我在Google App Engine上遇到了Spring Security和OAuth 2.0的問題。
我使用本教程設定了OAuth,在本地一切正常。當訪問除"/"以外的任何端點時,您將被重定向到 Google 登錄頁面。
當我將應用程式部署到 Google App Engine 時,問題開始出現。
應用程式不斷重啟,而且日志也不是很清楚。我試著從頭開始設定一切,我發現即使只改變pom.xml檔案并添加spring-boot-starter-security或spring-boot-starter-oauth2-client依賴,而不添加任何安全相關的代碼也會導致應用程式重新啟動。
我認為這可能是與安全自動配置有關的問題,但我主要是 .NET 開發人員,我真的不知道如何發現這個錯誤。
我所期望的是應用程式在 GAE 上的作業與本地作業一樣好。
我的pom.xml檔案看起來如下:
<?xml version="1.0" encoding="UTF-8"?>
<專案xmlns="http://maven.apache.org/POM/4.0.0"/span> xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"/span>
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 https://maven.apache.org/xsd/maven-4.0.0.xsd">
<modelVersion>4.00</modelVersion>
<artifactId>time-off-backend</artifactId>
<packaging>jar</packaging>
<name>time-off-backend</name>
<description>Time-off專案</description>
<groupId>pl.devapo</groupId>
<版本>1.0.0</version>
<屬性>
<project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
<project.Reporting.outputEncoding>UTF-8</project.Reporting.outputEncoding>
<java.version>11</java.version>
</properties>
<profiles>
<profile>
<id>Cloud-gcp</id>
<dependencies>
<依賴性>
<groupId>org.springframework.cloud</groupId>
<artifactId>spring-cloud-gcp-starter</artifactId>
<版本>1.1.1.RELEASE</version>
</dependency>
<依賴性>
<groupId>org.springframework.cloud</groupId>
<artifactId>spring-cloud-gcp-starter-sql-mysql</artifactId>
<版本>1.0.0.RELEASE</version>
</dependency>
</dependencies>
<構建>
<plugins>
<插件>
<groupId>com.google.cloud.tools</groupId>
<artifactId>appengine-maven-plugin</artifactId>
<版本>1.3.2</version>
</plugin>
</plugins>
</build>
</profile>
</profiles>
<dependencies>
<依賴性>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-data-jpa</artifactId>
<版本>2.4.4</version>
</dependency>
<依賴性>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-web</artifactId>
<版本>2.4.4</version>
</dependency>
<依賴性>
<groupId>commons-beanutils</groupId>
<artifactId>commons-beanutils</artifactId>
<版本>1.9.4</version>
</dependency>
<依賴性>
<groupId>com.h2database</groupId>
<artifactId>h2</artifactId>
<版本>1.4.200</version>
<范圍>運行時</范圍>
</dependency>
<依賴性>
<groupId>org.projectlombok</groupId>
<artifactId>lombok</artifactId>
<optional>true</optional>
<版本>1.18.20</version>
</dependency>
<依賴性>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-test</artifactId>
<范圍>測驗</范圍>
<版本>2.4.4</version>
</dependency>
<依賴性>
<groupId>javax.xml.bind</groupId>
<artifactId>jaxb-api</artifactId>
<版本>2.3.0</version>
</dependency>
<依賴性>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-validation</artifactId>
<版本>2.4.4</version>
</dependency>
<依賴性>
<groupId>io.springfox</groupId>
<artifactId> springfox-swagger2</artifactId>
<版本>2.9.2</version>
<exclusions>
<exclusion>
<groupId>com.s fasterxml.jackson.core</groupId>
<artifactId>jackson-annotations</artifactId>
</exclusion>
</exclusions>
</dependency>
<依賴性>
<groupId>io.springfox</groupId>
<artifactId> springfox-swagger-ui</artifactId>
<版本>2.9.2</version>
</dependency>
<依賴性>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-oauth2-client</artifactId>
<版本>2.5.2</version>
</dependency>
<依賴性>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-security</artifactId>
<版本>2.5.2</version>
</dependency>
</dependencies>
<構建>
<plugins>
<插件>
<groupId>org.springframework.boot</groupId>
<artifactId> spring-boot-maven-plugin</artifactId>
<配置>
<mainClass>
pl.devapo.timeoff.TimeOffApplication
</mainClass>
</configuration>
<executions>
<執行>
<目標>
<目標>重新打包</目標>
</goals>
</Execution>
</executions>
</plugin>
<!-- todo delete-->
<插件>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-compiler-plugin</artifactId>
<配置>
<source>11</source>
<目標>11</target>
</configuration>
</plugin>
</plugins>
</build>
</project>
app-test.yaml檔案:
runtime: java11
服務:backend-test
入口: java -Xmx64m -jar target/time-off-backend-1.0.0.jar --debug
env_variables:
SPRING_PROFILES_ACTIVE: "test"。
database_username: ...
