Spring Boot OAuth2 Custom Login Form Use Case
The Oauth2 JWT project from Getting Started Spring Security and Angular JS Series has a custom login. Adding the same code for the custom login page to the oauth2-vanilla project fails because the authorization code is always empty in the login response. I also tried to port the Sparklr2 code ( https://github.com/spring-projects/spring-security-oauth/tree/master/samples/oauth2 to Spring Boot, but the authorization code is still empty. If this is not an error, there is any examples for this use case?
My issue was reported on this GitHub url:
Login Form: https://github.com/dsyer/spring-security-angular/blob/master/oauth2/authserver/src/main /resources/templates/login.ftl
Authorize Form URL:https://github.com/dsyer/spring-security-angular/blob/master/oauth2/authserver/src/main/resources/templates/authorize.ftl
HTTP TRACE FOLLOWS
ROOT CONTROL
302 GET http: // localhost: 8080 / user Request headers: Host: localhost: 8080 User-Agent: Mozilla / 5.0 (Windows NT 6.1; WOW64; rv: 38.0) Gecko / 20100101 Firefox / 38.0 Accept: application / json, text / plain, / Accept-Language: en-US, en; q = 0.5 Accept-Encoding: gzip, deflate X-Requested-With: XMLHttpRequest X-XSRF-TOKEN: e73f9d6b-9d82-4f09-a327-520c45add5a0 Referer: http: // localhost: 8080 / Cookie: JSESSIONID = 0A8DAD06F875CEF XSRF-SIGN = e73f9d6b-9d82-4f09-a327-520c45add5a0 Connection: save life Response headers: Cache-Control: no-cache, no-store, max-age = 0, must-revalidate Content-length: 0 Date: Tue, May 19, 2015 15:59:58 GMT Expiry Date: 0 Location: http: // localhost: 8080 / login Pragma: no-cache Server: Apache-Coyote / 1.1 X-Frame parameters: DENY X-XSS-Protection: 1; Mode = Block x-content-type-options: nosniff
200 GET http: // localhost: 8080 / home.html Request headers: Host: localhost: 8080 User-Agent: Mozilla / 5.0 (Windows NT 6.1; WOW64; rv: 38.0) Gecko / 20100101 Firefox / 38.0 Accept: application / json , text / plain, / Accept-Language: en-US, en; q = 0.5 Accept-Encoding: gzip, deflate X-Requested-With: XMLHttpRequest X-XSRF-TOKEN: e73f9d6b-9d82-4f09-a327-520c45add5a0 Referer: http: // localhost: 8080 / Cookie: JSESSIONID = 0A8D06F75D8DAEFE88441D80BA8C0C53; XSRF-SIGN = e73f9d6b-9d82-4f09-a327-520c45add5a0 Connection: Save Life Response Headers: Cache-Control: no-cache, no-store, max-age = 0, must-revalidate Content-Length: 219 Content-Type: text / html; charset = UTF-8 Date: Tue May 19, 2015 15:59:58 GMT Expiry: 0 Last edited: Wed Mar 25 2015 01:50:42 GMT Pragma: no-cache Server: Apache-Coyote / 1.1 X-Application-Context: bootstrap Parameters X-Frame: DENY X-XSS-Protection: 1; Mode = Block x-content-type-options: nosniff
302 GET http: // localhost: 8080 / resource / Request headers: Host: localhost: 8080 User-Agent: Mozilla / 5.0 (Windows NT 6.1; WOW64; rv: 38.0) Gecko / 20100101 Firefox / 38.0 Accept: application / json, text / plain, / Accept-Language: en-US, en; q = 0.5 Accept-Encoding: gzip, deflate X-Requested-With: XMLHttpRequest X-XSRF-TOKEN: e73f9d6b-9d82-4f09-a327-520c45add5a0 Referer: http: // localhost: 8080 / Cookie: JSESSIONID = 0A8DAD06F875CEF XSRF-SIGN = e73f9d6b-9d82-4f09-a327-520c45add5a0 Connection: save life Response headers: Cache-Control: no-cache, no-store, max-age = 0, must-revalidate Content-length: 0 Date: Tue, May 19, 2015 15:59:58 GMT Expiry Date: 0 Location: http: // localhost: 8080 / login Pragma: no-cache Server: Apache-Coyote / 1.1 X-Frame parameters: DENY X-XSS-Protection: 1; Mode = Block x-content-type-options: nosniff
