1

I'm trying to run samples written by Dave Syer (https://github.com/spring-cloud-samples/authserver and https://github.com/spring-cloud-samples/sso) without using the JWT converter (and the signature process with the certificate).

The sample works fine when i run it as it is, with certificate and keys. But i'm not able to authenticate when i remove all certificate and keys stuff!

I've modified the code like below:

@Configuration
@ComponentScan
@EnableAutoConfiguration
@Controller
@SessionAttributes("authorizationRequest")
public class AuthserverApplication extends WebMvcConfigurerAdapter {

public static void main(String[] args) {
    SpringApplication.run(AuthserverApplication.class, args);
}

@Override
public void addViewControllers(ViewControllerRegistry registry) {
    registry.addViewController("/login").setViewName("login");
    registry.addViewController("/oauth/confirm_access").setViewName("authorize");
}

@Configuration
@Order(ManagementServerProperties.ACCESS_OVERRIDE_ORDER)
protected static class LoginConfig extends WebSecurityConfigurerAdapter {

    @Autowired
    private AuthenticationManager authenticationManager;

    @Override
    protected void configure(HttpSecurity http) throws Exception {
        http.formLogin().loginPage("/login").permitAll().and().authorizeRequests()
                .anyRequest().authenticated();
    }

    @Override
    protected void configure(AuthenticationManagerBuilder auth) throws Exception {
        auth.parentAuthenticationManager(authenticationManager);
    }
}

@Configuration
@EnableAuthorizationServer
protected static class OAuth2Config extends AuthorizationServerConfigurerAdapter {

    @Autowired
    private AuthenticationManager authenticationManager;

    /*
    @Bean
    public JwtAccessTokenConverter jwtAccessTokenConverter() {
        JwtAccessTokenConverter converter = new JwtAccessTokenConverter();
        KeyPair keyPair = new KeyStoreKeyFactory(
                new ClassPathResource("keystore.jks"), "foobar".toCharArray())
                .getKeyPair("test");
        converter.setKeyPair(keyPair);
        return converter;
    }
    */

    @Override
    public void configure(ClientDetailsServiceConfigurer clients) throws Exception {
        clients.inMemory()
                .withClient("acme")
                .secret("acmesecret")
                .authorizedGrantTypes("authorization_code", "refresh_token", "password")
                .scopes("openid")
                .autoApprove(true);
                ;
    }

    @Override
    public void configure(AuthorizationServerEndpointsConfigurer endpoints)
            throws Exception {
        //endpoints.authenticationManager(authenticationManager).accessTokenConverter(jwtAccessTokenConverter());
        endpoints.authenticationManager(authenticationManager);
    }

    @Override
    public void configure(AuthorizationServerSecurityConfigurer oauthServer)
            throws Exception {
        oauthServer.tokenKeyAccess("permitAll()").checkTokenAccess("isAuthenticated()");
    }
}
}

application.properties:

server.contextPath=/uaa
security.user.password=password
security.ignored=/css/**,/js/**,/favicon.ico,/webjars/**
logging.level.org.springframework.security=DEBUG

Here is the client codes:

@Configuration
@ComponentScan
@EnableAutoConfiguration
@RestController
@RequestMapping("/dashboard")
public class SsoApplication {

@RequestMapping("/message")
public Map<String, Object> dashboard() {
    return Collections.<String, Object> singletonMap("message", "Yay!");
}

@RequestMapping("/user")
public Principal user(Principal user) {
    return user;
}

public static void main(String[] args) {
    SpringApplication.run(SsoApplication.class, args);
}

@Controller
public static class LoginErrors {
    @RequestMapping("/dashboard/login")
    public String dashboard() {
        return "redirect:/#/";
    }
}

@Component
@EnableOAuth2Sso
public static class LoginConfigurer extends WebSecurityConfigurerAdapter {