database_password: ...
處理程式。
- url: /.*
腳本。this欄位是必須的,但被忽略了
manual_scaling:
實體。1
在我的application.properties檔案中,我添加了這兩行內容:
spring.security.oauth2.client.registration.google.client-id=...
spring.security.oauth2.client.registration.google.client-secret=...
最后,我的SecurityConfig.java檔案:
package pl.devapo.timeoff.config。
import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.web.builders.HttpSecurity。
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
@Configuration
public class SecurityConfig extends WebSecurityConfigurerAdapter {
@Override
public void configure(HttpSecurity http) throws Exception {
例外
.antMatcher("/**"/span>).authorizeRequests()
.antMatchers(new String[]{"/", "/not-restricted"}) .permitAll()
.anyRequest().authenticated()
.and()
.oauth2Login()。
}
日志看起來像這樣:
2021-07-20 17: 07:56 backend-test[20210720t190541] 。 ____ _ __ _ _
2021-07-20 17。 07:56 backend-test[20210720t190541] // ___'_ __ _(_)__ __ _
2021-07-20 17:07:56 backend-test[20210720t190541] ( ( )___ | '_ | '_| | '_ / _` !
2021-07-20 17: 07:56 backend-test[20210720t190541] // ___)| |_)| | || (_| | ) ) )
2021-07-20 17: 07:56 backend-test[20210720t190541] ' |____| .__|_| |_|_| |_\__, | / / / /
2021-07-20 17:07:56 backend-test[20210720t190541] =========|_|==============|___/=/_/_/_/
2021-07-20 17:07:56 backend-test[20210720t190541] :: Spring Boot :: (v2.4.4)
2021-07-20 17:07:56 backend-test[20210720t190541] 。
2021-07-20 17:07:57 backend-test[20210720t190541] 2021-07-20 17:07:57.024 INFO 10 --- [ main] pl.devapo.timeoff.TimeOffApplication : Starting TimeOffApplication using Java 11.0.11 on localhost with PID 10 (/workspace/target/Time-off-backend-1.0.0.jar started by www-data in /workspace)
2021-07-20 17:07:57 backend-test[20210720t190541] 2021-07-20 17:07:57.028 INFO 10 --- [main] pl.devapo.timeoff.TimeOffApplication : 下列組態檔處于活動狀態:test
2021-07-20 17:07:58 backend-test[20210720t190541] 2021-07-20 17:07:58.759 INFO 10 --- [ main] .s.d.r.c.RepositoryConfigurationDelegate : Bootstrapping Spring Data JPA repositories in DEFAULT mode。
2021-07-20 17:07:58 backend-test[20210720t190541] 2021-07-20 17:07:58.919 INFO 10 --- [ main ] .s.d.r.c.RepositoryConfigurationDelegate 。在148毫秒內完成了Spring Data資源庫的掃描。找到了6個JPA資源庫介面。
2021-07-20 17:08:00 backend-test[20210720t190541] 2021-07-20 17:08:00.006 INFO 10 --- [main] o.s.b.w.embedded.tomcat.TomcatWebServer : Tomcat初始化,埠:8080(http)。
2021-07-20 17:08:00 backend-test[20210720t190541] 2021-07-20 17:08:00.024 INFO 10 --- [ main] o.apache.catalina.core.StandardService : 啟動服務[Tomcat]
2021-07-20 17:08:00 backend-test[20210720t190541] 2021-07-20 17:08:00.024 INFO 10 --- [ main] org.apache.catalina.core.StandardEngine : 啟動Servlet引擎。[Apache Tomcat/9.0.44]。
2021-07-20 17:08:00 backend-test[20210720t190541] 2021-07-20 17:08:00.108 INFO 10 --- [ main] o.a.c.c.C.[Tomcat].[localhost].[/] : Initializing Spring embedded WebApplicationContext
