java - Spring Social authentication filter not working, how can I debug it? -


i'm having trouble spring socialauthenticationfilter, see it's loaded in filter chain when access "/auth/facebook?code=...", not process input.

here websecurityconfig's configure method:

@override protected void configure(httpsecurity http) throws exception {     //@formatter:off     http             .csrf().disable()             .sessionmanagement().sessioncreationpolicy(sessioncreationpolicy.stateless)             .and()             .authorizerequests()             .antmatchers("/oauth/token").permitall()             .antmatchers("/auth/**").permitall()             .antmatchers(httpmethod.options, "/oauth/token").permitall()             .anyrequest().authenticated()             .and()             .apply(new springsocialconfigurer());     //@formatter:on }

and in output filter chain:

 2015-07-06 12:42:08.400  info 28531 --- [ost-startstop-1] o.s.s.web.defaultsecurityfilterchain     : creating filter chain: org.springframework.security.web.util.matcher.anyrequestmatcher@1, [org.springframework.security.web.context.request.async.webasyncmanagerintegrationfilter@4cb4e09b, org.springframework.security.web.context.securitycontextpersistencefilter@4ac65d33, org.springframework.security.web.header.headerwriterfilter@3181e122, org.springframework.security.web.authentication.logout.logoutfilter@3492e7fd,  org.springframework.social.security.socialauthenticationfilter@1b2b4922 ,org.springframework.security.web.savedrequest.requestcacheawarefilter@392294cd, org.springframework.security.web.servletapi.securitycontextholderawarerequestfilter@794fa3a, org.springframework.security.web.authentication.anonymousauthenticationfilter@3f3e8762, org.springframework.security.web.session.sessionmanagementfilter@3d31d08d, org.springframework.security.web.access.exceptiontranslationfilter@31e84fe1, org.springframework.security.web.access.intercept.filtersecurityinterceptor@d8d9225]

and url matching:

 2015-07-06 12:43:22.075 debug 28531 --- [nio-8080-exec-2] o.s.s.w.u.matcher.antpathrequestmatcher  : checking match of request : '/auth/facebook'; against '/css/**'     2015-07-06 12:43:22.075 debug 28531 --- [nio-8080-exec-2] o.s.s.w.u.matcher.antpathrequestmatcher  : checking match of request : '/auth/facebook'; against '/js/**'     2015-07-06 12:43:22.075 debug 28531 --- [nio-8080-exec-2] o.s.s.w.u.matcher.antpathrequestmatcher  : checking match of request : '/auth/facebook'; against '/images/**'     2015-07-06 12:43:22.075 debug 28531 --- [nio-8080-exec-2] o.s.s.w.u.matcher.antpathrequestmatcher  : checking match of request : '/auth/facebook'; against '/**/favicon.ico'     2015-07-06 12:43:22.075 debug 28531 --- [nio-8080-exec-2] o.s.s.w.u.matcher.antpathrequestmatcher  : checking match of request : '/auth/facebook'; against '/info'     2015-07-06 12:43:22.075 debug 28531 --- [nio-8080-exec-2] o.s.s.w.u.matcher.antpathrequestmatcher  : checking match of request : '/auth/facebook'; against '/health'     2015-07-06 12:43:22.076 debug 28531 --- [nio-8080-exec-2] o.s.s.w.u.matcher.antpathrequestmatcher  : checking match of request : '/auth/facebook'; against '/error'     2015-07-06 12:43:22.076 debug 28531 --- [nio-8080-exec-2] o.s.s.web.util.matcher.orrequestmatcher  : trying match using ant [pattern='/oauth/token']     2015-07-06 12:43:22.076 debug 28531 --- [nio-8080-exec-2] o.s.s.w.u.matcher.antpathrequestmatcher  : checking match of request : '/auth/facebook'; against '/oauth/token'     2015-07-06 12:43:22.076 debug 28531 --- [nio-8080-exec-2] o.s.s.web.util.matcher.orrequestmatcher  : trying match using ant [pattern='/oauth/token_key']     2015-07-06 12:43:22.076 debug 28531 --- [nio-8080-exec-2] o.s.s.w.u.matcher.antpathrequestmatcher  : checking match of request : '/auth/facebook'; against '/oauth/token_key'     2015-07-06 12:43:22.076 debug 28531 --- [nio-8080-exec-2] o.s.s.web.util.matcher.orrequestmatcher  : trying match using ant [pattern='/oauth/check_token']     2015-07-06 12:43:22.076 debug 28531 --- [nio-8080-exec-2] o.s.s.w.u.matcher.antpathrequestmatcher  : checking match of request : '/auth/facebook'; against '/oauth/check_token'     2015-07-06 12:43:22.076 debug 28531 --- [nio-8080-exec-2] o.s.s.web.util.matcher.orrequestmatcher  : no matches found     2015-07-06 12:43:22.076 debug 28531 --- [nio-8080-exec-2] o.s.s.web.util.matcher.orrequestmatcher  : trying match using org.springframework.security.web.util.matcher.anyrequestmatcher@1     2015-07-06 12:43:22.076 debug 28531 --- [nio-8080-exec-2] o.s.s.web.util.matcher.orrequestmatcher  : matched     2015-07-06 12:43:22.076 debug 28531 --- [nio-8080-exec-2] o.s.security.web.filterchainproxy        : /auth/facebook?code=aqb2osmhtyeuu-***-5tqvcyxogkzcqsnaxfgckyre248mxpqeb5vi63w6ijrnyw36losbp3qx73 @ position 1 of 11 in additional filter chain; firing filter: 'webasyncmanagerintegrationfilter'     2015-07-06 12:43:22.076 debug 28531 --- [nio-8080-exec-2] o.s.security.web.filterchainproxy        : /auth/facebook?code=aqb2osmhtyeuu-***-5tqvcyxogkzcqsnaxfgckyre248mxpqeb5vi63w6ijrnyw36losbp3qx73 @ position 2 of 11 in additional filter chain; firing filter: 'securitycontextpersistencefilter'     2015-07-06 12:43:22.076 debug 28531 --- [nio-8080-exec-2] o.s.security.web.filterchainproxy        : /auth/facebook?code=aqb2osmhtyeuu-***-5tqvcyxogkzcqsnaxfgckyre248mxpqeb5vi63w6ijrnyw36losbp3qx73 @ position 3 of 11 in additional filter chain; firing filter: 'headerwriterfilter'     2015-07-06 12:43:22.077 debug 28531 --- [nio-8080-exec-2] o.s.s.w.header.writers.hstsheaderwriter  : not injecting hsts header since did not match requestmatcher org.springframework.security.web.header.writers.hstsheaderwriter$securerequestmatcher@3f8843c2     2015-07-06 12:43:22.077 debug 28531 --- [nio-8080-exec-2] o.s.security.web.filterchainproxy        : /auth/facebook?code=aqb2osmhtyeuu-***-5tqvcyxogkzcqsnaxfgckyre248mxpqeb5vi63w6ijrnyw36losbp3qx73 @ position 4 of 11 in additional filter chain; firing filter: 'logoutfilter'     2015-07-06 12:43:22.077 debug 28531 --- [nio-8080-exec-2] o.s.s.w.u.matcher.antpathrequestmatcher  : checking match of request : '/auth/facebook'; against '/logout'     2015-07-06 12:43:22.077 debug 28531 --- [nio-8080-exec-2] o.s.security.web.filterchainproxy        : /auth/facebook?code=aqb2osmhtyeuu-***-5tqvcyxogkzcqsnaxfgckyre248mxpqeb5vi63w6ijrnyw36losbp3qx73 @ position 5 of 11 in additional filter chain; firing filter: 'oauth2authenticationprocessingfilter'     2015-07-06 12:43:22.077 debug 28531 --- [nio-8080-exec-2] o.s.s.o.p.a.bearertokenextractor         : token not found in headers. trying request parameters.     