请稍等 ...
×

采纳答案成功!

向帮助你的同学说点啥吧!感谢那些助人为乐的人

访问 h2-console 抛出异常 InsufficientAuthenticationException

在通过 browser 访问 h2-console 的时候可以正常访问,但是后台抛出了下面的异常。
看 log 是自定义异常处理类 ExceptionHandler implements ProblemHandling 引起的。如果把这个自定义异常处理类删除就没问题了。想问下这是什么原因呢?

22:20:08.139 DEBUG 10664 --- [nio-8083-exec-5] FilterChainProxy                         : Securing GET /favicon.ico
22:20:08.140 DEBUG 10664 --- [nio-8083-exec-5] SecurityContextPersistenceFilter         : Set SecurityContextHolder to empty SecurityContext
22:20:08.140 DEBUG 10664 --- [nio-8083-exec-5] AnonymousAuthenticationFilter            : Set SecurityContextHolder to anonymous SecurityContext
22:20:08.141 DEBUG 10664 --- [nio-8083-exec-5] SessionManagementFilter                  : Request requested invalid session id 65CF0DA8A28E79CC6A1F12D208AA4F6C
22:20:08.144 DEBUG 10664 --- [nio-8083-exec-5] FilterSecurityInterceptor                : Failed to authorize filter invocation [GET /favicon.ico] with attributes [authenticated]
22:20:08.151 DEBUG 10664 --- [nio-8083-exec-5] ExceptionHandlerExceptionResolver        : Using @ExceptionHandler com.haha.exception.handler.ExceptionHandler#handleThrowable(Throwable, NativeWebRequest)
22:20:08.155 ERROR 10664 --- [nio-8083-exec-5] AdviceTraits                             : Internal Server Error
org.springframework.security.authentication.InsufficientAuthenticationException: Full authentication is required to access this resource
	at org.springframework.security.web.access.ExceptionTranslationFilter.handleAccessDeniedException(ExceptionTranslationFilter.java:192)
	at org.springframework.security.web.access.ExceptionTranslationFilter.handleSpringSecurityException(ExceptionTranslationFilter.java:171)
	at org.springframework.security.web.access.ExceptionTranslationFilter.doFilter(ExceptionTranslationFilter.java:140)
	at org.springframework.security.web.access.ExceptionTranslationFilter.doFilter(ExceptionTranslationFilter.java:113)
	at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:336)
	at org.springframework.security.web.session.SessionManagementFilter.doFilter(SessionManagementFilter.java:126)
	at org.springframework.security.web.session.SessionManagementFilter.doFilter(SessionManagementFilter.java:81)
	at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:336)
	at org.springframework.security.web.authentication.AnonymousAuthenticationFilter.doFilter(AnonymousAuthenticationFilter.java:105)
	at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:336)
	at org.springframework.security.web.servletapi.SecurityContextHolderAwareRequestFilter.doFilter(SecurityContextHolderAwareRequestFilter.java:149)
	at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:336)
	at org.springframework.security.web.savedrequest.RequestCacheAwareFilter.doFilter(RequestCacheAwareFilter.java:63)
	at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:336)
	at org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter.doFilter(AbstractAuthenticationProcessingFilter.java:218)
	at org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter.doFilter(AbstractAuthenticationProcessingFilter.java:212)
	at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:336)
	at org.springframework.security.web.authentication.logout.LogoutFilter.doFilter(LogoutFilter.java:103)
	at org.springframework.security.web.authentication.logout.LogoutFilter.doFilter(LogoutFilter.java:89)
	at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:336)
	at org.springframework.security.web.header.HeaderWriterFilter.doHeadersAfter(HeaderWriterFilter.java:90)
	at org.springframework.security.web.header.HeaderWriterFilter.doFilterInternal(HeaderWriterFilter.java:75)
	at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:119)
	at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:336)
	at org.springframework.security.web.context.SecurityContextPersistenceFilter.doFilter(SecurityContextPersistenceFilter.java:110)
	at org.springframework.security.web.context.SecurityContextPersistenceFilter.doFilter(SecurityContextPersistenceFilter.java:80)
	at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:336)
	at org.springframework.security.web.context.request.async.WebAsyncManagerIntegrationFilter.doFilterInternal(WebAsyncManagerIntegrationFilter.java:55)
	at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:119)
	at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:336)
	at org.springframework.security.web.FilterChainProxy.doFilterInternal(FilterChainProxy.java:211)
	at org.springframework.security.web.FilterChainProxy.doFilter(FilterChainProxy.java:183)
	at org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:358)
	at org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:271)
	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
	at org.springframework.web.filter.RequestContextFilter.doFilterInternal(RequestContextFilter.java:100)
	at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:119)
	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
	at org.springframework.web.filter.FormContentFilter.doFilterInternal(FormContentFilter.java:93)
	at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:119)
	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
	at org.springframework.web.filter.CharacterEncodingFilter.doFilterInternal(CharacterEncodingFilter.java:201)
	at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:119)
	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
	at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:202)
	at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:97)
	at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:542)
	at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:143)
	at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:92)
	at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:78)
	at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:343)
	at org.apache.coyote.http11.Http11Processor.service(Http11Processor.java:374)
	at org.apache.coyote.AbstractProcessorLight.process(AbstractProcessorLight.java:65)
	at org.apache.coyote.AbstractProtocol$ConnectionHandler.process(AbstractProtocol.java:888)
	at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1597)
	at org.apache.tomcat.util.net.SocketProcessorBase.run(SocketProcessorBase.java:49)
	at java.base/java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1128)
	at java.base/java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:628)
	at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61)
	at java.base/java.lang.Thread.run(Thread.java:834)
22:20:08.157 DEBUG 10664 --- [nio-8083-exec-5] HttpEntityMethodProcessor                : Found 'Content-Type:application/problem+json' in response
22:20:08.161 DEBUG 10664 --- [nio-8083-exec-5] HttpEntityMethodProcessor                : Writing [about:blank{500, Internal Server Error, Full authentication is required to access this resource}]
22:20:08.163 DEBUG 10664 --- [nio-8083-exec-5] HttpSessionSecurityContextRepository     : Did not store empty SecurityContext
22:20:08.164 DEBUG 10664 --- [nio-8083-exec-5] ExceptionHandlerExceptionResolver        : Resolved [org.springframework.security.authentication.InsufficientAuthenticationException: Full authentication is required to access this resource]
22:20:08.164 DEBUG 10664 --- [nio-8083-exec-5] SecurityContextPersistenceFilter         : Cleared SecurityContextHolder to complete request