2021-07-20 17:08:00 backend-test[20210720t190541] 2021-07-20 17:08:00.108 INFO 10 --- [ main] w.s.c.ServletWebServerApplicationContext : Root WebApplicationContext: initialization completed in 2967 ms
2021-07-20 17:08:00 backend-test[20210720t190541] 2021-07-20 17:08:00.836 INFO 10 --- [ main] o.hibernate.jpa.internal.util.LogHelper : HHH000204: 處理PersistenceUnitInfo [name: default] 。
2021-07-20 17:08:00 backend-test[20210720t190541] 2021-07-20 17:08:00.929 INFO 10 --- [ main] org.hibernate.Version : HHH000412: Hibernate ORM core version 5.4.29.Final
2021-07-20 17:08:01 backend-test[20210720t190541] 2021-07-20 17:08:01.162 INFO 10 --- [ main] o.hibernate.annotations.common.Version : HCANN000001: Hibernate Commons Annotations {5.1.2.Final} 。
2021-07-20 17:08:01 backend-test[20210720t190541] 2021-07-20 17:08:01.320 INFO 10 --- [ main] com.zaxxer.hikari.HikariDataSource : HikariPool-1 - Starting...
2021-07-20 17:08:01 backend-test[20210720t190541] 2021-07-20 17:08:01.649 INFO 10 --- [ main] com.zaxxer.hikari.HikariDataSource : HikariPool-1 - 啟動完畢。
2021-07-20 17:08:01 backend-test[20210720t190541] 2021-07-20 17:08:01.705 INFO 10 --- [ main] org.hibernate.dialect.Dialect : HHH000400: Using dialect: org.hibernate.dialect.H2Dialect
2021-07-20 17:08:03 backend-test[20210720t190541] 2021-07-20 17:08:03.478 INFO 10 --- [ main ] o.h.e.t.j.p.i.JtaPlatformInitiator : HHH000490: 使用JtaPlatform實作。[org.hibernate.engine.transaction.jta.platform.internal.NoJtaPlatform] 。
2021-07-20 17:08:03 backend-test[20210720t190541] 2021-07-20 17:08:03.501 INFO 10 --- [ main] j.LocalContainerEntityManagerFactoryBean : Initialized JPA EntityManagerFactory for persistence unit '/span>default'
2021-07-20 17:08:04 backend-test[20210720t190541] 2021-07-20 17:08:04.444 WARN 10 --- [ main] JpaBaseConfiguration$JpaWebConfiguration : spring.jpa.open-in-view默認啟用。因此,在視圖渲染程序中可能會進行資料庫查詢。明確配置spring.jpa.open-in-view來禁用這個警告。
2021-07-20 17:08:05 backend-test[20210720t190541] 2021-07-20 17:08:05.096 INFO 10 --- [ main] pertySourcedRequestMappingHandlerMapping : 將URL路徑[/v2/api-docs]映射到方法[springfox.document.swagger2.web.Swagger2Controller#getDocumentation(String, HttpServletRequest)]
2021-07-20 17:08:05 backend-test[20210720t190541] 2021-07-20 17:08:05.407 INFO 10 --- [ main ] o.s.s.concurrent.ThreadPoolTaskExecutor : Initializing ExecutorService 'applicationTaskExecutor'
2021-07-20 17:08:06 backend-test[20210720t190541] 2021-07-20 17:08:06.071 INFO 10 --- [main] o.s.s.web.DefaultSecurityFilterChain : Will secure Ant [pattern='/**' ] with [org. springframework.security.web.context.request.async.WebAsyncManagerIntegrationFilter@2ac519dc, org.springframework.security.web.context. SecurityContextPersistenceFilter@2b73bd6b, org.springframework.security.web.header.HeaderWriterFilter@5f0bab7e, org.springframework.security.web.csrf.CsrfFilter@1eb9a3ef, org.springframework.web.authentication.logout.Filter@2ac519dc. org.springframework.security.web.authentication.logout.LogoutFilter@2da81754, org.springframework.security.oauth2.client.web.OAuth2AuthorizationRequestRedirectFilter@5e593b08. web.OAuth2LoginAuthenticationFilter@3946075, org.springframework.security.web.authentication.ui.DefaultLoginPageGeneratingFilter@4998e74b, org.springframework.security.web.authentication.ui.DefaultLoginPageGeneratingFilter@4998e74b. authentication.ui.DefaultLogoutPageGeneratingFilter@3d53e6f7, org.springframework.security.web.sedrequest.RequestCacheAwareFilter@750ed637, org.springframework.security.web.servletapi. org.springframework.security.web.servletapi.SecurityContextHolderAwareRequestFilter@18d11527, org.springframework.security.web.authentication.AnonymousAuthenticationFilter@1de4bee0, org.springframework.security.web.session.Session ManagementFilter@337a. SessionManagementFilter@337a6d30, org.springframework.security.web.access.ExceptionTranslationFilter@58fd1214, org.springframework.security.web.access.intercept.FilterSecurityInterceptor@3fe512d2 ]
2021-07-20 17:08:06 backend-test[20210720t190541] 2021-07-20 17:08:06.163 INFO 10 --- [ main] o.s.b.w.embedded.tomcat.TomcatWebServer : Tomcat started on port(s): 8080 (http) with context path ''
2021-07-20 17:08:06 backend-test[20210720t190541] 2021-07-20 17:08:06.166 INFO 10 --- [ main] d.s.w.p.DocumentPluginsBootstrapper : Context refreshed
2021-07-20 17:08:06 backend-test[20210720t190541] 2021-07-20 17:08:06.244 INFO 10 --- [main] d.s.w.p.DocumentPluginsBootstrapper : Found 1 custom documentation plugin(s)
2021-07-20 17:08:06 backend-test[20210720t190541] 2021-07-20 17:08:06.311 INFO 10 --- [nio-8080-exec-1] o.a.c.c.C. [Tomcat]. [localhost]. [/] : Initializing Spring DispatcherServlet 'dispatcherServlet' 。
2021-07-20 17:08:06 backend-test[20210720t190541] 2021-07-20 17:08:06.312 INFO 10 --- [nio-8080-exec-1] o.s.web.servlet.DispatcherServlet : Initializing Servlet 'dispatcherServlet' 。
2021-07-20 17:08:06 backend-test[20210720t190541] 2021-07-20 17:08:06.343 INFO 10 --- [nio-8080-exec-1] o.s.web.servlet.DispatcherServlet : 在31ms內完成初始化
2021-07-20 17:08:06 backend-test[20210720t190541] 2021-07-20 17:08:06.346 INFO 10 --- [main] s.d.s.w.s.ApiListingReferenceScanner : 正在掃描api listing references
2021-07-20 17:08:06 backend-test[20210720t190541] 2021-07-20 17:08:06.617 INFO 10 --- [ main] .d.s.w.r.o.CachingOperationNameGenerator : Generating unique operation named: findUsingGET_1
2021-07-20 17:08:06 backend-test[20210720t190541] 2021-07-20 17:08:06.620 INFO 10 --- [ main] .d.s.w.r.o.CachingOperationNameGenerator : Generating unique operation named: getUsingGET_1
2021-07-20 17:08:06 backend-test[20210720t190541] 2021-07-20 17:08:06.655 INFO 10 --- [ main] .d.s.w.r.o.CachingOperationNameGenerator : Generating unique operation named: findUsingGET_2