2015-07-06 12:43:22.077 debug 28531 --- [nio-8080-exec-2] o.s.s.o.p.a.bearertokenextractor         : token not found in request parameters.  not oauth2 request.     2015-07-06 12:43:22.077 debug 28531 --- [nio-8080-exec-2] p.a.oauth2authenticationprocessingfilter : no token in request, continue chain.     2015-07-06 12:43:22.077 debug 28531 --- [nio-8080-exec-2] o.s.security.web.filterchainproxy        : /auth/facebook?code=aqb2osmhtyeuu-***-5tqvcyxogkzcqsnaxfgckyre248mxpqeb5vi63w6ijrnyw36losbp3qx73 @ position 6 of 11 in additional filter chain; firing filter: 'requestcacheawarefilter'     2015-07-06 12:43:22.077 debug 28531 --- [nio-8080-exec-2] o.s.security.web.filterchainproxy        : /auth/facebook?code=aqb2osmhtyeuu-***-5tqvcyxogkzcqsnaxfgckyre248mxpqeb5vi63w6ijrnyw36losbp3qx73 @ position 7 of 11 in additional filter chain; firing filter: 'securitycontextholderawarerequestfilter'     2015-07-06 12:43:22.077 debug 28531 --- [nio-8080-exec-2] o.s.security.web.filterchainproxy        : /auth/facebook?code=aqb2osmhtyeuu-***-5tqvcyxogkzcqsnaxfgckyre248mxpqeb5vi63w6ijrnyw36losbp3qx73 @ position 8 of 11 in additional filter chain; firing filter: 'anonymousauthenticationfilter'     2015-07-06 12:43:22.078 debug 28531 --- [nio-8080-exec-2] o.s.s.w.a.anonymousauthenticationfilter  : populated securitycontextholder anonymous token: 'org.springframework.security.authentication.anonymousauthenticationtoken@9055e4a6: principal: anonymoususer; credentials: [protected]; authenticated: true; details: org.springframework.security.web.authentication.webauthenticationdetails@957e: remoteipaddress: 127.0.0.1; sessionid: null; granted authorities: role_anonymous'     2015-07-06 12:43:22.078 debug 28531 --- [nio-8080-exec-2] o.s.security.web.filterchainproxy        : /auth/facebook?code=aqb2osmhtyeuu-***-5tqvcyxogkzcqsnaxfgckyre248mxpqeb5vi63w6ijrnyw36losbp3qx73 @ position 9 of 11 in additional filter chain; firing filter: 'sessionmanagementfilter'     2015-07-06 12:43:22.078 debug 28531 --- [nio-8080-exec-2] o.s.security.web.filterchainproxy        : /auth/facebook?code=aqb2osmhtyeuu-***-5tqvcyxogkzcqsnaxfgckyre248mxpqeb5vi63w6ijrnyw36losbp3qx73 @ position 10 of 11 in additional filter chain; firing filter: 'exceptiontranslationfilter'     2015-07-06 12:43:22.078 debug 28531 --- [nio-8080-exec-2] o.s.security.web.filterchainproxy        : /auth/facebook?code=aqb2osmhtyeuu-***-5tqvcyxogkzcqsnaxfgckyre248mxpqeb5vi63w6ijrnyw36losbp3qx73 @ position 11 of 11 in additional filter chain; firing filter: 'filtersecurityinterceptor'     2015-07-06 12:43:22.078 debug 28531 --- [nio-8080-exec-2] o.s.s.w.a.i.filtersecurityinterceptor    : secure object: filterinvocation: url: /auth/facebook?code=aqb2osmhtyeuu-***-5tqvcyxogkzcqsnaxfgckyre248mxpqeb5vi63w6ijrnyw36losbp3qx73; attributes: [#oauth2.throwonerror(permitall)]     2015-07-06 12:43:22.078 debug 28531 --- [nio-8080-exec-2] o.s.s.w.a.i.filtersecurityinterceptor    : authenticated: org.springframework.security.authentication.anonymousauthenticationtoken@9055e4a6: principal: anonymoususer; credentials: [protected]; authenticated: true; details: org.springframework.security.web.authentication.webauthenticationdetails@957e: remoteipaddress: 127.0.0.1; sessionid: null; granted authorities: role_anonymous     2015-07-06 12:43:22.079 debug 28531 --- [nio-8080-exec-2] o.s.s.access.vote.affirmativebased       : voter: org.springframework.security.web.access.expression.webexpressionvoter@361b4478, returned: 1     2015-07-06 12:43:22.079 debug 28531 --- [nio-8080-exec-2] o.s.s.w.a.i.filtersecurityinterceptor    : authorization successful     2015-07-06 12:43:22.079 debug 28531 --- [nio-8080-exec-2] o.s.s.w.a.i.filtersecurityinterceptor    : runasmanager did not change authentication object     2015-07-06 12:43:22.079 debug 28531 --- [nio-8080-exec-2] o.s.security.web.filterchainproxy        : /auth/facebook?code=aqb2osmhtyeuu-***-5tqvcyxogkzcqsnaxfgckyre248mxpqeb5vi63w6ijrnyw36losbp3qx73 reached end of additional filter chain; proceeding original chain     2015-07-06 12:43:22.085 debug 28531 --- [nio-8080-exec-2] .s.o.p.e.frameworkendpointhandlermapping : looking handler method path /auth/facebook     2015-07-06 12:43:22.086 debug 28531 --- [nio-8080-exec-2] .s.o.p.e.frameworkendpointhandlermapping : did not find handler method [/auth/facebook]     2015-07-06 12:43:22.088 debug 28531 --- [nio-8080-exec-2] o.s.s.w.a.exceptiontranslationfilter     : chain processed     2015-07-06 12:43:22.089 debug 28531 --- [nio-8080-exec-2] s.s.w.c.securitycontextpersistencefilter : securitycontextholder cleared, request processing completed

please, tell me if see sth wrong, or can suggest debugging method.

thanks!


Comments

Post a Comment

Popular posts from this blog

How to provide Authorization & Authentication using Asp.net, C#? -

Image
i have asp.net application in c#. i have provide page authorization specific user/usergroup. i have created 2 tables in database: 1) pagename 2)permissions[insert, update, view, delete] but i'm unable match tables , permissions assigning... can 1 please me, how created tables in database , how coding. please me. you can below explanation. configure access specific file , folder, set forms-based authentication. request page in application redirected logon.aspx automatically. in web.config file, type or paste following code. this code grants users access default1.aspx page , subdir1 folder . <configuration> <system.web> <authentication mode="forms" > <forms loginurl="login.aspx" name=".aspnetauth" protection="none" path="/" timeout="20" > </forms> </authentication> <!-- section denies access files in...
Read more

toolbar - How to add link to user registration inside toobar in admin joomla 3 custom component -

im trying write component admin side , need add user creation. dont want duplicate existing codes add link. know how add task not simple link toolbar. thx help. if wanting button opens new user screen can try in component: $bar = jtoolbar::getinstance('toolbar'); $bar->appendbutton('link', 'users', 'new user','index.php?option=com_users&task=user.add'); you need add view.html.php file wherever you're creating toolbar. is need?
Read more

How to use Authorization & Authentication in Asp.net, C#? -

i using roll management , trying give page , folder access according user or user group, using server created ad group user authentication. i have default1.aspx page default , subdir1 folder give different access separate user group i using below logic in web.config. <location path="subdir1"> <system.web> <authorization> <allow users ="?" /> </authorization> </system.web> </location> i facing problem provide same access 2 or more directory same user should have provide allow user code twice both folder? i can use logic repeating value folder want access providing in 1 logic. i have got answer configure folder/page access, have make different access shown below.. configure access specific file , folder, set forms-based authentication. request page in application redirected logon.aspx automatically. in web.config file, done following code. this code grants user...
Read more