spring-security project crush when unauthorized user try to login with unknown username & password

huangapple
go评论109阅读模式
英文:

spring-security project crush when unauthorized user try to login with unknown username & password

问题

尝试配置Spring Security。使用有效的用户名和密码工作正常。但是当我输入错误的用户名和密码时,它会抛出NullPointerException。

UserDetailsService 接口实现 ->

  1. @Slf4j
  2. @Service
  3. public class ApiClient_Service implements UserDetailsService {
  4.     @Autowired
  5.     ApiClient_Repository apiClient_repository;
  7.     @Override
  8.     public UserDetails loadUserByUsername(String $username) throws UsernameNotFoundException {
  9.         ApiClient _apiClient = apiClient_repository.findByName($username);
  10.         if (!_apiClient.equals(null)) {
  11.             log.info("authorized api-client logged-in: " + _apiClient);
  12.             return new ApiClient_Details(_apiClient);
  13.         } else {
  14.             throw new UsernameNotFoundException("unauthorized api-client...");
  15.         }
  16.     }
  17. }

UserDetails 接口实现 ->

  1. @AllArgsConstructor
  2. public class ApiClient_Details implements UserDetails {
  3.     private ApiClient apiClient;
  5.     @Override
  6.     public Collection<? extends GrantedAuthority> getAuthorities() throws UsernameNotFoundException {
  7.         return Collections.singleton(new SimpleGrantedAuthority("ROLE_" + this.apiClient.getRole()));
  8.     }
  10.     @Override
  11.     public String getPassword() {
  12.         return this.apiClient.getPassword();
  13.     }
  15.     @Override
  16.     public String getUsername() {
  17.         return this.apiClient.getName();
  18.     }
  20.     @Override
  21.     public boolean isAccountNonExpired() {
  22.         return !this.apiClient.isExpired();
  23.     }
  25.     @Override
  26.     public boolean isAccountNonLocked() {
  27.         return !this.apiClient.isLocked();
  28.     }
  30.     @Override
  31.     public boolean isCredentialsNonExpired() {
  32.         return !this.apiClient.isCredentialExpired();
  33.     }
  35.     @Override
  36.     public boolean isEnabled() {
  37.         return !this.apiClient.isDisabled();
  38.     }
  39. }

SecurityConfiguration 类 ->

  1. @EnableWebSecurity
  2. public class SecurityConfiguration extends WebSecurityConfigurerAdapter {
  3.     @Qualifier("apiClient_Service")
  4.     @Autowired
  5.     UserDetailsService userDetailsService;
  7.     // 认证
  8.     @Override
  9.     protected void configure(AuthenticationManagerBuilder auth) throws Exception {
  10.         auth.userDetailsService(userDetailsService);
  11.     }
  13.     // 授权
  14.     @Override
  15.     protected void configure(HttpSecurity http) throws Exception {
  16.         http
  17.                 .csrf().disable()
  18.                 .authorizeRequests()
  19.                 .mvcMatchers("/books").hasRole("admin")
  20.                 .mvcMatchers("/book").hasRole("admin")
  21.                 .mvcMatchers("/").permitAll()
  22.                 .and()
  23.                 .formLogin().permitAll();
  24.     }
  26.     // 加密
  27.     @Bean
  28.     public PasswordEncoder getPasswordEncoder(){
  29.         return NoOpPasswordEncoder.getInstance();
  30.     }
  31. }

控制台摘要:

  1. 2020-10-19 16:25:30.694 ERROR 11852 --- [nio-8080-exec-2] w.a.UsernamePasswordAuthenticationFilter : 尝试对用户进行身份验证时发生内部错误。
  3. org.springframework.security.authentication.InternalAuthenticationServiceException: null
  4.     at org.springframework.security.authentication.dao.DaoAuthenticationProvider.retrieveUser(DaoAuthenticationProvider.java:123) ~[spring-security-core-5.3.4.RELEASE.jar:5.3.4.RELEASE]
  5.     ...
  7. 2020-10-19 16:25:30.713 ERROR 11852 --- [nio-8080-exec-3] o.a.c.c.C.[.[.[/].[dispatcherServlet]    : 在路径为 [] 的上下文中,为 servlet [dispatcherServlet] 提供了服务,抛出异常
  9. java.lang.IllegalArgumentException: 需要输入
  10.     at org.springframework.util.Assert.notNull(Assert.java:201) ~[spring-core-5.2.9.RELEASE.jar:5.2.9.RELEASE]
  11.     ...