    @Override
    public void configure(HttpSecurity http) throws Exception {
        http.antMatcher("/dashboard/**").authorizeRequests().anyRequest()
                .authenticated().and().csrf()
                .csrfTokenRepository(csrfTokenRepository()).and()
                .addFilterAfter(csrfHeaderFilter(), CsrfFilter.class)
                .logout().logoutUrl("/dashboard/logout").permitAll()
                .logoutSuccessUrl("/");
    }

    private Filter csrfHeaderFilter() {
        return new OncePerRequestFilter() {
            @Override
            protected void doFilterInternal(HttpServletRequest request,
                    HttpServletResponse response, FilterChain filterChain)
                    throws ServletException, IOException {
                CsrfToken csrf = (CsrfToken) request
                        .getAttribute(CsrfToken.class.getName());
                if (csrf != null) {
                    Cookie cookie = new Cookie("XSRF-TOKEN",
                            csrf.getToken());
                    cookie.setPath("/");
                    response.addCookie(cookie);
                }
                filterChain.doFilter(request, response);
            }
        };
    }

    private CsrfTokenRepository csrfTokenRepository() {
        HttpSessionCsrfTokenRepository repository = new HttpSessionCsrfTokenRepository();
        repository.setHeaderName("X-XSRF-TOKEN");
        return repository;
    }
}
}

application.yml:

debug:
server:
port: 9999

security:
user:
password: user
ignored: /,/favicon.ico,/index.html,/home.html,/dashboard.html,/js/**,/css/**,/webjars/**
sessions: ALWAYS
oauth2:
 sso:
  loginPath: /dashboard/login
management:
security:
 role: HERO

logging:
 level:
  org.springframework.security: DEBUG
  com.netflix.discovery: 'OFF'

---
spring:
 profiles: default
security:
 oauth2:
  client:
   accessTokenUri: http://localhost:8080/uaa/oauth/token
   userAuthorizationUri: http://localhost:8080/uaa/oauth/authorize
   clientId: acme
   clientSecret: acmesecret
  resource:
#      jwt:
#        keyValue: |
#          -----BEGIN PUBLIC KEY-----
#            MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnGp/Q5lh0P8nPL21oMMrt2RrkT9AW5jgYwLfSUnJVc9G6uR3cXRRDCjHqWU5WYwivcF180A6CWp/ireQFFBNowgc5XaA0kPpzEtgsA5YsNX7iSnUibB004iBTfU9hZ2Rbsc8cWqynT0RyN4TP1RYVSeVKvMQk4GT1r7JCEC+TNu1ELmbNwMQyzKjsfBXyIOCFU/E94ktvsTZUHF4Oq44DBylCDsS1k7/sfZC2G5EU7Oz0mhG8+Uz6MSEQHtoIi6mc8u64Rwi3Z3tscuWG2ShtsUFuNSAFNkY7LkLn+/hxLCu2bNISMaESa8dG22CIMuIeRLVcAmEWEWH5EEforTg+QIDAQAB
#          -----END PUBLIC KEY-----
   id: openid
#      serviceId: ${PREFIX:}resource
   userInfoUri: http://localhost:8080/uaa/oauth/user
   preferTokenInfo: false

When i run it, i get a "Whitelabel Error Page" with the message "Could not obtain user details from token.

Whitelabel Error Page

This application has no explicit mapping for /error, so you are seeing this as a fallback.

Tue Aug 04 09:48:49 CEST 2015
There was an unexpected error (type=Unauthorized, status=401).
Authentication Failed: Could not obtain user details from token

Console logs here:

2015-08-04 09:48:04.998 DEBUG 15152 --- [nio-9999-exec-1] o.s.s.w.u.matcher.AntPathRequestMatcher : Checking match of request : '/'; against '/' 2015-08-04 09:48:04.998 DEBUG 15152 --- [nio-9999-exec-1] o.s.security.web.FilterChainProxy : / has an empty filter list

 >2015-08-04 09:48:05.855 DEBUG 15152 --- [nio-9999-exec-5] o.s.b.a.e.mvc.EndpointHandlerMapping     : Looking up handler method for path /home.html
 >2015-08-04 09:48:05.855 DEBUG 15152 --- [nio-9999-exec-5] o.s.b.a.e.mvc.EndpointHandlerMapping     : Did not find handler method for [/home.html]
 >2015-08-04 09:48:05.858 DEBUG 15152 --- [nio-9999-exec-2] o.s.security.web.FilterChainProxy        : /dashboard/user at position 6 of 13 in additional filter chain; firing Filter: 'LogoutFilter'
 >2015-08-04 09:48:05.858 DEBUG 15152 --- [nio-9999-exec-2] o.s.s.w.u.matcher.AntPathRequestMatcher  : Request 'GET /dashboard/user' doesn't match 'POST /dashboard/logout
 >2015-08-04 09:48:05.858 DEBUG 15152 --- [nio-9999-exec-2] o.s.security.web.FilterChainProxy        : /dashboard/user at position 7 of 13 in additional filter chain; firing Filter: 'OAuth2ClientAuthenticationProcessingFilter'
 >2015-08-04 09:48:05.858 DEBUG 15152 --- [nio-9999-exec-2] o.s.s.w.u.matcher.AntPathRequestMatcher  : Checking match of request : '/dashboard/user'; against '/dashboard/login'
 >2015-08-04 09:48:05.858 DEBUG 15152 --- [nio-9999-exec-2] o.s.security.web.FilterChainProxy        : /dashboard/user at position 8 of 13 in additional filter chain; firing Filter: 'RequestCacheAwareFilter'
 >2015-08-04 09:48:05.858 DEBUG 15152 --- [nio-9999-exec-2] o.s.security.web.FilterChainProxy        : /dashboard/user at position 9 of 13 in additional filter chain; firing Filter: 'SecurityContextHolderAwareRequestFilter'
 >2015-08-04 09:48:05.859 DEBUG 15152 --- [nio-9999-exec-2] o.s.security.web.FilterChainProxy        : /dashboard/user at position 10 of 13 in additional filter chain; firing Filter: 'AnonymousAuthenticationFilter'
 >2015-08-04 09:48:05.859 DEBUG 15152 --- [nio-9999-exec-2] o.s.s.w.a.AnonymousAuthenticationFilter  : Populated SecurityContextHolder with anonymous token: 'org.springframework.security.authentication.AnonymousAuthenticationToken@9056f12c: Principal: anonymousUser; Credentials: [PROTECTED]; Authenticated: true; Details: org.springframework.security.web.authentication.WebAuthenticationDetails@380f4: RemoteIpAddress: 0:0:0:0:0:0:0:1; SessionId: 727CB5F626A106EBEDF8C86823DA98BA; Granted Authorities: ROLE_ANONYMOUS'
 >2015-08-04 09:48:05.859 DEBUG 15152 --- [nio-9999-exec-2] o.s.security.web.FilterChainProxy        : /dashboard/user at position 11 of 13 in additional filter chain; firing Filter: 'SessionManagementFilter'
 >2015-08-04 09:48:05.859 DEBUG 15152 --- [nio-9999-exec-2] o.s.security.web.FilterChainProxy        : /dashboard/user at position 12 of 13 in additional filter chain; firing Filter: 'ExceptionTranslationFilter'
 >2015-08-04 09:48:05.859 DEBUG 15152 --- [nio-9999-exec-2] o.s.security.web.FilterChainProxy        : /dashboard/user at position 13 of 13 in additional filter chain; firing Filter: 'FilterSecurityInterceptor'
 >2015-08-04 09:48:05.859 DEBUG 15152 --- [nio-9999-exec-2] o.s.s.w.u.matcher.AntPathRequestMatcher  : Request 'GET /dashboard/user' doesn't match 'POST /dashboard/logout
 >2015-08-04 09:48:05.859 DEBUG 15152 --- [nio-9999-exec-2] o.s.s.w.a.i.FilterSecurityInterceptor    : Secure object: FilterInvocation: URL: /dashboard/user; Attributes: [authenticated]
 >2015-08-04 09:48:05.859 DEBUG 15152 --- [nio-9999-exec-2] o.s.s.w.a.i.FilterSecurityInterceptor    : Previously Authenticated: org.springframework.security.authentication.AnonymousAuthenticationToken@9056f12c: Principal: anonymousUser; Credentials: [PROTECTED]; Authenticated: true; Details: org.springframework.security.web.authentication.WebAuthenticationDetails@380f4: RemoteIpAddress: 0:0:0:0:0:0:0:1; SessionId: 727CB5F626A106EBEDF8C86823DA98BA; Granted Authorities: ROLE_ANONYMOUS
 >2015-08-04 09:48:05.859 DEBUG 15152 --- [nio-9999-exec-2] o.s.s.access.vote.AffirmativeBased       : Voter: org.springframework.security.web.access.expression.WebExpressionVoter@7f2b37fb, returned: -1
 >2015-08-04 09:48:05.861 DEBUG 15152 --- [nio-9999-exec-2] o.s.b.a.audit.listener.AuditListener     : AuditEvent [timestamp=Tue Aug 04 09:48:05 CEST 2015, principal=anonymousUser, type=AUTHORIZATION_FAILURE, data={type=org.springframework.security.access.AccessDeniedException, message=Accès refusé}]
 >2015-08-04 09:48:05.862 DEBUG 15152 --- [nio-9999-exec-2] o.s.s.w.a.ExceptionTranslationFilter     : Access is denied (user is anonymous); redirecting to authentication entry point

>org.springframework.security.access.AccessDeniedException: Accès refusé
>at org.springframework.security.access.vote.AffirmativeBased.decide(AffirmativeBased.java:83)
>at org.springframework.security.access.intercept.AbstractSecurityInterceptor.beforeInvocation(AbstractSecurityInterceptor.java:232)
>at org.springframework.security.web.access.intercept.FilterSecurityInterceptor.invoke(FilterSecurityInterceptor.java:123)
>at org.springframework.security.web.access.intercept.FilterSecurityInterceptor.doFilter(FilterSecurityInterceptor.java:90)
>at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:330)
>at org.springframework.security.web.access.ExceptionTranslationFilter.doFilter(ExceptionTranslationFilter.java:114)
>at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:330)
>at org.springframework.security.web.session.SessionManagementFilter.doFilter(SessionManagementFilter.java:122)
>at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:330)
>at org.springframework.security.web.authentication.AnonymousAuthenticationFilter.doFilter(AnonymousAuthenticationFilter.java:111)
>at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:330)
>at org.springframework.security.web.servletapi.SecurityContextHolderAwareRequestFilter.doFilter(SecurityContextHolderAwareRequestFilter.java:168)
>at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:330)
>at org.springframework.security.web.savedrequest.RequestCacheAwareFilter.doFilter(RequestCacheAwareFilter.java:48)
>at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:330)
>at org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter.doFilter(AbstractAuthenticationProcessingFilter.java:205)
>at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:330)
>at org.springframework.security.web.authentication.logout.LogoutFilter.doFilter(LogoutFilter.java:120)
>at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:330)
>at demo.SsoApplication$LoginConfigurer$1.doFilterInternal(SsoApplication.java:91)
>at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107)
>at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:330)
>at org.springframework.security.web.csrf.CsrfFilter.doFilterInternal(CsrfFilter.java:96)
>at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107)
>at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:330)
>at org.springframework.security.web.header.HeaderWriterFilter.doFilterInternal(HeaderWriterFilter.java:64)
>at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107)
>at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:330)
>at org.springframework.security.web.context.SecurityContextPersistenceFilter.doFilter(SecurityContextPersistenceFilter.java:91)
>at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:330)
>at org.springframework.security.web.context.request.async.WebAsyncManagerIntegrationFilter.doFilterInternal(WebAsyncManagerIntegrationFilter.java:53)
>at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107)
>at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:330)
>at org.springframework.security.web.FilterChainProxy.doFilterInternal(FilterChainProxy.java:213)
>at org.springframework.security.web.FilterChainProxy.doFilter(FilterChainProxy.java:176)
>at org.springframework.security.oauth2.client.filter.OAuth2ClientContextFilter.doFilter(OAuth2ClientContextFilter.java:60)
>at org.springframework.web.filter.HiddenHttpMethodFilter.doFilterInternal(HiddenHttpMethodFilter.java:77)
>at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107)
>at org.springframework.web.filter.CharacterEncodingFilter.doFilterInternal(CharacterEncodingFilter.java:85)
>at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107)
>at org.springframework.boot.actuate.autoconfigure.MetricsFilter.doFilterInternal(MetricsFilter.java:69)
>at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107)
>at org.apache.coyote.http11.AbstractHttp11Processor.process(AbstractHttp11Processor.java:1091)
>at org.apache.coyote.AbstractProtocol$AbstractConnectionHandler.process(AbstractProtocol.java:668)
>at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1521)
>at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.run(NioEndpoint.java:1478)
>at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142)
>at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617)
>at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61)
>at java.lang.Thread.run(Thread.java:745)

 >2015-08-04 09:48:05.864 DEBUG 15152 --- [nio-9999-exec-2] o.s.s.w.util.matcher.AndRequestMatcher   : Trying to match using Ant [pattern='/**', GET]
 >2015-08-04 09:48:05.864 DEBUG 15152 --- [nio-9999-exec-2] o.s.s.w.u.matcher.AntPathRequestMatcher  : Request '/dashboard/user' matched by universal pattern '/**'
 >2015-08-04 09:48:05.864 DEBUG 15152 --- [nio-9999-exec-2] o.s.s.w.util.matcher.AndRequestMatcher   : Trying to match using NegatedRequestMatcher [requestMatcher=Ant [pattern='/**/favicon.ico']]
 >2015-08-04 09:48:05.864 DEBUG 15152 --- [nio-9999-exec-2] o.s.s.w.u.matcher.AntPathRequestMatcher  : Checking match of request : '/dashboard/user'; against '/**/favicon.ico'
o.s.s.w.a.ExceptionTranslationFilter     : Calling Authentication entry point.
w.c.HttpSessionSecurityContextRepository : No SecurityContext was available from the HttpSession: org.apache.catalina.session.StandardSessionFacade@7067a19. A new one will be created.
 >2015-08-04 09:48:06.108 DEBUG 15152 --- [nio-9999-exec-9] o.s.security.web.FilterChainProxy        : /dashboard/login at position 3 of 13 in additional filter chain; firing Filter: 'HeaderWriterFilter'
 >2015-08-04 09:48:06.108 DEBUG 15152 --- [nio-9999-exec-9] o.s.security.web.FilterChainProxy        : /dashboard/login at position 5 of 13 in additional filter chain; firing Filter: ''
 >2015-08-04 09:48:06.108 DEBUG 15152 --- [nio-9999-exec-9] o.s.security.web.FilterChainProxy        : /dashboard/login at position 6 of 13 in additional filter chain; firing Filter: 'LogoutFilter'
 >2015-08-04 09:48:06.108 DEBUG 15152 --- [nio-9999-exec-9] o.s.s.w.u.matcher.AntPathRequestMatcher  : Request 'GET /dashboard/login' doesn't match 'POST /dashboard/logout
 >2015-08-04 09:48:06.109 DEBUG 15152 --- [nio-9999-exec-9] o.s.security.web.FilterChainProxy        : /dashboard/login at position 7 of 13 in additional filter chain; firing Filter: 'OAuth2ClientAuthenticationProcessingFilter'
 >2015-08-04 09:48:06.109 DEBUG 15152 --- [nio-9999-exec-9] o.s.s.w.u.matcher.AntPathRequestMatcher  : Checking match of request : '/dashboard/login'; against '/dashboard/login'
 >2015-08-04 09:48:06.109 DEBUG 15152 --- [nio-9999-exec-9] uth2ClientAuthenticationProcessingFilter : Request is to process authentication
 >2015-08-04 09:48:06.110 DEBUG 15152 --- [nio-9999-exec-9] w.c.HttpSessionSecurityContextRepository : SecurityContext is empty or contents are anonymous - context will not be stored in HttpSession.
 >2015-08-04 09:48:06.110 DEBUG 15152 --- [nio-9999-exec-9] s.s.w.c.SecurityContextPersistenceFilter : SecurityContextHolder now cleared, as request processing completed
 >2015-08-04 09:48:06.110 DEBUG 15152 --- [nio-9999-exec-9] o.s.s.web.DefaultRedirectStrategy        : Redirecting to 'http://localhost:8080/uaa/oauth/authorize?client_id=acme&redirect_uri=http://localhost:9999/dashboard/login&response_type=code&state=Q5u4sk'
 >2015-08-04 09:48:27.258 DEBUG 15152 --- [io-9999-exec-10] o.s.security.web.FilterChainProxy        : /dashboard/login at position 1 of 13 in additional filter chain; firing Filter: 'WebAsyncManagerIntegrationFilter'
 >2015-08-04 09:48:27.258 DEBUG 15152 --- [io-9999-exec-10] o.s.security.web.FilterChainProxy        : /dashboard/login at position 2 of 13 in additional filter chain; firing Filter: 'SecurityContextPersistenceFilter'
 >2015-08-04 09:48:27.258 DEBUG 15152 --- [io-9999-exec-10] w.c.HttpSessionSecurityContextRepository : HttpSession returned null object for SPRING_SECURITY_CONTEXT
 >2015-08-04 09:48:27.258 DEBUG 15152 --- [io-9999-exec-10] w.c.HttpSessionSecurityContextRepository : No SecurityContext was available from the HttpSession: org.apache.catalina.session.StandardSessionFacade@7067a19. A new one will be created.
 >2015-08-04 09:48:27.258 DEBUG 15152 --- [io-9999-exec-10] o.s.security.web.FilterChainProxy        : /dashboard/login at position 3 of 13 in additional filter chain; firing Filter: 'HeaderWriterFilter'
 >2015-08-04 09:48:27.258 DEBUG 15152 --- [io-9999-exec-10] o.s.s.w.header.writers.HstsHeaderWriter  : Not injecting HSTS header since it did not match the requestMatcher org.springframework.security.web.header.writers.HstsHeaderWriter$SecureRequestMatcher@13e431af
 >2015-08-04 09:48:27.258 DEBUG 15152 --- [io-9999-exec-10] o.s.security.web.FilterChainProxy        : /dashboard/login at position 4 of 13 in additional filter chain; firing Filter: 'CsrfFilter'
 >2015-08-04 09:48:27.258 DEBUG 15152 --- [io-9999-exec-10] o.s.security.web.FilterChainProxy        : /dashboard/login at position 5 of 13 in additional filter chain; firing Filter: ''
 >2015-08-04 09:48:27.258 DEBUG 15152 --- [io-9999-exec-10] o.s.security.web.FilterChainProxy        : /dashboard/login at position 6 of 13 in additional filter chain; firing Filter: 'LogoutFilter'
 >2015-08-04 09:48:27.258 DEBUG 15152 --- [io-9999-exec-10] o.s.s.w.u.matcher.AntPathRequestMatcher  : Request 'GET /dashboard/login' doesn't match 'POST /dashboard/logout
 >2015-08-04 09:48:27.258 DEBUG 15152 --- [io-9999-exec-10] o.s.security.web.FilterChainProxy        : /dashboard/login at position 7 of 13 in additional filter chain; firing Filter: 'OAuth2ClientAuthenticationProcessingFilter'
 >2015-08-04 09:48:27.258 DEBUG 15152 --- [io-9999-exec-10] o.s.s.w.u.matcher.AntPathRequestMatcher  : Checking match of request : '/dashboard/login'; against '/dashboard/login'
 >2015-08-04 09:48:27.258 DEBUG 15152 --- [io-9999-exec-10] uth2ClientAuthenticationProcessingFilter : Request is to process authentication
 >2015-08-04 09:48:27.260 DEBUG 15152 --- [io-9999-exec-10] w.c.HttpSessionSecurityContextRepository : SecurityContext is empty or contents are anonymous - context will not be stored in HttpSession.
 >2015-08-04 09:48:27.261 DEBUG 15152 --- [io-9999-exec-10] s.s.w.c.SecurityContextPersistenceFilter : SecurityContextHolder now cleared, as request processing completed
 >2015-08-04 09:48:27.261 DEBUG 15152 --- [io-9999-exec-10] o.s.s.web.DefaultRedirectStrategy        : Redirecting to 'http://localhost:8080/uaa/oauth/authorize?client_id=acme&redirect_uri=http://localhost:9999/dashboard/login&response_type=code&state=QT2drI'
 >2015-08-04 09:48:49.878 DEBUG 15152 --- [nio-9999-exec-7] o.s.security.web.FilterChainProxy        : /dashboard/login?code=oAbBeG&state=QT2drI at position 1 of 13 in additional filter chain; firing Filter: 'WebAsyncManagerIntegrationFilter'
 >2015-08-04 09:48:49.878 DEBUG 15152 --- [nio-9999-exec-7] o.s.security.web.FilterChainProxy        : /dashboard/login?code=oAbBeG&state=QT2drI at position 2 of 13 in additional filter chain; firing Filter: 'SecurityContextPersistenceFilter'
 >2015-08-04 09:48:49.878 DEBUG 15152 --- [nio-9999-exec-7] w.c.HttpSessionSecurityContextRepository : HttpSession returned null object for SPRING_SECURITY_CONTEXT
 >2015-08-04 09:48:49.878 DEBUG 15152 --- [nio-9999-exec-7] w.c.HttpSessionSecurityContextRepository : No SecurityContext was available from the HttpSession: org.apache.catalina.session.StandardSessionFacade@7067a19. A new one will be created.
 >2015-08-04 09:48:49.878 DEBUG 15152 --- [nio-9999-exec-7] o.s.security.web.FilterChainProxy        : /dashboard/login?code=oAbBeG&state=QT2drI at position 3 of 13 in additional filter chain; firing Filter: 'HeaderWriterFilter'
 >2015-08-04 09:48:49.878 DEBUG 15152 --- [nio-9999-exec-7] o.s.s.w.header.writers.HstsHeaderWriter  : Not injecting HSTS header since it did not match the requestMatcher org.springframework.security.web.header.writers.HstsHeaderWriter$SecureRequestMatcher@13e431af
 >2015-08-04 09:48:49.878 DEBUG 15152 --- [nio-9999-exec-7] o.s.security.web.FilterChainProxy        : /dashboard/login?code=oAbBeG&state=QT2drI at position 4 of 13 in additional filter chain; firing Filter: 'CsrfFilter'
 >2015-08-04 09:48:49.878 DEBUG 15152 --- [nio-9999-exec-7] o.s.security.web.FilterChainProxy        : /dashboard/login?code=oAbBeG&state=QT2drI at position 5 of 13 in additional filter chain; firing Filter: ''
 >2015-08-04 09:48:49.879 DEBUG 15152 --- [nio-9999-exec-7] o.s.security.web.FilterChainProxy        : /dashboard/login?code=oAbBeG&state=QT2drI at position 6 of 13 in additional filter chain; firing Filter: 'LogoutFilter'
 >2015-08-04 09:48:49.879 DEBUG 15152 --- [nio-9999-exec-7] o.s.s.w.u.matcher.AntPathRequestMatcher  : Request 'GET /dashboard/login' doesn't match 'POST /dashboard/logout
 >2015-08-04 09:48:49.879 DEBUG 15152 --- [nio-9999-exec-7] o.s.security.web.FilterChainProxy        : /dashboard/login?code=oAbBeG&state=QT2drI at position 7 of 13 in additional filter chain; firing Filter: 'OAuth2ClientAuthenticationProcessingFilter'
 >2015-08-04 09:48:49.879 DEBUG 15152 --- [nio-9999-exec-7] o.s.s.w.u.matcher.AntPathRequestMatcher  : Checking match of request : '/dashboard/login'; against '/dashboard/login'
 >2015-08-04 09:48:49.879 DEBUG 15152 --- [nio-9999-exec-7] uth2ClientAuthenticationProcessingFilter : Request is to process authentication
 >2015-08-04 09:48:49.880 DEBUG 15152 --- [nio-9999-exec-7] g.c.AuthorizationCodeAccessTokenProvider : Retrieving token from http://localhost:8080/uaa/oauth/token
 >2015-08-04 09:48:49.881 DEBUG 15152 --- [nio-9999-exec-7] g.c.AuthorizationCodeAccessTokenProvider : Encoding and sending form: {grant_type=[authorization_code], code=[oAbBeG], redirect_uri=[http://localhost:9999/dashboard/login]}
 >2015-08-04 09:48:49.906  INFO 15152 --- [nio-9999-exec-7] o.s.b.a.s.o.r.UserInfoTokenServices      : Getting user info from: http://localhost:8080/uaa/oauth/user
 >2015-08-04 09:48:49.927 DEBUG 15152 --- [nio-9999-exec-7] o.s.s.oauth2.client.OAuth2RestTemplate   : Created GET request for "http://localhost:8080/uaa/oauth/user"
 >2015-08-04 09:48:49.928 DEBUG 15152 --- [nio-9999-exec-7] o.s.s.oauth2.client.OAuth2RestTemplate   : Setting request Accept header to [application/json, application/*+json]
 >2015-08-04 09:48:49.952 DEBUG 15152 --- [nio-9999-exec-7] o.s.s.oauth2.client.OAuth2RestTemplate   : GET request for "http://localhost:8080/uaa/oauth/user" resulted in 200 (OK)
 >2015-08-04 09:48:49.953  INFO 15152 --- [nio-9999-exec-7] o.s.b.a.s.o.r.UserInfoTokenServices      : Could not fetch user details: class org.springframework.web.client.RestClientException, Could not extract response: no suitable HttpMessageConverter found for response type [interface java.util.Map] and content type [text/html;charset=UTF-8]
 >2015-08-04 09:48:49.953 DEBUG 15152 --- [nio-9999-exec-7] o.s.b.a.s.o.r.UserInfoTokenServices      : userinfo returned error: Could not fetch user details
 >2015-08-04 09:48:49.953 DEBUG 15152 --- [nio-9999-exec-7] uth2ClientAuthenticationProcessingFilter : Authentication request failed: org.springframework.security.authentication.BadCredentialsException: Could not obtain user details from token
 >2015-08-04 09:48:49.953 DEBUG 15152 --- [nio-9999-exec-7] uth2ClientAuthenticationProcessingFilter : Updated SecurityContextHolder to contain null Authentication
 >2015-08-04 09:48:49.953 DEBUG 15152 --- [nio-9999-exec-7] uth2ClientAuthenticationProcessingFilter : Delegating to authentication failure handler org.springframework.security.web.authentication.SimpleUrlAuthenticationFailureHandler@44cb6589
 >2015-08-04 09:48:49.953 DEBUG 15152 --- [nio-9999-exec-7] .a.SimpleUrlAuthenticationFailureHandler : No failure URL set, sending 401 Unauthorized error
 >2015-08-04 09:48:49.953 DEBUG 15152 --- [nio-9999-exec-7] w.c.HttpSessionSecurityContextRepository : SecurityContext is empty or contents are anonymous - context will not be stored in HttpSession.
 >2015-08-04 09:48:49.953 DEBUG 15152 --- [nio-9999-exec-7] s.s.w.c.SecurityContextPersistenceFilter : SecurityContextHolder now cleared, as request processing completed
 >2015-08-04 09:48:49.954 DEBUG 15152 --- [nio-9999-exec-7] o.s.b.a.e.mvc.EndpointHandlerMapping     : Looking up handler method for path /error
 >2015-08-04 09:48:49.954 DEBUG 15152 --- [nio-9999-exec-7] o.s.b.a.e.mvc.EndpointHandlerMapping     : Did not find handler method for [/error]

Any hint what i've done wrong?

Thanks in advance

Improve this question

1 Answer 1

Reset to default
1

The logs show there's a problem with your user info endpoint. The GET request for "http://localhost:8080/uaa/oauth/user" is successful but returns HTML (should be JSON).

Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.