feign.SynchronousMethodHandler.executeAndDecode(SynchronousMethodHandler.java:149)     at feign.SynchronousMethodHandler.invoke(SynchronousMethodHandler.java:78)     at feign.ReflectiveFeign$FeignInvocationHandler.invoke(ReflectiveFeign.java:103)     at com.sun.proxy.$Proxy138.testautherization(Unknown Source)     at com.enci.test.server.module.controller.PolicyController.feignRequest(PolicyController.java:151)     at com.enci.test.server.module.controller.PolicyController$$FastClassBySpringCGLIB$$c9349f5f.invoke(<generated>)     at org.springframework.cglib.proxy.MethodProxy.invoke(MethodProxy.java:218)     at org.springframework.aop.framework.CglibAopProxy$CglibMethodInvocation.invokeJoinpoint(CglibAopProxy.java:749)     at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:163)     at org.springframework.aop.framework.adapter.MethodBeforeAdviceInterceptor.invoke(MethodBeforeAdviceInterceptor.java:56)     at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:186)     at org.springframework.aop.interceptor.ExposeInvocationInterceptor.invoke(ExposeInvocationInterceptor.java:93)     at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:186)     at org.springframework.aop.framework.CglibAopProxy$DynamicAdvisedInterceptor.intercept(CglibAopProxy.java:688)     at com.enci.test.server.module.controller.PolicyController$$EnhancerBySpringCGLIB$$6f5b74e0.feignRequest(<generated>)     at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)     at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)     at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)     at java.lang.reflect.Method.invoke(Method.java:498)     at org.springframework.web.method.support.InvocableHandlerMethod.doInvoke(InvocableHandlerMethod.java:189)     at org.springframework.web.method.support.InvocableHandlerMethod.invokeForRequest(InvocableHandlerMethod.java:138)     at org.springframework.web.servlet.mvc.method.annotation.ServletInvocableHandlerMethod.invokeAndHandle(ServletInvocableHandlerMethod.java:102)     at org.springframework.web.servlet.mvc.method.annotation.RequestMappingHandlerAdapter.invokeHandlerMethod(RequestMappingHandlerAdapter.java:895)     at org.springframework.web.servlet.mvc.method.annotation.RequestMappingHandlerAdapter.handleInternal(RequestMappingHandlerAdapter.java:800)     at org.springframework.web.servlet.mvc.method.AbstractHandlerMethodAdapter.handle(AbstractHandlerMethodAdapter.java:87)     at org.springframework.web.servlet.DispatcherServlet.doDispatch(DispatcherServlet.java:1038)     at org.springframework.web.servlet.DispatcherServlet.doService(DispatcherServlet.java:942)     at org.springframework.web.servlet.FrameworkServlet.processRequest(FrameworkServlet.java:1005)     ... 102 more

解决：权限不足， 获取的token中锁允许访问的resource与实际访问的resource信息不匹配，被拒绝访问