完整控制台输出在此省略。

英文:

Trying to configure spring security. It works fine with a valid username & password. But when I enter the wrong username & password, It gives me a NullPointerException.

UserDetailsService interface implementation ->

  1. @Slf4j
  2. @Service
  3. public class ApiClient_Service implements UserDetailsService {
  4.     @Autowired
  5.     ApiClient_Repository apiClient_repository;
  7.     @Override
  8.     public UserDetails loadUserByUsername(String $username) throws UsernameNotFoundException {
  9.         ApiClient _apiClient = apiClient_repository.findByName($username);
  10.         if(!_apiClient.equals(null)) {
  11.             log.info(&quot;authorized api-client logged-in: &quot;+_apiClient);
  12.             return new ApiClient_Details(_apiClient);
  13.         }else {
  14.             throw new UsernameNotFoundException(&quot;unauthorized api-client...&quot;);
  15.         }
  16.     }
  17. }

UserDetails interface implementation ->

  2. @AllArgsConstructor
  3. public class ApiClient_Details implements UserDetails {
  4.     private ApiClient apiClient;
  6.     @Override
  7.     public Collection&lt;? extends GrantedAuthority&gt; getAuthorities()throws UsernameNotFoundException {
  8.         return Collections.singleton(new SimpleGrantedAuthority(&quot;ROLE_&quot;+this.apiClient.getRole()));
  9.     }
  11.     @Override
  12.     public String getPassword() {
  13.         return this.apiClient.getPassword();
  14.     }
  16.     @Override
  17.     public String getUsername() {
  18.         return this.apiClient.getName();
  19.     }
  21.     @Override
  22.     public boolean isAccountNonExpired() {
  23.         return !this.apiClient.isExpired();
  24.     }
  26.     @Override
  27.     public boolean isAccountNonLocked() {
  28.         return !this.apiClient.isLocked();
  29.     }
  31.     @Override
  32.     public boolean isCredentialsNonExpired() {
  33.         return !this.apiClient.isCredentialExpired();
  34.     }
  36.     @Override
  37.     public boolean isEnabled() {
  38.         return !this.apiClient.isDisabled();
  39.     }
  40. }

SecurityConfiguration class ->

  1. @EnableWebSecurity
  2. public class SecurityConfiguration extends WebSecurityConfigurerAdapter {
  3.     @Qualifier(&quot;apiClient_Service&quot;)
  4.     @Autowired
  5.     UserDetailsService userDetailsService;
  7.     // authentication
  8.     @Override
  9.     protected void configure(AuthenticationManagerBuilder auth) throws Exception {
  10.         auth.userDetailsService(userDetailsService);
  11.     }
  13.     // authorization
  14.     @Override
  15.     protected void configure(HttpSecurity http) throws Exception {
  16.         http
  17.                 .csrf().disable()
  18.                 .authorizeRequests()
  19.                 .mvcMatchers(&quot;/books&quot;).hasRole(&quot;admin&quot;)
  20.                 .mvcMatchers(&quot;/book&quot;).hasRole(&quot;admin&quot;)
  21.                 .mvcMatchers(&quot;/&quot;).permitAll()
  22.                 .and()
  23.                 .formLogin().permitAll();
  24.     }
  26.     // encryption
  27.     @Bean
  28.     public PasswordEncoder getPasswordEncoder(){
  29.         return NoOpPasswordEncoder.getInstance();
  30.     }
  31. }

Console-summary:

  1. 2020-10-19 16:25:30.694 ERROR 11852 --- [nio-8080-exec-2] w.a.UsernamePasswordAuthenticationFilter : An internal error occurred while trying to authenticate the user.
  3. org.springframework.security.authentication.InternalAuthenticationServiceException: null
  4. 	at org.springframework.security.authentication.dao.DaoAuthenticationProvider.retrieveUser(DaoAuthenticationProvider.java:123) ~[spring-security-core-5.3.4.RELEASE.jar:5.3.4.RELEASE]
  5. 	at org.springframework.security.authentication.dao.AbstractUserDetailsAuthenticationProvider.authenticate(AbstractUserDetailsAuthenticationProvider.java:144) ~[spring-security-core-5.3.4.RELEASE.jar:5.3.4.RELEASE]
  6. 	at org.springframework.security.authentication.ProviderManager.authenticate(ProviderManager.java:199) ~[spring-security-core-5.3.4.RELEASE.jar:5.3.4.RELEASE]
  7. 	at org.springframework.security.authentication.ProviderManager.authenticate(ProviderManager.java:219) ~[spring-security-core-5.3.4.RELEASE.jar:5.3.4.RELEASE]
  8. 	at org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter.attemptAuthentication(UsernamePasswordAuthenticationFilter.java:95) ~[spring-security-web-5.3.4.RELEASE.jar:5.3.4.RELEASE]
  9. 	at org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter.doFilter(AbstractAuthenticationProcessingFilter.java:212) ~[spring-security-web-5.3.4.RELEASE.jar:5.3.4.RELEASE]
  10. 	at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334) ~[spring-security-web-5.3.4.RELEASE.jar:5.3.4.RELEASE]
  11. 	at org.springframework.security.web.authentication.logout.LogoutFilter.doFilter(LogoutFilter.java:116) ~[spring-security-web-5.3.4.RELEASE.jar:5.3.4.RELEASE]
  12. 	at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334) ~[spring-security-web-5.3.4.RELEASE.jar:5.3.4.RELEASE]
  13. 	at org.springframework.security.web.header.HeaderWriterFilter.doHeadersAfter(HeaderWriterFilter.java:92) ~[spring-security-web-5.3.4.RELEASE.jar:5.3.4.RELEASE]
  1. Caused by: java.lang.NullPointerException: null
  2. 	at org.io.firebase.service.ApiClient_Service.loadUserByUsername(ApiClient_Service.java:22) ~[classes/:na]
  3. 	at org.springframework.security.authentication.dao.DaoAuthenticationProvider.retrieveUser(DaoAuthenticationProvider.java:108) ~[spring-security-core-5.3.4.RELEASE.jar:5.3.4.RELEASE]
  4. 	... 51 common frames omitted
  6. 2020-10-19 16:25:30.713 ERROR 11852 --- [nio-8080-exec-3] o.a.c.c.C.[.[.[/].[dispatcherServlet]    : Servlet.service() for servlet [dispatcherServlet] in context with path [] threw exception
  8. java.lang.IllegalArgumentException: Input is required
  9. 	at org.springframework.util.Assert.notNull(Assert.java:201) ~[spring-core-5.2.9.RELEASE.jar:5.2.9.RELEASE]
  10. 	at org.springframework.web.util.HtmlUtils.htmlEscape(HtmlUtils.java:83) ~[spring-web-5.2.9.RELEASE.jar:5.2.9.RELEASE]
  11. 	at org.springframework.web.util.HtmlUtils.htmlEscape(HtmlUtils.java:63) ~[spring-web-5.2.9.RELEASE.jar:5.2.9.RELEASE]
  12. 	at org.springframework.security.web.authentication.ui.DefaultLoginPageGeneratingFilter.createError(DefaultLoginPageGeneratingFilter.java:353) ~[spring-security-web-5.3.4.RELEASE.jar:5.3.4.RELEASE]
  13. 	at org.springframework.security.web.authentication.ui.DefaultLoginPageGeneratingFilter.generateLoginPageHtml(DefaultLoginPageGeneratingFilter.java:253) ~[spring-security-web-5.3.4.RELEASE.jar:5.3.4.RELEASE]

$$Full Console:

  1. *
  2. Hibernate: select apiclient0_.id as id1_0_, apiclient0_.is_credential_expired as is_crede2_0_, apiclient0_.is_disabled as is_disab3_0_, apiclient0_.is_expired as is_expir4_0_, apiclient0_.is_locked as is_locke5_0_, apiclient0_.name as name6_0_, apiclient0_.password as password7_0_, apiclient0_.role as role8_0_ from apiclient apiclient0_ where apiclient0_.name=?
  3. 2020-10-19 16:25:30.694 ERROR 11852 --- [nio-8080-exec-2] w.a.UsernamePasswordAuthenticationFilter : An internal error occurred while trying to authenticate the user.
  4. org.springframework.security.authentication.InternalAuthenticationServiceException: null
  5. at org.springframework.security.authentication.dao.DaoAuthenticationProvider.retrieveUser(DaoAuthenticationProvider.java:123) ~[spring-security-core-5.3.4.RELEASE.jar:5.3.4.RELEASE]
  6. at org.springframework.security.authentication.dao.AbstractUserDetailsAuthenticationProvider.authenticate(AbstractUserDetailsAuthenticationProvider.java:144) ~[spring-security-core-5.3.4.RELEASE.jar:5.3.4.RELEASE]
  7. at org.springframework.security.authentication.ProviderManager.authenticate(ProviderManager.java:199) ~[spring-security-core-5.3.4.RELEASE.jar:5.3.4.RELEASE]
  8. at org.springframework.security.authentication.ProviderManager.authenticate(ProviderManager.java:219) ~[spring-security-core-5.3.4.RELEASE.jar:5.3.4.RELEASE]
  9. at org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter.attemptAuthentication(UsernamePasswordAuthenticationFilter.java:95) ~[spring-security-web-5.3.4.RELEASE.jar:5.3.4.RELEASE]
  10. at org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter.doFilter(AbstractAuthenticationProcessingFilter.java:212) ~[spring-security-web-5.3.4.RELEASE.jar:5.3.4.RELEASE]
  11. at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334) ~[spring-security-web-5.3.4.RELEASE.jar:5.3.4.RELEASE]
  12. at org.springframework.security.web.authentication.logout.LogoutFilter.doFilter(LogoutFilter.java:116) ~[spring-security-web-5.3.4.RELEASE.jar:5.3.4.RELEASE]
  13. at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334) ~[spring-security-web-5.3.4.RELEASE.jar:5.3.4.RELEASE]
  14. at org.springframework.security.web.header.HeaderWriterFilter.doHeadersAfter(HeaderWriterFilter.java:92) ~[spring-security-web-5.3.4.RELEASE.jar:5.3.4.RELEASE]
  15. at org.springframework.security.web.header.HeaderWriterFilter.doFilterInternal(HeaderWriterFilter.java:77) ~[spring-security-web-5.3.4.RELEASE.jar:5.3.4.RELEASE]
  16. at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:119) ~[spring-web-5.2.9.RELEASE.jar:5.2.9.RELEASE]
  17. at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334) ~[spring-security-web-5.3.4.RELEASE.jar:5.3.4.RELEASE]
  18. at org.springframework.security.web.context.SecurityContextPersistenceFilter.doFilter(SecurityContextPersistenceFilter.java:105) ~[spring-security-web-5.3.4.RELEASE.jar:5.3.4.RELEASE]
  19. at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334) ~[spring-security-web-5.3.4.RELEASE.jar:5.3.4.RELEASE]
  20. at org.springframework.security.web.context.request.async.WebAsyncManagerIntegrationFilter.doFilterInternal(WebAsyncManagerIntegrationFilter.java:56) ~[spring-security-web-5.3.4.RELEASE.jar:5.3.4.RELEASE]
  21. at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:119) ~[spring-web-5.2.9.RELEASE.jar:5.2.9.RELEASE]
  22. at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334) ~[spring-security-web-5.3.4.RELEASE.jar:5.3.4.RELEASE]
  23. at org.springframework.security.web.FilterChainProxy.doFilterInternal(FilterChainProxy.java:215) ~[spring-security-web-5.3.4.RELEASE.jar:5.3.4.RELEASE]
  24. at org.springframework.security.web.FilterChainProxy.doFilter(FilterChainProxy.java:178) ~[spring-security-web-5.3.4.RELEASE.jar:5.3.4.RELEASE]
  25. at org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:358) ~[spring-web-5.2.9.RELEASE.jar:5.2.9.RELEASE]
  26. at org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:271) ~[spring-web-5.2.9.RELEASE.jar:5.2.9.RELEASE]
  27. at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193) ~[tomcat-embed-core-9.0.38.jar:9.0.38]
  28. at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166) ~[tomcat-embed-core-9.0.38.jar:9.0.38]
  29. at org.springframework.web.filter.RequestContextFilter.doFilterInternal(RequestContextFilter.java:100) ~[spring-web-5.2.9.RELEASE.jar:5.2.9.RELEASE]
  30. at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:119) ~[spring-web-5.2.9.RELEASE.jar:5.2.9.RELEASE]
  31. at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193) ~[tomcat-embed-core-9.0.38.jar:9.0.38]
  32. at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166) ~[tomcat-embed-core-9.0.38.jar:9.0.38]
  33. at org.springframework.web.filter.FormContentFilter.doFilterInternal(FormContentFilter.java:93) ~[spring-web-5.2.9.RELEASE.jar:5.2.9.RELEASE]
  34. at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:119) ~[spring-web-5.2.9.RELEASE.jar:5.2.9.RELEASE]
  35. at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193) ~[tomcat-embed-core-9.0.38.jar:9.0.38]
  36. at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166) ~[tomcat-embed-core-9.0.38.jar:9.0.38]
  37. at org.springframework.web.filter.CharacterEncodingFilter.doFilterInternal(CharacterEncodingFilter.java:201) ~[spring-web-5.2.9.RELEASE.jar:5.2.9.RELEASE]
  38. at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:119) ~[spring-web-5.2.9.RELEASE.jar:5.2.9.RELEASE]
  39. at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193) ~[tomcat-embed-core-9.0.38.jar:9.0.38]
  40. at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166) ~[tomcat-embed-core-9.0.38.jar:9.0.38]
  41. at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:202) ~[tomcat-embed-core-9.0.38.jar:9.0.38]
  42. at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:97) ~[tomcat-embed-core-9.0.38.jar:9.0.38]
  43. at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:541) ~[tomcat-embed-core-9.0.38.jar:9.0.38]
  44. at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:143) ~[tomcat-embed-core-9.0.38.jar:9.0.38]
  45. at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:92) ~[tomcat-embed-core-9.0.38.jar:9.0.38]
  46. at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:78) ~[tomcat-embed-core-9.0.38.jar:9.0.38]
  47. at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:343) ~[tomcat-embed-core-9.0.38.jar:9.0.38]
  48. at org.apache.coyote.http11.Http11Processor.service(Http11Processor.java:374) ~[tomcat-embed-core-9.0.38.jar:9.0.38]
  49. at org.apache.coyote.AbstractProcessorLight.process(AbstractProcessorLight.java:65) ~[tomcat-embed-core-9.0.38.jar:9.0.38]
  50. at org.apache.coyote.AbstractProtocol$ConnectionHandler.process(AbstractProtocol.java:868) ~[tomcat-embed-core-9.0.38.jar:9.0.38]
  51. at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1590) ~[tomcat-embed-core-9.0.38.jar:9.0.38]
  52. at org.apache.tomcat.util.net.SocketProcessorBase.run(SocketProcessorBase.java:49) ~[tomcat-embed-core-9.0.38.jar:9.0.38]
  53. at java.base/java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1128) ~[na:na]
  54. at java.base/java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:628) ~[na:na]
  55. at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61) ~[tomcat-embed-core-9.0.38.jar:9.0.38]
  56. at java.base/java.lang.Thread.run(Thread.java:830) ~[na:na]
  57. Caused by: java.lang.NullPointerException: null
  58. at org.io.firebase.service.ApiClient_Service.loadUserByUsername(ApiClient_Service.java:22) ~[classes/:na]
  59. at org.springframework.security.authentication.dao.DaoAuthenticationProvider.retrieveUser(DaoAuthenticationProvider.java:108) ~[spring-security-core-5.3.4.RELEASE.jar:5.3.4.RELEASE]
  60. ... 51 common frames omitted
  61. 2020-10-19 16:25:30.713 ERROR 11852 --- [nio-8080-exec-3] o.a.c.c.C.[.[.[/].[dispatcherServlet]    : Servlet.service() for servlet [dispatcherServlet] in context with path [] threw exception
  62. java.lang.IllegalArgumentException: Input is required
  63. at org.springframework.util.Assert.notNull(Assert.java:201) ~[spring-core-5.2.9.RELEASE.jar:5.2.9.RELEASE]
  64. at org.springframework.web.util.HtmlUtils.htmlEscape(HtmlUtils.java:83) ~[spring-web-5.2.9.RELEASE.jar:5.2.9.RELEASE]
  65. at org.springframework.web.util.HtmlUtils.htmlEscape(HtmlUtils.java:63) ~[spring-web-5.2.9.RELEASE.jar:5.2.9.RELEASE]
  66. at org.springframework.security.web.authentication.ui.DefaultLoginPageGeneratingFilter.createError(DefaultLoginPageGeneratingFilter.java:353) ~[spring-security-web-5.3.4.RELEASE.jar:5.3.4.RELEASE]
  67. at org.springframework.security.web.authentication.ui.DefaultLoginPageGeneratingFilter.generateLoginPageHtml(DefaultLoginPageGeneratingFilter.java:253) ~[spring-security-web-5.3.4.RELEASE.jar:5.3.4.RELEASE]
  68. at org.springframework.security.web.authentication.ui.DefaultLoginPageGeneratingFilter.doFilter(DefaultLoginPageGeneratingFilter.java:207) ~[spring-security-web-5.3.4.RELEASE.jar:5.3.4.RELEASE]
  69. at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334) ~[spring-security-web-5.3.4.RELEASE.jar:5.3.4.RELEASE]
  70. at org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter.doFilter(AbstractAuthenticationProcessingFilter.java:200) ~[spring-security-web-5.3.4.RELEASE.jar:5.3.4.RELEASE]
  71. at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334) ~[spring-security-web-5.3.4.RELEASE.jar:5.3.4.RELEASE]
  72. at org.springframework.security.web.authentication.logout.LogoutFilter.doFilter(LogoutFilter.java:116) ~[spring-security-web-5.3.4.RELEASE.jar:5.3.4.RELEASE]
  73. at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334) ~[spring-security-web-5.3.4.RELEASE.jar:5.3.4.RELEASE]
  74. at org.springframework.security.web.header.HeaderWriterFilter.doHeadersAfter(HeaderWriterFilter.java:92) ~[spring-security-web-5.3.4.RELEASE.jar:5.3.4.RELEASE]
  75. at org.springframework.security.web.header.HeaderWriterFilter.doFilterInternal(HeaderWriterFilter.java:77) ~[spring-security-web-5.3.4.RELEASE.jar:5.3.4.RELEASE]
  76. at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:119) ~[spring-web-5.2.9.RELEASE.jar:5.2.9.RELEASE]
  77. at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334) ~[spring-security-web-5.3.4.RELEASE.jar:5.3.4.RELEASE]
  78. at org.springframework.security.web.context.SecurityContextPersistenceFilter.doFilter(SecurityContextPersistenceFilter.java:105) ~[spring-security-web-5.3.4.RELEASE.jar:5.3.4.RELEASE]
  79. at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334) ~[spring-security-web-5.3.4.RELEASE.jar:5.3.4.RELEASE]
  80. at org.springframework.security.web.context.request.async.WebAsyncManagerIntegrationFilter.doFilterInternal(WebAsyncManagerIntegrationFilter.java:56) ~[spring-security-web-5.3.4.RELEASE.jar:5.3.4.RELEASE]
  81. at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:119) ~[spring-web-5.2.9.RELEASE.jar:5.2.9.RELEASE]
  82. at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334) ~[spring-security-web-5.3.4.RELEASE.jar:5.3.4.RELEASE]
  83. at org.springframework.security.web.FilterChainProxy.doFilterInternal(FilterChainProxy.java:215) ~[spring-security-web-5.3.4.RELEASE.jar:5.3.4.RELEASE]
  84. at org.springframework.security.web.FilterChainProxy.doFilter(FilterChainProxy.java:178) ~[spring-security-web-5.3.4.RELEASE.jar:5.3.4.RELEASE]
  85. at org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:358) ~[spring-web-5.2.9.RELEASE.jar:5.2.9.RELEASE]
  86. at org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:271) ~[spring-web-5.2.9.RELEASE.jar:5.2.9.RELEASE]
  87. at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193) ~[tomcat-embed-core-9.0.38.jar:9.0.38]
  88. at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166) ~[tomcat-embed-core-9.0.38.jar:9.0.38]
  89. at org.springframework.web.filter.RequestContextFilter.doFilterInternal(RequestContextFilter.java:100) ~[spring-web-5.2.9.RELEASE.jar:5.2.9.RELEASE]
  90. at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:119) ~[spring-web-5.2.9.RELEASE.jar:5.2.9.RELEASE]
  91. at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193) ~[tomcat-embed-core-9.0.38.jar:9.0.38]
  92. at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166) ~[tomcat-embed-core-9.0.38.jar:9.0.38]
  93. at org.springframework.web.filter.FormContentFilter.doFilterInternal(FormContentFilter.java:93) ~[spring-web-5.2.9.RELEASE.jar:5.2.9.RELEASE]
  94. at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:119) ~[spring-web-5.2.9.RELEASE.jar:5.2.9.RELEASE]
  95. at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193) ~[tomcat-embed-core-9.0.38.jar:9.0.38]
  96. at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166) ~[tomcat-embed-core-9.0.38.jar:9.0.38]
  97. at org.springframework.web.filter.CharacterEncodingFilter.doFilterInternal(CharacterEncodingFilter.java:201) ~[spring-web-5.2.9.RELEASE.jar:5.2.9.RELEASE]
  98. at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:119) ~[spring-web-5.2.9.RELEASE.jar:5.2.9.RELEASE]
  99. at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193) ~[tomcat-embed-core-9.0.38.jar:9.0.38]
  100. at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166) ~[tomcat-embed-core-9.0.38.jar:9.0.38]
  101. at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:202) ~[tomcat-embed-core-9.0.38.jar:9.0.38]
  102. at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:97) ~[tomcat-embed-core-9.0.38.jar:9.0.38]
  103. at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:541) ~[tomcat-embed-core-9.0.38.jar:9.0.38]
  104. at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:143) ~[tomcat-embed-core-9.0.38.jar:9.0.38]
  105. at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:92) ~[tomcat-embed-core-9.0.38.jar:9.0.38]
  106. at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:78) ~[tomcat-embed-core-9.0.38.jar:9.0.38]
  107. at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:343) ~[tomcat-embed-core-9.0.38.jar:9.0.38]
  108. at org.apache.coyote.http11.Http11Processor.service(Http11Processor.java:374) ~[tomcat-embed-core-9.0.38.jar:9.0.38]
  109. at org.apache.coyote.AbstractProcessorLight.process(AbstractProcessorLight.java:65) ~[tomcat-embed-core-9.0.38.jar:9.0.38]
  110. at org.apache.coyote.AbstractProtocol$ConnectionHandler.process(AbstractProtocol.java:868) ~[tomcat-embed-core-9.0.38.jar:9.0.38]
  111. at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1590) ~[tomcat-embed-core-9.0.38.jar:9.0.38]
  112. at org.apache.tomcat.util.net.SocketProcessorBase.run(SocketProcessorBase.java:49) ~[tomcat-embed-core-9.0.38.jar:9.0.38]
  113. at java.base/java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1128) ~[na:na]
  114. at java.base/java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:628) ~[na:na]
  115. at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61) ~[tomcat-embed-core-9.0.38.jar:9.0.38]
  116. at java.base/java.lang.Thread.run(Thread.java:830) ~[na:na]
  117. *

答案1

得分: 1

我认为这是有道理的,_apiClient.equals(null)会抛出空指针异常,因为你试图从一个空对象调用方法.equals(..),如果你想检查一个空对象,应该是(_apiClient != null)

英文:

I think it makes sense, _apiClient.equals(null) will throw a null pointer exception, cause you're trying to call a method .equals(..) from a null object, if you want to check a null object it should be (_apiClient != null)

huangapple
  • 本文由 发表于 2020年10月19日 18:40:44
  • 转载请务必保留本文链接:https://go.coder-hub.com/64425691.html
  • java
  • spring
  • spring-boot
  • spring-rest
  • spring-security
匿名

发表评论

匿名网友

:?: :razz: :sad: :evil: :!: :smile: :oops: :grin: :eek: :shock: :???: :cool: :lol: :mad: :twisted: :roll: :wink: :idea: :arrow: :neutral: :cry: :mrgreen:

确定