@ControllerAdvice
public class ExceptionHandler implements ProblemHandling {
    @Override
    public boolean isCausalChainsEnabled() {
        return true;
    }
}
abulaka 2020-12-29 22:28:39
源自:4-2  UserDetails、UserDetailsService和jdbcAuthentication
1043
收起

正在回答

2回答

接灰的电子产品 回答被采纳获得+3积分 2020-12-30 08:32:45

和这个没关系,看一下安全配置中应该需要对h2的相关 url 放行,参考git源码

0 回复 有任何疑惑可以回复我~
收起回答
  • 提问者 abulaka #1 
    已经都放行了,不放行的话 http://localhost:8080/h2-console/ 是访问不了的。
现在的问题是可以正常访问 h2-console,只是后台控制台输出了上面的 error log,对使用没有任何影响。
不知道为什么会输出这个 error log。
    回复 有任何疑惑可以回复我~ 2020-12-30 10:23:32
  • 接灰的电子产品 回复 提问者 abulaka #2 
    设个断点,跟进去看一下,肯定是某个资源的url 没放行,不一定h2-console 本身,它用到的资源也要放行
    回复 有任何疑惑可以回复我~ 2020-12-30 13:04:04
取消 回复
接灰的电子产品 2020-12-30 13:31:28

: Failed to authorize filter invocation [GET /favicon.ico] with attributes [authenticated]
这个favicon 没有放行

1 回复 有任何疑惑可以回复我~
收起回答
取消 回复

相似问题

不是很理解在控制层
747 1 2
H2的连接题,现403
469 0 4
关于的自然和手动
994 0 3
feign的处理
1501 0 3
企业级开发的时候 也是控制层直接把去不用处理么。
826 1 4

登录后可查看更多问答,登录/注册

问题已解决,确定采纳
还有疑问,暂不采纳
Spring Security+OAuth2 精讲,打造企业级认证与授权
  • 参与学习       1031    人
  • 解答问题       314    个

一站式掌握主流安全框架与行业解决方案,从容应对各种安全难题。

了解课程

本课精华内容

问答

加了Resource Bundle,以及yml内添加messages只有登录页面展示还是乱码

840 9

H2无法连接

1.1k 9

请问源码全部导入进去怎么成功运行起来呢?

489 7

为什么不加token方法依然可以访问?

1.0k 6

3-3 验证错误时不会返回详细的错误信息

774 6

查看更多本课问答
意见反馈 帮助中心 APP下载
官方微信