302 GET http: // localhost: 8080 / login Request headers: Host: localhost: 8080 User-Agent: Mozilla / 5.0 (Windows NT 6.1; WOW64; rv: 38.0) Gecko / 20100101 Firefox / 38.0 Accept: application / json, text / plain, / Accept-Language: en-US, en; q = 0.5 Accept-Encoding: gzip, deflate Referer: http: // localhost: 8080 / X-XSRF-TOKEN: e73f9d6b-9d82-4f09-a327-520c45add5a0 X-Requested-With: XMLHttpRequest Cookie: JSESSIONID = 0D8DAD06F875 XSRF-SIGN = e73f9d6b-9d82-4f09-a327-520c45add5a0 Connection: save life Response headers: Cache-Control: no-cache, no-store, max-age = 0, must-revalidate Content-length: 0 Date: Tue, May 19, 2015 15:59:58 GMT Valid: 0 Location:http: // localhost: 9999 / uaa / oauth / authorize? client_id = acme & redirect_uri = http% 3A% 2F% 2Flocalhost% 3A8080% 2Flogin & response_type = code & state = ZORNNY Pragma: no-cache Server: Apache-Coyote / 1.1 X-Frame parameters: DENY X-XSS-Protection: 1; Mode = Block x-content-type-options: nosniff
302 GET http: // localhost: 8080 / login Request headers: Host: localhost: 8080 User-Agent: Mozilla / 5.0 (Windows NT 6.1; WOW64; rv: 38.0) Gecko / 20100101 Firefox / 38.0 Accept: application / json, text / plain, / Accept-Language: en-US, en; q = 0.5 Accept-Encoding: gzip, deflate Referer: http: // localhost: 8080 / X-XSRF-TOKEN: e73f9d6b-9d82-4f09-a327-520c45add5a0 X-Requested-With: XMLHttpRequest Cookie: JSESSIONID = 0D8DAD06F875 XSRF-SIGN = e73f9d6b-9d82-4f09-a327-520c45add5a0 Connection: save life Response headers: Cache-Control: no-cache, no-store, max-age = 0, must-revalidate Content-length: 0 Date: Tue, May 19, 2015 15:59:58 GMT Valid: 0 Location:http: // localhost: 9999 / uaa / oauth / authorize? client_id = acme & redirect_uri = http% 3A% 2F% 2Flocalhost% 3A8080% 2Flogin & response_type = code & state = knNsMF Pragma: no-cache Server: Apache-Coyote / 1.1 X-Frame parameters: DENY X-XSS-Protection: 1; Mode = Block x-content-type-options: nosniff
ENTRANCE
302 GET http: // localhost: 8080 / login
Request headers: Host: localhost: 8080 User-Agent: Mozilla / 5.0 (Windows NT 6.1; WOW64; rv: 38.0) Gecko / 20100101 Firefox / 38.0 Accept: text / html, application / xhtml + xml, application / xml; q = 0.9, /; q = 0.8 Accept-Language: en-US, en; q = 0.5 Accept-Encoding: gzip, deflate Referer: http: // localhost: 8080 / Cookie: JSESSIONID = 681144B950A553779BA1722D4166DB78; XSRF-SIGN = c46af943-e520-411b-b96d-e3e45f3196fb Connection: keep-alive
Response headers: Cache-Control: no-cache, no-store, max-age = 0, must-revalidate Content-length: 0 Date: Tue May 19, 2015 15:06:32 GMT Expiration: 0 Location: http: // localhost: 9999 / uaa / oauth / authorize? client_id = acme & redirect_uri = http% 3A% 2F% 2Flocalhost% 3A8080% 2Flogin & response_type = code & state = lpTB5d Pragma: no-cache Server: Apache-Coyote / 1.1 X-Frame parameters: DENY -XSS-Protection: 1; Mode = Block x-content-type-options: nosniff
Request headers: Host: localhost: 9999 User-Agent: Mozilla / 5.0 (Windows NT 6.1; WOW64; rv: 38.0) Gecko / 20100101 Firefox / 38.0 Accept: text / html, application / xhtml + xml, application / xml; q = 0.9, /; q = 0.8 Accept-Language: en-US, en; q = 0.5 Accept-Encoding: gzip, deflate Referer: http: // localhost: 8080 / Cookie: JSESSIONID = 681144B950A553779BA1722D4166DB78; XSRF-SIGN = c46af943-e520-411b-b96d-e3e45f3196fb Connection: keep-alive
Response headers: Cache-Control: no-cache, no-store, max-age = 0, must-revalidate Content-length: 0 Date: Tue May 19, 2015 15:06:32 GMT Expiration: 0 Location: http: // localhost: 9999 / uaa / login Pragma: no-cache Server: Apache-Coyote / 1.1 Set-Cookie: JSESSIONID = FD174AF5EF78ECF13F0284101578C6F8; Path = / UAA /; HttpOnly X-Frame parameters: DENY X-XSS-Protection: 1; Mode = Block x-content-type-options: nosniff
200 GET http: // localhost: 9999 / uaa / login
Request headers: Host: localhost: 9999 User-Agent: Mozilla / 5.0 (Windows NT 6.1; WOW64; rv: 38.0) Gecko / 20100101 Firefox / 38.0 Accept: text / html, application / xhtml + xml, application / xml; q = 0.9, /; q = 0.8 Accept-Language: en-US, en; q = 0.5 Accept-Encoding: gzip, deflate Referer: http: // localhost: 8080 / Cookie: JSESSIONID = FD174AF5EF78ECF13F0284101578C6F8; JSESSIONID = 681144B950A553779BA1722D4166DB78; XSRF-SIGN = c46af943-e520-411b-b96d-e3e45f3196fb Connection: keep-alive
Response headers: Cache-Control: no-cache, no-store, max-age = 0, must-revalidate Content-Language: en-US Content-Type: text / html; charset = UTF-8 Date: Tue 19 May 2015 15:06:32 GMT Expiry: 0 Pragma: no-cache Server: Apache-Coyote / 1.1 Transfer-encoding: chunked X-Application-Context: application: 9999 Parameters X -Frame: DENY X-XSS-Protection: 1; Mode = Block x-content-type-options: nosniff
200 GET wro.css
200 GET wro.js
LOGIN CONFIRMATION
302 POST http: // localhost: 9999 / uaa / login
Request headers: Host: localhost: 9999 User-Agent: Mozilla / 5.0 (Windows NT 6.1; WOW64; rv: 38.0) Gecko / 20100101 Firefox / 38.0 Accept: text / html, application / xhtml + xml, application / xml; q = 0.9, /; q = 0.8 Accept-Language: en-US, en; q = 0.5 Accept-Encoding: gzip, deflate Referer: http: // localhost: 9999 / uaa / login Cookie: JSESSIONID = FD174AF5EF78ECF13F0284101578C6F8; JSESSIONID = 681144B950A553779BA1722D4166DB78; XSRF-SIGN = c46af943-e520-411b-b96d-e3e45f3196fb Connection: keep-alive
Response headers: Cache-Control: no-cache, no-store, max-age = 0, must-revalidate Content-length: 0 Date: Tue May 19, 2015 15:24:02 GMT Expiration: 0 Location: http: // localhost: 9999 / uaa / oauth / authorize? client_id = acme & redirect_uri = http% 3A% 2F% 2Flocalhost% 3A8080% 2Flogin & response_type = code & state = lpTB5d Pragma: no-cache Server: Apache-Coyote / 1.1 Set-Cookie5 JCDSCESSION1DE ; Path = / UAA /; HttpOnly X-Frame parameters: DENY X-XSS-Protection: 1; Mode = Block x-content-type-options: nosniff
Form data parameter: Username: "######" password: "######" _csrf: "ba0f23da-8059-4b7b-89df-d9998d8de4fb"
Request headers: Host: localhost: 9999 User-Agent: Mozilla / 5.0 (Windows NT 6.1; WOW64; rv: 38.0) Gecko / 20100101 Firefox / 38.0 Accept: text / html, application / xhtml + xml, application / xml; q = 0.9, /; q = 0.8 Accept-Language: en-US, en; q = 0.5 Accept-Encoding: gzip, deflate Referer: http: // localhost: 9999 / uaa / login Cookie: JSESSIONID = 12D1C160B5CDDEAD0F9C96E9FB9E53A9; JSESSIONID = 681144B950A553779BA1722D4166DB78; XSRF-SIGN = c46af943-e520-411b-b96d-e3e45f3196fb Connection: keep-alive
Response headers: Cache-Control: no-cache, no-store Content-Language: en-US Content-Type: text / html; charset = UTF-8 Date: Tue 19 May 2015 15:24:02 GMT Expires: Thu 01 Jan 1970 00:00:00 GMT Pragma: no-cache Server: Apache-Coyote / 1.1 Transfer-encoding: chunked X- Application-Context: application: 9999 X-Frame parameters: DENY X-XSS-Protection: 1; Mode = Block x-content-type-options: nosniff
304 GET wro.css
304 GET wro.js
APPROVE
302 POST http: // localhost: 9999 / uaa / oauth / authorize
Request headers: Host: localhost: 9999 User-Agent: Mozilla / 5.0 (Windows NT 6.1; WOW64; rv: 38.0) Gecko / 20100101 Firefox / 38.0 Accept: text / html, application / xhtml + xml, application / xml; q = 0.9, /; q = 0.8 Accept-Language: en-US, en; q = 0.5 Accept-Encoding: gzip, deflate Referer: http: // localhost: 9999 / uaa / oauth / authorize? client_id = acme & redirect_uri = http% 3A% 2F% 2Flocalhost% 3A8080% 2Flogin & response_type = code & state = lpTB5dF Cookie9 : JDCESS1CD9CD9CD9DE9DB5d Cookie9: JDESS1CD9 ; JSESSIONID = 681144B950A553779BA1722D4166DB78; XSRF-SIGN = c46af943-e520-411b-b96d-e3e45f3196fb Connection: keep-alive
Response headers: Cache-Control: no-cache, no-store Content-Language: en-US Content-Length: 0 Date: Tue, 19 May 2015 15:31:51 GMT Expires: Thu, 01 Jan 1970 00: 00:00 GMT Location: http: // localhost: 8080 / login? Error = access_denied & error_description = User% 20denied% 20access & state = lpTB5d Pragma: no-cache Server: Apache-Coyote / 1.1 X-Application-Context: Application: 9999 X Parameters -Frame: DENY X-XSS-Protection: 1; Mode = Block x-content-type-options: nosniff
Form data parameter: user_oauth_approval: "true" _csrf: "32e46c90-0aac-4120-8d31-f31a7e6fe0ec"
Request headers: Host: localhost: 8080 User-Agent: Mozilla / 5.0 (Windows NT 6.1; WOW64; rv: 38.0) Gecko / 20100101 Firefox / 38.0 Accept: text / html, application / xhtml + xml, application / xml; q = 0.9, /; q = 0.8 Accept-Language: en-US, en; q = 0.5 Accept-Encoding: gzip, deflate Referer: http: // localhost: 9999 / uaa / oauth / authorize? client_id = acme & redirect_uri = http% 3A% 2F% 2Flocalhost% 3A8080% 2Flogin & response_type = code & state = lpTB5d = 683D Cookie: JSESS44D778178 ; XSRF-SIGN = c46af943-e520-411b-b96d-e3e45f3196fb Connection: keep-alive
Response headers: Cache-Control: no-cache, no-store, max-age = 0, must-revalidate Content-Language: en-US Content-length: 341 Content-Type: text / html; charset = ISO-8859-1 Date: Tue May 19, 2015 15:31:52 GMT Expiry: 0 Pragma: no-cache Server: Apache-Coyote / 1.1 X-Frame parameters: DENY X-XSS-Protection: 1; Mode = Block x-content-type-options: nosniff
LOGIN LOGS
2015-06-09 02: 32: 02.787 DEBUG 5312 --- [nio-9999-exec-5] osswumatcher.AntPathRequestMatcher: check for matching request: '/ authorize'; against '/ login'
2015-06-09 02: 32: 02.788 DEBUG 5312 --- [nio-9999-exec-5] waUsernamePasswordAuthenticationFilter: request handle authentication
2015-06-09 02: 32: 02.788 DEBUG 5312 --- [ nio-9999-exec-5] ossauthentication.ProviderManager: Attempt to authenticate using org.springframework.security.authentication.dao.DaoAuthenticationProvider
2015-06-09 02: 32: 02.814 INFO 5312 --- [nio-9999-exec-5 ] osbaaudit.listener.AuditListener: AuditEvent [timestamp = Tue Jun 09
02:32:02 EDT 2015, main = phil, type = AUTHENTICATION_SUCCESS, data = {details = org.springframework.security.web.authentication.WebAuthenticationDetails @ fffed504: RemoteIpAddress: 127.0.0.1; SessionId: 4E22482896B7A9D7E427101CBC1187D2}]
2015-06-09 02: 32: 02.814 DEBUG 5312 --- [nio-9999-exec-5] s.CompositeSessionAuthenticationStrategy: Delegation in org.springframework.security.w eb. 684222cb
2015-06-09 02: 32: 02.815 INFO 5312 --- [nio-9999-exec-5] osbaaudit.listener.AuditListener: AuditEvent [timestamp = Tue Jun 09
02:32:02 EDT 2015, main = phil, type = AUTHENTICATION_SUCCESS, data = {details = org.sprin gframework.security.web.authentication.WebAuthenticationDetails @ fffed504: RemoteIpAddress: 127.0.0.1; SessionId: 4E22482896B7A9D7E427101CBC1187D2}]
2015-06-09 02: 32: 02.815 DEBUG 5312 --- [nio-9999-exec-5] s.CompositeSessionAuthenticationStrategy: Delegate to o rg.springframework.security.web.csrf.CsrfAuthenticationStrategy @ 51738bda
2015-06-09 02 : 32: 02.816 DEBUG 5312 --- [nio-9999-exec-5] waUsernamePasswordAuthenticationFilter: Authentication success. Updating SecurityContextHolder to add: org.springframework.security.authentication.UsernamePassw ordAuthenticationToken @ bbd7aa2f : Principal: org.springframework.security.core.userdetails.User@347d1b: Username: phil; Password protected]; Enabled: true; AccountNonExpired: true; credentialsNonExpired: true; AccountNonLocked: true; Permissions granted: ROLE_USER; Credentials: [PROTECT]; Authenticated: true; Details: org.sprin gframework.security.web.authentication.WebAuthenticationDetails @ fffed504: RemoteIpAddress: 127.0.0.1; SessionId: 4E22482896B7A9D7E427101CBC1187D2; Granted permissions: ROLE_USER
2015-06-09 02: 32: 02.817 INFO 5312 --- [nio-9999-exec-5] osbaaudit.listener.AuditListener: AuditEvent [timestamp = Tue Jun 09 02:32:02 EDT 2015, main = phil, type = AUTHENTICATION_SUCCESS, data = {details = org.sprin gframework.security.web.authentication.WebAuthenticationDetails @fffed504: RemoteIpAddress: 127.0.0.1; SessionId: 4E22482896B7A9D7E427101CBC1187D2}]
2015-06-09 02: 32: 02.817 DEBUG 5312 --- [nio-9999-exec-5] RequestAwareAuthenticationSuccessHandler: redirect to DefaultSavedRequest Urize: http: // localahost: 9999? client_id = acme & redirect_uri = http% 3A% 2F% 2Flocalhost% 3A8080% 2Flogin & response_type = code & state = 4WtAHc
2015-06-09 02: 32: 02.818 DEBUG 5312 --- [nio-9999-exec-5] ossweb.DefaultRedirectStrategy: redirect http: // localhost: 9999 / uaa / oauth / authorize? client_id = acme & redirect_uri = http% 3A% 2F% 2Flocalhost% 3A8080% 2Flogin & response_type = code & state = 4WtAHc '
2015-06-09 02: 32: 02.818 DEBUG 5312 --- [ nio-9999-exec-5] wcHttpSessionSecurityContextRepository:SecurityContext is stored in HttpSession: 'org.springframework.security.core.context.SecurityContextImpl@bb d7aa2f: Username: org.springframework.security.authentication.UsernamePasswordAuthenticationToken @ bbd7aa2f: Principal: org.springframework.security.core.butserde34 username Password protected]; Enabled: true; AccountNonExpired: true; credentialsNonExpired: true; AccountNonLocked: true; Permissions granted: ROLE_USER; Credentials: [PROTECT]; Authenticated: true; Details: org.sprin gframework.security.web.authentication.WebAuthenticationDetails @ fffed504: RemoteIpAddress: 127.0.0.1; SessionId: 4E22482896B7A9D7E427101CBC1187D2; Permissions granted: ROLE_USER '
APPROVED LOGISTICS
2015-06-09 03: 01: 44.194 DEBUG 9104 --- [nio-9999-exec-9] osececurity.web.FilterChainProxy: / oauth / authorize at position 2 of 12 in the additional filter chain; firing Filter: "SecurityContextPersistenceFilter"2015-06-09 03: 01: 44.194 DEBUG 9104 --- [nio-9999-exec-9] wcHttpSessionSecurityContextRepository: Received a valid SecurityContext from SPRING_SECURITY_CONTEXT: ' org.ssepring.framework.work.work. @bb d50027: Authentication: org.springframew ork.security.authentication.UsernamePasswordAuthenticationToken @ bbd50027: Principal: org.springframework.security.core.userdetails.User@347d1b: Username: phil; Password protected]; Enabled: true; AccountNonExpired: true; credentialsNonExpired: true; AccountNonLocked: true; Permissions granted: ROLE_USER; Credentials: [PROTECT]; Authenticated: true; Details: org.sprin gframework.security.web.authentication.WebAuthenticationDetails @ fffc7f0c: RemoteIpAddress: 127.0.0.1; SessionId: 96B6C1DF8C52F23738AB7732C2A7AD70; Permissions granted: ROLE_USER '
2015-06-09 03: 01: 44.194 DEBUG 9104 --- [nio-9999-exec-9] osececurity.web.FilterChainProxy: / oauth / authorize at position 3 of 12 in the optional filter chain; firing Filter: 'HeaderWriterFilter'
2015-06-09 03: 01: 44.195 DEBUG 9104 --- [nio-9999-exec-9] osswheader.writers.HstsHeaderWriter: Do not insert HSTS header as it does not match requestMatcher org.springframework.security.web. header.writers.HstsHeaderWriter$SecureRequestMatcher@627aa865 2015-06-09 03: 01: 44.195 DEBUG 9104 --- [nio-9999-exec-9] ossecurity.web.FilterChainProxy: / oauth / authorize at position 4 of 12 in optional a chain of filters; firing Filter: 'CsrfFilter' 2015-06-09 03: 01: 44.195 DEBUG 9104 --- [nio-9999-exec-9] ossecurity.web.FilterChainProxy: / oauth / authorize at position 5 of 12 in the additional filter chain; firing Filter: "LogoutFilter"
2015-06-09 03: 01: 44.195 DEBUG 9104 --- [nio-9999-exec-9] osswumatcher.AntPathRequestMatcher: check if request: '/ OAuth / authorized'; against '/ logout'
2015-06-09 03: 01: 44.195 DEBUG 9104 --- [nio-9999-exec-9] ossecurity.web.FilterChainProxy: / oauth / authorize at position 6 of 12 in the additional filter chain; firing Filter: 'UsernamePasswordAuthenticationFilter'
2015-06-09 03: 01: 44.195 DEBUG 9104 --- [nio-9999-exec-9] osswumatcher.AntPathRequestMatcher: check if request: '/ OAuth / authorized'; against '/ login'
2015-06-09 03: 01: 44.195 DEBUG 9104 --- [nio-9999-exec-9] ossecurity.web.FilterChainProxy: / oauth / authorize at position 7 of 12 in the additional filter chain; firing Filter: "RequestCacheAwareFilter "
2015-06-09 03: 01: 44.196 DEBUG 9104 --- [nio-9999-exec-9] osececurity.web.FilterChainProxy: / oauth / authorize at position 8 of 12 in the additional filter chain; firing Filter: "SecurityContextHolderAwareRequestFilter"
2015-06-09 03: 01: 44.196 DEBUG 9104 --- [nio-9999-exec-9] osececurity.web.FilterChainProxy: / oauth / authorize at position 9 of 12 in the additional filter chain; firing Filter: "Anonymous Authorization Filter"
2015-06-09 03: 01: 44.196 DEBUG 9104 --- [nio-9999-exec-9] osswaAnonymousAuthenticationFilter: SecurityContextHolder is not populated with anonymous token because it already contains: "org.springframework. security.authentication.UsernamePasswordAuthenticationToken @ bbd50027: Principal: org.springframework.security.core.userdetails.User@347d1b: Username: phil; Password protected]; Enabled: true; AccountNonExpired: true; credentialsNonExpired: true; AccountNonLocked: true; Permissions granted: ROLE_USER; Credentials: [PROTECT]; Authenticated: true; Details: org.sprin gframework.security.web.authentication.WebAuthenticationDetails @ fffc7f0c: RemoteIpAddress: 127.0.0.1; SessionId: 96B6C1DF8C52F23738AB7732C2A7AD70; Permissions granted: ROLE_USER '
2015-06-09 03: 01: 44.196 DEBUG 9104 --- [nio-9999-exec-9] ossecurity.web.FilterChainProxy: / oauth / authorize at position 10 of 12 in the additional filter chain; firing Filter: "SessionManagementFilter"
2015-06-09 03: 01: 44.196 DEBUG 9104 --- [nio-9999-exec-9] osececurity.web.FilterChainProxy: / oauth / authorize at position 11 of 12 in the additional filter chain; firing Filter: 'ExceptionTranslationFilter'
2015-06-09 03: 01: 44.196 DEBUG 9104 --- [nio-9999-exec-9] ossecurity.web.FilterChainProxy: / oauth / authorize at position 12 of 12 in the additional filter chain; firing Filter: 'FilterSecurityInterceptor'
2015-06-09 03: 01: 44.196 DEBUG 9104 --- [nio-9999-exec-9] osswumatcher.AntPathRequestMatcher: checking if request: '/ OAuth / authorized'; against '/ admin / '
2015-06-09 03: 01: 44.196 DEBUG 9104 --- [nio-9999-exec-9] osswaiFilterSecurityInterceptor: Protected object: FilterInvocation: URL: / oauth / authorize; Attributes:[certified]
2015-06-09 03: 01: 44.196 DEBUG 9104 --- [nio-9999-exec-9] osswaiFilterSecurityInterceptor: previously authenticated: org.springframew ork.security.authentication.UsernamePasswordAuthenticationToken @ bbd50027: Principalwork: org.springframe security. core.userdetails.User@347d1b : Username: phil; Password protected]; Enabled: true; AccountNonExpired: true; credentialsNonExpired: true; AccountNonLocked: true; Permissions granted: ROLE_USER; Credentials: [PROTECT]; Authenticated: true; Details: org.sprin gframework.security.web.authentication.WebAuthenticationDetails @ fffc7f0c: RemoteIpAddress: 127.0.0.1; SessionId: 96B6C1DF8C52F23738AB7732C2A7AD70; Authorization granted: ROLE_USER
2015-06-09 03: 01: 44.197 DEBUG 9104 --- [nio-9999-exec-9] ossaccess.vote.AffirmativeBased: Voter: org.sp ringframework.security.web.access.expression.WebExpressionVoter @ 2b6b3792, returned : 1
2015-06-09 03: 01: 44.197 DEBUG 9104 --- [nio-9999-exec-9] oss ... i.FilterSecurityInterceptor: authorization completed successfully
2015-06-09 03: 01: 44.197 DEBUG 9104 - - [nio-9999-exec-9] osswaiFilterSecurityInterceptor: RunAsManager did not change Authentication object
2015-06-09 03: 01: 44.197 DEBUG 9104 --- [nio-9999-exec-9] ossecurity.web.FilterChainProxy: / oauth / authorize have reached the end of an additional filter chain; continuation of the original circuit
2015-06-09 03: 01: 44.198 DEBUG 9104 --- [nio-9999-exec-9] .sopeFrameworkEndpointHandlerMapping: find the path handler method / oauth / authorize
2015-06-09 03: 01: 44.199 DEBUG 9104 --- [nio-9999-exec-9] .sopeFrameworkEndpointHandlerMapping: return handler method [public org.springframework.web.servlet.View org.springframework.security.oauth2. provider.endpoint.AuthorizationEndpoint.approveOrDeny (java.util.Map, java.util.Map, org.springframework.web.bind.support.SessionStatus, java.security.Principal)]
2015-06-09 03: 01: 44.219 DEBUG 9104 --- [nio-9999-exec-9] osswaExceptionTranslationFilter: rung processed normally
2015-06-09 03: 01: 44.219 DEBUG 9104 --- [nio-9999-exec-9] sswcSecurityContextPersistenceFilter: SecurityContextHolder is now cleared, upon completion of request processing
2015-06-09 03: 01: 44.252 DEBUG 9104 --- [ io-9999-exec-10] osswumatcher.AntPathRequestMatcher: check if request: '/ OAuth / authorized'; against '/ css / '
2015-06-09 03: 01: 44.252 DEBUG 9104 --- [io-9999-exec-10] osswumatcher.AntPathRequestMatcher: check if request: '/ OAuth / authorized'; against '/ js / '
2015-06-09 03: 01: 44.252 DEBUG 9104 --- [io-9999-exec-10] osswumatcher.AntPathRequestMatcher: check if request: '/ OAuth / authorized'; against '/ images / '
2015-06-09 03: 01: 44.252 DEBUG 9104 --- [io-9999-exec-10] osswumatcher.AntPathRequestMatcher: check if request: '/ OAuth / authorized'; against "/**/favicon.ico"
2015-06-09 03: 01: 44.252 DEBUG 9104 --- [io-9999-exec-10] osswumatcher.AntPathRequestMatcher: check if request: '/ OAuth / is authorized'; versus '/ error'
2015-06-09 03: 01: 44.253 DEBUG 9104 --- [io-9999-exec-10] ossweb.util.matcher.OrRequestMatcher: trying to match using Ant [pattern = '/ metrics']
2015-06-09 03: 01: 44.253 DEBUG 9104 --- [io-9999-exec-10] osswumatcher.AntPathRequestMatcher: check if request: '/ OAuth / authorized'; versus "/ indicators"
2015-06-09 03: 01: 44.253 DEBUG 9104 --- [io-9999-exec-10] ossweb.util.matcher.OrRequestMatcher: trying to match using Ant [pattern = '/ login']
2015-06-09 03: 01: 44.253 DEBUG 9104 --- [io-9999-exec-10] osswumatcher.AntPathRequestMatcher: check if request: '/ OAuth / authorized'; versus' / login '
2015-06-09 03: 01: 44.253 DEBUG 9104 --- [io-9999-exec-10] ossweb.util.matcher.OrRequestMatcher: trying to match using Ant [pattern =' / oauth / authorize ']
2015-06-09 03: 01: 44.253 DEBUG 9104 --- [io-9999-exec-10] osswumatcher.AntPathRequestMatcher: check if request:' / OAuth / authorized '; versus '/ oauth / authorize'
2015-06-09 03: 01: 44.253 DEBUG 9104 --- [io-9999-exec-10] ossweb.util.matcher.OrRequestMatcher: matches | 2015-06-09 03: 01: 44.253 DEBUG 9104 --- [io-9999-exec-10] ossecurity.web.FilterChainProxy: / oauth / authorize at position 1 of 12 in the additional filter chain; firing Filter: 'WebAsyncManagerIntegrationFilter'
2015-06-09 03: 01: 44.253 DEBUG 9104 --- [io-9999-exec-10] ossecurity.web.FilterChainProxy: / oauth / authorize at position 2 of 12 in the additional filter chain; firing Filter: "SecurityContextPersistenceFilter"
2015-06-09 03: 01: 44.253 DEBUG 9104 --- [io-9999-exec-10] wcHttpSessionSecurityContextRepository: HttpSession does not currently exist
2015-06-09 03: 01: 44.253 DEBUG 9104 --- [io-9999-exec-10] wcHttpSessionSecurityContextRepository: No SecurityContext available from HttpSession: null. A new one will be created.
2015-06-09 03: 01: 44.254 DEBUG 9104 --- [io-9999-exec-10] ossecurity.web.FilterChainProxy: / oauth / authorize at position 3 of 12 in the additional filter chain; firing Filter: 'HeaderWriterFilter'
2015-06-09 03: 01: 44.254 DEBUG 9104 --- [io-9999-exec-10] osswheader.writers.HstsHeaderWriter: Do not insert HSTS header because it does not match request.springframework .security.web. header.writers.HstsHeaderWriter$SecureRequestMatcher@627aa865
2015-06-09 03: 01: 44.254 DEBUG 9104 --- [io-9999-exec-10] ossecurity.web.FilterChainProxy: / oauth / authorize at position 4 of 12 in the additional filter chain; firing Filter: 'CsrfFilter'
2015-06-09 03: 01: 44.254 DEBUG 9104 --- [io-9999-exec-10] ossecurity.web.csrf.CsrfFilter: Invalid CSRF token found for http: // localhost: 9999 / uaa / oauth / authorize
2015-06-09 03: 01: 44.255 DEBUG 9104 --- [io-9999-exec-10] wcHttpSessionSecurityContextRepository: SecurityContext is empty or the content is anonymous - the context will not be saved in the HttpSession.
2015-06-09 03: 01: 44.255 DEBUG 9104 --- [io-9999-exec-10] sswcSecurityContextPersistenceFilter: SecurityContextHolder is now cleared upon completion of request processing
source to share