登录用友显示java已被阻止_解决Spring Security 用户帐号已被锁定问题
1、问题描述
主要就是org.springframework.security.authentication.LockedException: 用户帐号已被锁定这个异常,完整异常如下:
[2020-05-09 16:07:00 下午]:DEBUG org.springframework.security.authentication.dao.AbstractUserDetailsAuthenticationProvider$DefaultPreAuthenticationChecks.check(AbstractUserDetailsAuthenticationProvider.java:353)User account is locked
[2020-05-09 16:07:00 下午]:DEBUG org.springframework.web.servlet.FrameworkServlet.logResult(FrameworkServlet.java:1101)Failed to complete request: org.springframework.security.authentication.LockedException: 用户帐号已被锁定
[2020-05-09 16:07:00 下午]:DEBUG org.springframework.security.web.access.ExceptionTranslationFilter.handleSpringSecurityException(ExceptionTranslationFilter.java:170)Authentication exception occurred; redirecting to authentication entry point
org.springframework.security.authentication.LockedException: 用户帐号已被锁定
at org.springframework.security.authentication.dao.AbstractUserDetailsAuthenticationProvider$DefaultPreAuthenticationChecks.check(AbstractUserDetailsAuthenticationProvider.java:355)
at org.springframework.security.authentication.dao.AbstractUserDetailsAuthenticationProvider.authenticate(AbstractUserDetailsAuthenticationProvider.java:165)
at org.springframework.security.authentication.ProviderManager.authenticate(ProviderManager.java:175)
at cn.edu.njust.mango.security.SecurityUtils.login(SecurityUtils.java:82)
at cn.edu.njust.mango.controller.SysLoginController.login(SysLoginController.java:104)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:498)
at org.springframework.web.method.support.InvocableHandlerMethod.doInvoke(InvocableHandlerMethod.java:190)
at org.springframework.web.method.support.InvocableHandlerMethod.invokeForRequest(InvocableHandlerMethod.java:138)
at org.springframework.web.servlet.mvc.method.annotation.ServletInvocableHandlerMethod.invokeAndHandle(ServletInvocableHandlerMethod.java:105)
at org.springframework.web.servlet.mvc.method.annotation.RequestMappingHandlerAdapter.invokeHandlerMethod(RequestMappingHandlerAdapter.java:879)
at org.springframework.web.servlet.mvc.method.annotation.RequestMappingHandlerAdapter.handleInternal(RequestMappingHandlerAdapter.java:793)
at org.springframework.web.servlet.mvc.method.AbstractHandlerMethodAdapter.handle(AbstractHandlerMethodAdapter.java:87)
at org.springframework.web.servlet.DispatcherServlet.doDispatch(DispatcherServlet.java:1040)
at org.springframework.web.servlet.DispatcherServlet.doService(DispatcherServlet.java:943)
at org.springframework.web.servlet.FrameworkServlet.processRequest(FrameworkServlet.java:1006)
at org.springframework.web.servlet.FrameworkServlet.doPost(FrameworkServlet.java:909)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:660)
at org.springframework.web.servlet.FrameworkServlet.service(FrameworkServlet.java:883)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:741)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:231)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
at org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:53)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
at com.alibaba.druid.support.http.WebStatFilter.doFilter(WebStatFilter.java:123)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:320)
at org.springframework.security.web.access.intercept.FilterSecurityInterceptor.invoke(FilterSecurityInterceptor.java:126)
at org.springframework.security.web.access.intercept.FilterSecurityInterceptor.doFilter(FilterSecurityInterceptor.java:90)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334)
at org.springframework.security.web.access.ExceptionTranslationFilter.doFilter(ExceptionTranslationFilter.java:118)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334)
at org.springframework.security.web.session.SessionManagementFilter.doFilter(SessionManagementFilter.java:137)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334)
at org.springframework.security.web.authentication.AnonymousAuthenticationFilter.doFilter(AnonymousAuthenticationFilter.java:111)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334)
at org.springframework.security.web.servletapi.SecurityContextHolderAwareRequestFilter.doFilter(SecurityContextHolderAwareRequestFilter.java:158)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334)
at org.springframework.security.web.savedrequest.RequestCacheAwareFilter.doFilter(RequestCacheAwareFilter.java:63)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334)
at cn.edu.njust.mango.security.JwtAuthenticationFilter.doFilterInternal(JwtAuthenticationFilter.java:27)
at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:119)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334)
at org.springframework.security.web.authentication.logout.LogoutFilter.doFilter(LogoutFilter.java:116)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334)
at org.springframework.web.filter.CorsFilter.doFilterInternal(CorsFilter.java:92)
at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:119)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334)
at org.springframework.security.web.header.HeaderWriterFilter.doHeadersAfter(HeaderWriterFilter.java:92)
at org.springframework.security.web.header.HeaderWriterFilter.doFilterInternal(HeaderWriterFilter.java:77)
at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:119)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334)
at org.springframework.security.web.context.SecurityContextPersistenceFilter.doFilter(SecurityContextPersistenceFilter.java:105)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334)
at org.springframework.security.web.context.request.async.WebAsyncManagerIntegrationFilter.doFilterInternal(WebAsyncManagerIntegrationFilter.java:56)
at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:119)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334)
at org.springframework.security.web.FilterChainProxy.doFilterInternal(FilterChainProxy.java:215)
at org.springframework.security.web.FilterChainProxy.doFilter(FilterChainProxy.java:178)
at org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:358)
at org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:271)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
at org.springframework.web.filter.RequestContextFilter.doFilterInternal(RequestContextFilter.java:100)
at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:119)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
at org.springframework.web.filter.FormContentFilter.doFilterInternal(FormContentFilter.java:93)
at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:119)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
at org.springframework.web.filter.CharacterEncodingFilter.doFilterInternal(CharacterEncodingFilter.java:201)
at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:119)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:202)
at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:96)
at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:541)
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:139)
at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:92)
at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:74)
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:343)
at org.apache.coyote.http11.Http11Processor.service(Http11Processor.java:373)
at org.apache.coyote.AbstractProcessorLight.process(AbstractProcessorLight.java:65)
at org.apache.coyote.AbstractProtocol$ConnectionHandler.process(AbstractProtocol.java:868)
at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1594)
at org.apache.tomcat.util.net.SocketProcessorBase.run(SocketProcessorBase.java:49)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624)
at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61)
at java.lang.Thread.run(Thread.java:748)
测试结果直接403
2、问题分析
明明用户名和密码正确,而且没有设置状态锁定,怎么被锁定了呢?这是由于我们在重写UserDetails接口时,有个默认实现的方法public boolean isAccountNonLocked(),默认返回的是false,翻译成人话就是:是否不上锁,否,即上锁。异常代码如下:
package cn.edu.njust.mango.security;
import com.fasterxml.jackson.annotation.JsonIgnore;
import lombok.Data;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.core.userdetails.UserDetails;
import java.util.Collection;
/**
* @author Chen
* @version 1.0
* @date 2020/5/8 7:42
* @description:
*/
@Data
public class JwtUserDetails implements UserDetails {
private String username;
private String password;
private String salt;
private Collection extends GrantedAuthority> authorities;
public JwtUserDetails(String username, String password, String salt, Collection extends GrantedAuthority> authorities) {
this.username = username;
this.password = password;
this.salt = salt;
this.authorities = authorities;
}
@Override
public boolean isAccountNonExpired() {
return false;
}
@Override
public boolean isAccountNonLocked() {
return false;
}
@Override
public boolean isCredentialsNonExpired() {
return false;
}
@Override
public boolean isEnabled() {
return false;
}
}
3、问题解决
知道原因就很好解决了。直接将返回值变成true就行了。修改后的代码如下:
package cn.edu.njust.mango.security;
import com.fasterxml.jackson.annotation.JsonIgnore;
import lombok.Data;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.core.userdetails.UserDetails;
import java.util.Collection;
/**
* @author Chen
* @version 1.0
* @date 2020/5/8 7:42
* @description:
*/
@Data
public class JwtUserDetails implements UserDetails {
private String username;
private String password;
private String salt;
private Collection extends GrantedAuthority> authorities;
public JwtUserDetails(String username, String password, String salt, Collection extends GrantedAuthority> authorities) {
this.username = username;
this.password = password;
this.salt = salt;
this.authorities = authorities;
}
// 在实体类向前台返回数据时用来忽略不想传递给前台的属性或接口。
@JsonIgnore
@Override
public boolean isAccountNonExpired() {
return true;
}
@JsonIgnore
@Override
public boolean isAccountNonLocked() {
return true;
}
@JsonIgnore
@Override
public boolean isCredentialsNonExpired() {
return true;
}
@JsonIgnore
@Override
public boolean isEnabled() {
return true;
}
}
重启服务器再次访问。
返回200,访问成功!
4、总结
书上的代码直接运行绝大部分是对的,但是总有一些软件的更新使得作者无能为力。之前的API是对的,但是之后就废弃了或修改了是常有的事。所以我们需要跟踪源代码。这只是一个小小的问题,如果没有前辈的无私奉献,很难想象我们自己一天能学到多少内容。
到此这篇关于解决Spring Security 用户帐号已被锁定 问题的文章就介绍到这了,更多相关Spring Security 用户帐号已被锁定内容请搜索脚本之家以前的文章或继续浏览下面的相关文章希望大家以后多多支持脚本之家!
登录用友显示java已被阻止_解决Spring Security 用户帐号已被锁定问题相关推荐
- Spring Security 用户帐号已被锁定 问题
Spring Security 用户帐号已被锁定 问题 1.问题描述 2.问题分析 3.问题解决 4.总结 1.问题描述 主要就是org.springframework.security.authen ...
- java调用微信加密_用spring搭建微信公众号开发者模式下服务器处理用户消息的加密传输构架(java)...
要搭建加密传输的微信公众号消息传输,首先要在开发这平台下载一下微信加密的相关jar包,并做一些准备.准备的步骤如下: 1.打开开发者文档,找到消息加减密--->接入指引,如下图所示: 2.在页面 ...
- 微信小程序激活账号时,提示“此帐号已激活,请使用帐号密码直接登录”
最近准备研究下微信小程序,先去申请个小程序账号.于是乎,在通过邮件中的链接激活账号时,遇到了这个问题. 解决方法 你没看错,就是字面的意思,去登录页,点击使用账号登录,千万不要扫码登录. 用之前注册的 ...
- android玩游戏怎么换绑,QQ炫舞手游该帐号已在安卓平台使用 请切换至安卓平台登录该账号或更换大区...
相信不少的QQ炫舞手游玩家们在运行游戏的时候都遇到了该帐号已在安卓平台使用的解决办法吧,毕竟因为这样或者那样的原因的确会导致玩家们遇到这种状况,所以下面就来为各位简单讲解一下当你们遇到了请切换至安卓平 ...
- mysql 同一帐号多次登录_freeradius2.1.3 防止用户帐号重复登录
freeradius2.1.3 防止用户帐号重复登录 一.修改 etc/raddb/sites-enabled 目录中的default 及inner-tunnel 这两个文件中的 # Session ...
- 微信小程序:小程序内用户帐号登录规范调整和优化建议
昨天晚上大概九点多,公众平台安全助手突然发来一条推送 <小程序内用户帐号登录规范调整通知> 粗略的看一眼推送,还以为自己的小程序被发警告信,惊吓出一身冷汗,迅速打开推送文章,细度一番才安下 ...
- java应用被阻止_怎样解决运行java提示应用程序已安全设置被阻止
Win7系统运行java时出现提示应用程序已安全设置被阻止,这样就导致运行java失败,那么怎样解决运行java提示应用程序已安全设置被阻止呢?下面跟着学习啦小编来一起了解下吧. 解决运行java提示 ...
- ie java被阻止_解决IE屏蔽Java Applet问题的方法
最近很多客户经常投诉使用灵狐财务软件时,不能够显示基础资料等相关信息.如下图1所示,由于灵狐软件的基础资料等信息显示是利用Java虚拟机程序来实现,一般通过在IE中设置ActiveX控件启用选项即可解 ...
- java帳戶登錄_java.sql.SQLException: ORA-28000: 帐户已被锁定
java.sql.SQLException: ORA-28000: 帐户已被锁定 然后按照以前的办法找到了解锁的方法,想到可能是某个同事登录失败次数过多.因为oracle 默认的策略是oracle11 ...
最新文章
- java:方法覆盖与方法重载
- python3 报错 Resource temporarily unavailable
- 自动化监控--zabbix安装和配置详解
- Visual Studio的导入和导出设置
- AtCoder AGC031D A Sequence of Permutations (群论、置换快速幂)
- |NOIOJ|动态规划|3532:最大上升子序列和
- python是面向对象的语言_*Python面向对象总结
- 首批唯一!阿里云视频直播服务获信通院首批唯一认证
- 第十一届蓝桥杯A组省赛填空试题 C: 蛇形填数(Java)
- JQuery如何与数据库交互
- theano学习——内置数据类型
- Android ViewDragHelper的简单分析(一)
- C++--第25课 - 异常处理 - 上
- Oracle使用技巧及PL/SQL Developer配置
- 【报告分享】 2020-2021年数字内容产业趋势报告-企鹅智库 (附下载)
- 【伪大数据】对QQ空间指定好友2017年说说数据的分析
- 计算机网络词汇解释(一)——网络协议体系
- SIMCom芯片关于GPS定位信息的的解析(AT+CGNSINF)
- xampp linux 设置密码,Linux下安装xampp
- derek程序员英文名_访谈-Derek Powazek谈社区设计