2021-07-20 17:08:06 backend-test[20210720t190541] 2021-07-20 17:08:06.657 INFO 10 --- [ main] .d.s.w.r.o.CachingOperationNameGenerator : Generating unique operation named: getUsingGET_2
2021-07-20 17:08:06 backend-test[20210720t190541] 2021-07-20 17:08:06.669 INFO 10 --- [ main] .d.s.w.r.o.CachingOperationNameGenerator : Generating unique operation named: findUsingGET_3
2021-07-20 17:08:06 backend-test[20210720t190541] 2021-07-20 17:08:06.671 INFO 10 --- [ main] .d.s.w.r.o.CachingOperationNameGenerator : Generating unique operation named: getUsingGET_3
2021-07-20 17:08:06 backend-test[20210720t190541] 2021-07-20 17:08:06.687 INFO 10 --- [ main] .d.s.w.r.o.CachingOperationNameGenerator : Generating unique operation named: cancelUsingPOST_1
2021-07-20 17:08:06 backend-test[20210720t190541] 2021-07-20 17:08:06.695 INFO 10 --- [ main] .d.s.w.r.o.CachingOperationNameGenerator : Generating unique operation named: findUsingGET_4
2021-07-20 17:08:06 backend-test[20210720t190541] 2021-07-20 17:08:06.697 INFO 10 --- [ main] .d.s.w.r.o.CachingOperationNameGenerator : Generating unique operation named: getUsingGET_4
2021-07-20 17:08:06 backend-test[20210720t190541] 2021-07-20 17:08:06.705 INFO 10 --- [ main] .d.s.w.r.o.CachingOperationNameGenerator : Generating unique operation named: saveUsingPOST_1
2021-07-20 17:08:06 backend-test[20210720t190541] 2021-07-20 17:08:06.769 INFO 10 --- [ main] pl.devapo.timeoff.TimeOffApplication : Start TimeOffApplication in 10.578 seconds (JVM running for 11.602)
2021-07-20 17:08:06 backend-test[20210720t190541] 2021-07-20 17:08:06.796 INFO 10 --- [extShutdownHook] o.s.s.concurrent.ThreadPoolTaskExecutor : Shutting down ExecutorService 'applicationTaskExecutor' 。
2021-07-20 17:08:06 backend-test[20210720t190541] 2021-07-20 17:08:06.801 INFO 10 --- [extShutdownHook] j.LocalContainerEntityManagerFactoryBean : Closing JPA EntityManagerFactory for persistence unit 'default' 。
2021-07-20 17:08:06 backend-test[20210720t190541] 2021-07-20 17:08:06.804 INFO 10 --- [extShutdownHook] com.zaxxer.hikari.HikariDataSource : HikariPool-1 - Shutdown initiated...
2021-07-20 17:08:06 backend-test[20210720t190541] 2021-07-20 17:08:06.808 INFO 10 --- [extShutdownHook] com.zaxxer.hikari.HikariDataSource : HikariPool-1 - 關閉完畢。
2021-07-20 17:08:07 backend-test[20210720t190541] {"severity": "WARNING", "message": "應用程式正在監聽8080埠。我們建議你的應用程式監聽由PORT環境變數定義的埠,以利用8080埠的NGINX層。"}。
uj5u.com熱心網友回復:
在查看除錯級別的日志后,我們發現GAE需要端點/_ah/start來啟動應用程式,由于spring安全自動配置默認保護所有端點,你需要不保護/_ah/start端點,以使其在GAE上良好運行。
因此,在我們的SecurityConfig配置方法中加入這些內容后,一切都開始順利運行:
@Configuration
public class SecurityConfig extends WebSecurityConfigurerAdapter {
@Override
public void configure(HttpSecurity http) throws Exception {
http.authorizeRequests()
.antMatchers("/_ah/start") .permitAll()
.and()
.antMatcher("/**") .authorizeRequests()
.anyRequest().authenticated()
.and()
.oauth2Login()。
}
}
轉載請註明出處,本文鏈接:https://www.uj5u.com/yidong/317592.html
標籤: