spring引导安全性会导致应用程序在本地一切正常的情况下部署到gae时关闭

0ejtzxu1  于 2021-09-29  发布在  Java
关注(0)|答案(1)|浏览(363)

我在google app engine上遇到了Spring Security 和oauth 2.0的问题。
我使用本教程设置了oauth,在本地一切正常。当访问“/”以外的任何端点时,您将被重定向到google登录页面。
当我将应用程序部署到google应用程序引擎时,问题开始出现。
应用程序不断重新启动,日志也不是很清楚。我尝试从头开始设置所有内容,发现即使只更改pom.xml文件并添加spring-boot-starter安全性或spring-boot-starter-oauth2-client依赖项而不添加任何安全相关代码,也会导致应用程序重新启动。
我认为这可能与安全自动配置有关,但我主要是.net开发人员,我真的不知道如何找到这个错误。
我所期望的是应用程序在gae上的工作和在本地的工作一样好。
我的pom.xml文件如下所示:

<?xml version="1.0" encoding="UTF-8"?>
<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
         xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 https://maven.apache.org/xsd/maven-4.0.0.xsd">
    <modelVersion>4.0.0</modelVersion>

    <artifactId>time-off-backend</artifactId>
    <packaging>jar</packaging>
    <name>time-off-backend</name>
    <description>Time-off project</description>

    <groupId>pl.devapo</groupId>
    <version>1.0.0</version>

    <properties>
        <project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
        <project.reporting.outputEncoding>UTF-8</project.reporting.outputEncoding>
        <java.version>11</java.version>
    </properties>
    <profiles>
        <profile>
            <id>cloud-gcp</id>
            <dependencies>
                <dependency>
                    <groupId>org.springframework.cloud</groupId>
                    <artifactId>spring-cloud-gcp-starter</artifactId>
                    <version>1.1.1.RELEASE</version>
                </dependency>
                <dependency>
                    <groupId>org.springframework.cloud</groupId>
                    <artifactId>spring-cloud-gcp-starter-sql-mysql</artifactId>
                    <version>1.0.0.RELEASE</version>
                </dependency>
            </dependencies>
            <build>
                <plugins>
                    <plugin>
                        <groupId>com.google.cloud.tools</groupId>
                        <artifactId>appengine-maven-plugin</artifactId>
                        <version>1.3.2</version>
                    </plugin>
                </plugins>
            </build>
        </profile>
    </profiles>

    <dependencies>
        <dependency>
            <groupId>org.springframework.boot</groupId>
            <artifactId>spring-boot-starter-data-jpa</artifactId>
            <version>2.4.4</version>
        </dependency>
        <dependency>
            <groupId>org.springframework.boot</groupId>
            <artifactId>spring-boot-starter-web</artifactId>

            <version>2.4.4</version>
        </dependency>
        <dependency>
            <groupId>commons-beanutils</groupId>
            <artifactId>commons-beanutils</artifactId>
            <version>1.9.4</version>
        </dependency>
        <dependency>
            <groupId>com.h2database</groupId>
            <artifactId>h2</artifactId>
            <version>1.4.200</version>
            <scope>runtime</scope>
        </dependency>
        <dependency>
            <groupId>org.projectlombok</groupId>
            <artifactId>lombok</artifactId>
            <optional>true</optional>
            <version>1.18.20</version>
        </dependency>
        <dependency>
            <groupId>org.springframework.boot</groupId>
            <artifactId>spring-boot-starter-test</artifactId>
            <scope>test</scope>
            <version>2.4.4</version>
        </dependency>
        <dependency>
            <groupId>javax.xml.bind</groupId>
            <artifactId>jaxb-api</artifactId>
            <version>2.3.0</version>
        </dependency>
        <dependency>
            <groupId>org.springframework.boot</groupId>
            <artifactId>spring-boot-starter-validation</artifactId>
            <version>2.4.4</version>
        </dependency>
        <dependency>
            <groupId>io.springfox</groupId>
            <artifactId>springfox-swagger2</artifactId>
            <version>2.9.2</version>
            <exclusions>
                <exclusion>
                    <groupId>com.fasterxml.jackson.core</groupId>
                    <artifactId>jackson-annotations</artifactId>
                </exclusion>
            </exclusions>
        </dependency>
        <dependency>
            <groupId>io.springfox</groupId>
            <artifactId>springfox-swagger-ui</artifactId>
            <version>2.9.2</version>
        </dependency>
        <dependency>
            <groupId>org.springframework.boot</groupId>
            <artifactId>spring-boot-starter-oauth2-client</artifactId>
            <version>2.5.2</version>
        </dependency>
        <dependency>
            <groupId>org.springframework.boot</groupId>
            <artifactId>spring-boot-starter-security</artifactId>
            <version>2.5.2</version>
        </dependency>

    </dependencies>

    <build>
        <plugins>
            <plugin>
                <groupId>org.springframework.boot</groupId>
                <artifactId>spring-boot-maven-plugin</artifactId>
                <configuration>
                    <mainClass>
                        pl.devapo.timeoff.TimeOffApplication
                    </mainClass>
                </configuration>
                <executions>
                    <execution>
                        <goals>
                            <goal>repackage</goal>
                        </goals>
                    </execution>
                </executions>
            </plugin>
            <!--            todo delete-->
            <plugin>
                <groupId>org.apache.maven.plugins</groupId>
                <artifactId>maven-compiler-plugin</artifactId>
                <configuration>
                    <source>11</source>
                    <target>11</target>
                </configuration>
            </plugin>
        </plugins>
    </build>

</project>

app-test.yaml文件:

runtime: java11
service: backend-test
entrypoint: java -Xmx64m -jar target/time-off-backend-1.0.0.jar --debug
env_variables:
  SPRING_PROFILES_ACTIVE: "test"
  DATABASE_USERNAME: ...
  DATABASE_PASSWORD: ...
handlers:
  - url: /.*
    script: this field is required, but ignored
manual_scaling:
  instances: 1

在我的application.properties文件中,我添加了以下两行:

spring.security.oauth2.client.registration.google.client-id=...
spring.security.oauth2.client.registration.google.client-secret=...

最后是我的securityconfig.java文件:

package pl.devapo.timeoff.config;

import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;

@Configuration
public class SecurityConfig extends WebSecurityConfigurerAdapter {
    @Override
    public void configure(HttpSecurity http) throws Exception {

        http
                .antMatcher("/**").authorizeRequests()
                .antMatchers(new String[]{"/", "/not-restricted"}).permitAll()
                .anyRequest().authenticated()
                .and()
                .oauth2Login();
    }
}

日志如下所示:

2021-07-20 17:07:56 backend-test[20210720t190541]    .   ____          _            __ _ _
2021-07-20 17:07:56 backend-test[20210720t190541]   /\\ / ___'_ __ _ _(_)_ __  __ _ \ \ \ \
2021-07-20 17:07:56 backend-test[20210720t190541]  ( ( )\___ | '_ | '_| | '_ \/ _` | \ \ \ \
2021-07-20 17:07:56 backend-test[20210720t190541]   \\/  ___)| |_)| | | | | || (_| |  ) ) ) )
2021-07-20 17:07:56 backend-test[20210720t190541]    '  |____| .__|_| |_|_| |_\__, | / / / /
2021-07-20 17:07:56 backend-test[20210720t190541]   =========|_|==============|___/=/_/_/_/
2021-07-20 17:07:56 backend-test[20210720t190541]   :: Spring Boot ::                (v2.4.4)
2021-07-20 17:07:56 backend-test[20210720t190541]
2021-07-20 17:07:57 backend-test[20210720t190541]  2021-07-20 17:07:57.024  INFO 10 --- [           main] pl.devapo.timeoff.TimeOffApplication     : Starting TimeOffApplication using Java 11.0.11 on localhost with PID 10 (/workspace/target/time-off-backend-1.0.0.jar started by www-data in /workspace)
2021-07-20 17:07:57 backend-test[20210720t190541]  2021-07-20 17:07:57.028  INFO 10 --- [           main] pl.devapo.timeoff.TimeOffApplication     : The following profiles are active: test
2021-07-20 17:07:58 backend-test[20210720t190541]  2021-07-20 17:07:58.759  INFO 10 --- [           main] .s.d.r.c.RepositoryConfigurationDelegate : Bootstrapping Spring Data JPA repositories in DEFAULT mode.
2021-07-20 17:07:58 backend-test[20210720t190541]  2021-07-20 17:07:58.919  INFO 10 --- [           main] .s.d.r.c.RepositoryConfigurationDelegate : Finished Spring Data repository scanning in 148 ms. Found 6 JPA repository interfaces.
2021-07-20 17:08:00 backend-test[20210720t190541]  2021-07-20 17:08:00.006  INFO 10 --- [           main] o.s.b.w.embedded.tomcat.TomcatWebServer  : Tomcat initialized with port(s): 8080 (http)
2021-07-20 17:08:00 backend-test[20210720t190541]  2021-07-20 17:08:00.024  INFO 10 --- [           main] o.apache.catalina.core.StandardService   : Starting service [Tomcat]
2021-07-20 17:08:00 backend-test[20210720t190541]  2021-07-20 17:08:00.024  INFO 10 --- [           main] org.apache.catalina.core.StandardEngine  : Starting Servlet engine: [Apache Tomcat/9.0.44]
2021-07-20 17:08:00 backend-test[20210720t190541]  2021-07-20 17:08:00.108  INFO 10 --- [           main] o.a.c.c.C.[Tomcat].[localhost].[/]       : Initializing Spring embedded WebApplicationContext
2021-07-20 17:08:00 backend-test[20210720t190541]  2021-07-20 17:08:00.108  INFO 10 --- [           main] w.s.c.ServletWebServerApplicationContext : Root WebApplicationContext: initialization completed in 2967 ms
2021-07-20 17:08:00 backend-test[20210720t190541]  2021-07-20 17:08:00.836  INFO 10 --- [           main] o.hibernate.jpa.internal.util.LogHelper  : HHH000204: Processing PersistenceUnitInfo [name: default]
2021-07-20 17:08:00 backend-test[20210720t190541]  2021-07-20 17:08:00.929  INFO 10 --- [           main] org.hibernate.Version                    : HHH000412: Hibernate ORM core version 5.4.29.Final
2021-07-20 17:08:01 backend-test[20210720t190541]  2021-07-20 17:08:01.162  INFO 10 --- [           main] o.hibernate.annotations.common.Version   : HCANN000001: Hibernate Commons Annotations {5.1.2.Final}
2021-07-20 17:08:01 backend-test[20210720t190541]  2021-07-20 17:08:01.320  INFO 10 --- [           main] com.zaxxer.hikari.HikariDataSource       : HikariPool-1 - Starting...
2021-07-20 17:08:01 backend-test[20210720t190541]  2021-07-20 17:08:01.649  INFO 10 --- [           main] com.zaxxer.hikari.HikariDataSource       : HikariPool-1 - Start completed.
2021-07-20 17:08:01 backend-test[20210720t190541]  2021-07-20 17:08:01.705  INFO 10 --- [           main] org.hibernate.dialect.Dialect            : HHH000400: Using dialect: org.hibernate.dialect.H2Dialect
2021-07-20 17:08:03 backend-test[20210720t190541]  2021-07-20 17:08:03.478  INFO 10 --- [           main] o.h.e.t.j.p.i.JtaPlatformInitiator       : HHH000490: Using JtaPlatform implementation: [org.hibernate.engine.transaction.jta.platform.internal.NoJtaPlatform]
2021-07-20 17:08:03 backend-test[20210720t190541]  2021-07-20 17:08:03.501  INFO 10 --- [           main] j.LocalContainerEntityManagerFactoryBean : Initialized JPA EntityManagerFactory for persistence unit 'default'
2021-07-20 17:08:04 backend-test[20210720t190541]  2021-07-20 17:08:04.444  WARN 10 --- [           main] JpaBaseConfiguration$JpaWebConfiguration : spring.jpa.open-in-view is enabled by default. Therefore, database queries may be performed during view rendering. Explicitly configure spring.jpa.open-in-view to disable this warning
2021-07-20 17:08:05 backend-test[20210720t190541]  2021-07-20 17:08:05.096  INFO 10 --- [           main] pertySourcedRequestMappingHandlerMapping : Mapped URL path [/v2/api-docs] onto method [springfox.documentation.swagger2.web.Swagger2Controller#getDocumentation(String, HttpServletRequest)]
2021-07-20 17:08:05 backend-test[20210720t190541]  2021-07-20 17:08:05.407  INFO 10 --- [           main] o.s.s.concurrent.ThreadPoolTaskExecutor  : Initializing ExecutorService 'applicationTaskExecutor'
2021-07-20 17:08:06 backend-test[20210720t190541]  2021-07-20 17:08:06.071  INFO 10 --- [           main] o.s.s.web.DefaultSecurityFilterChain     : Will secure Ant [pattern='/**'] with [org.springframework.security.web.context.request.async.WebAsyncManagerIntegrationFilter@2ac519dc, org.springframework.security.web.context.SecurityContextPersistenceFilter@2b73bd6b, org.springframework.security.web.header.HeaderWriterFilter@5f0bab7e, org.springframework.security.web.csrf.CsrfFilter@1eb9a3ef, org.springframework.security.web.authentication.logout.LogoutFilter@2da81754, org.springframework.security.oauth2.client.web.OAuth2AuthorizationRequestRedirectFilter@5e593b08, org.springframework.security.oauth2.client.web.OAuth2LoginAuthenticationFilter@3946075, org.springframework.security.web.authentication.ui.DefaultLoginPageGeneratingFilter@4998e74b, org.springframework.security.web.authentication.ui.DefaultLogoutPageGeneratingFilter@3d53e6f7, org.springframework.security.web.savedrequest.RequestCacheAwareFilter@750ed637, org.springframework.security.web.servletapi.SecurityContextHolderAwareRequestFilter@18d11527, org.springframework.security.web.authentication.AnonymousAuthenticationFilter@1de4bee0, org.springframework.security.web.session.SessionManagementFilter@337a6d30, org.springframework.security.web.access.ExceptionTranslationFilter@58fd1214, org.springframework.security.web.access.intercept.FilterSecurityInterceptor@3fe512d2]
2021-07-20 17:08:06 backend-test[20210720t190541]  2021-07-20 17:08:06.163  INFO 10 --- [           main] o.s.b.w.embedded.tomcat.TomcatWebServer  : Tomcat started on port(s): 8080 (http) with context path ''
2021-07-20 17:08:06 backend-test[20210720t190541]  2021-07-20 17:08:06.166  INFO 10 --- [           main] d.s.w.p.DocumentationPluginsBootstrapper : Context refreshed
2021-07-20 17:08:06 backend-test[20210720t190541]  2021-07-20 17:08:06.244  INFO 10 --- [           main] d.s.w.p.DocumentationPluginsBootstrapper : Found 1 custom documentation plugin(s)
2021-07-20 17:08:06 backend-test[20210720t190541]  2021-07-20 17:08:06.311  INFO 10 --- [nio-8080-exec-1] o.a.c.c.C.[Tomcat].[localhost].[/]       : Initializing Spring DispatcherServlet 'dispatcherServlet'
2021-07-20 17:08:06 backend-test[20210720t190541]  2021-07-20 17:08:06.312  INFO 10 --- [nio-8080-exec-1] o.s.web.servlet.DispatcherServlet        : Initializing Servlet 'dispatcherServlet'
2021-07-20 17:08:06 backend-test[20210720t190541]  2021-07-20 17:08:06.343  INFO 10 --- [nio-8080-exec-1] o.s.web.servlet.DispatcherServlet        : Completed initialization in 31 ms
2021-07-20 17:08:06 backend-test[20210720t190541]  2021-07-20 17:08:06.346  INFO 10 --- [           main] s.d.s.w.s.ApiListingReferenceScanner     : Scanning for api listing references
2021-07-20 17:08:06 backend-test[20210720t190541]  2021-07-20 17:08:06.617  INFO 10 --- [           main] .d.s.w.r.o.CachingOperationNameGenerator : Generating unique operation named: findUsingGET_1
2021-07-20 17:08:06 backend-test[20210720t190541]  2021-07-20 17:08:06.620  INFO 10 --- [           main] .d.s.w.r.o.CachingOperationNameGenerator : Generating unique operation named: getUsingGET_1
2021-07-20 17:08:06 backend-test[20210720t190541]  2021-07-20 17:08:06.655  INFO 10 --- [           main] .d.s.w.r.o.CachingOperationNameGenerator : Generating unique operation named: findUsingGET_2
2021-07-20 17:08:06 backend-test[20210720t190541]  2021-07-20 17:08:06.657  INFO 10 --- [           main] .d.s.w.r.o.CachingOperationNameGenerator : Generating unique operation named: getUsingGET_2
2021-07-20 17:08:06 backend-test[20210720t190541]  2021-07-20 17:08:06.669  INFO 10 --- [           main] .d.s.w.r.o.CachingOperationNameGenerator : Generating unique operation named: findUsingGET_3
2021-07-20 17:08:06 backend-test[20210720t190541]  2021-07-20 17:08:06.671  INFO 10 --- [           main] .d.s.w.r.o.CachingOperationNameGenerator : Generating unique operation named: getUsingGET_3
2021-07-20 17:08:06 backend-test[20210720t190541]  2021-07-20 17:08:06.687  INFO 10 --- [           main] .d.s.w.r.o.CachingOperationNameGenerator : Generating unique operation named: cancelUsingPOST_1
2021-07-20 17:08:06 backend-test[20210720t190541]  2021-07-20 17:08:06.695  INFO 10 --- [           main] .d.s.w.r.o.CachingOperationNameGenerator : Generating unique operation named: findUsingGET_4
2021-07-20 17:08:06 backend-test[20210720t190541]  2021-07-20 17:08:06.697  INFO 10 --- [           main] .d.s.w.r.o.CachingOperationNameGenerator : Generating unique operation named: getUsingGET_4
2021-07-20 17:08:06 backend-test[20210720t190541]  2021-07-20 17:08:06.705  INFO 10 --- [           main] .d.s.w.r.o.CachingOperationNameGenerator : Generating unique operation named: saveUsingPOST_1
2021-07-20 17:08:06 backend-test[20210720t190541]  2021-07-20 17:08:06.769  INFO 10 --- [           main] pl.devapo.timeoff.TimeOffApplication     : Started TimeOffApplication in 10.578 seconds (JVM running for 11.602)
2021-07-20 17:08:06 backend-test[20210720t190541]  2021-07-20 17:08:06.796  INFO 10 --- [extShutdownHook] o.s.s.concurrent.ThreadPoolTaskExecutor  : Shutting down ExecutorService 'applicationTaskExecutor'
2021-07-20 17:08:06 backend-test[20210720t190541]  2021-07-20 17:08:06.801  INFO 10 --- [extShutdownHook] j.LocalContainerEntityManagerFactoryBean : Closing JPA EntityManagerFactory for persistence unit 'default'
2021-07-20 17:08:06 backend-test[20210720t190541]  2021-07-20 17:08:06.804  INFO 10 --- [extShutdownHook] com.zaxxer.hikari.HikariDataSource       : HikariPool-1 - Shutdown initiated...
2021-07-20 17:08:06 backend-test[20210720t190541]  2021-07-20 17:08:06.808  INFO 10 --- [extShutdownHook] com.zaxxer.hikari.HikariDataSource       : HikariPool-1 - Shutdown completed.
2021-07-20 17:08:07 backend-test[20210720t190541]  {"severity": "WARNING", "message": "App is listening on port 8080. We recommend your app listen on the port defined by the PORT environment variable to take advantage of an NGINX layer on port 8080."}\n
eoxn13cs

eoxn13cs1#

在查看调试级别的日志后,我们发现gae需要endpoint/_ah/start来启动应用程序,并且由于spring安全自动配置默认情况下保护所有端点,因此您需要取消保护/_ah/start endpoint,以使其在gae上正常工作。
因此,在将这些添加到我们的securityconfig配置方法后,一切都开始正常工作:

@Configuration
public class SecurityConfig extends WebSecurityConfigurerAdapter {
    @Override
    public void configure(HttpSecurity http) throws Exception {

        http.authorizeRequests()
                .antMatchers("/_ah/start").permitAll()
                .and()
                .antMatcher("/**").authorizeRequests()
                .anyRequest().authenticated()
                .and()
                .oauth2Login();
    }
}

相关问题