java - Spring Boot 为不安全的端点抛出 NotificationBroadcasterSupport::sendNotification NullPointerException
问题描述
我有一个基于 Spring Boot 的后端(从 JHipster 进行了大量修改)。每当对不安全的路径发出任何请求时,我都会看到以下错误。寻找可能导致它的原因以及如何减轻错误的想法。谢谢!
我几乎使用 jhipster SecurityConfigurator 并稍作修改。请参阅下面的代码。
@Configuration
@EnableWebSecurity
@EnableGlobalMethodSecurity(prePostEnabled = true, securedEnabled = true)
@Import(SecurityProblemSupport::class)
class SecurityConfiguration(private val userDetailsService: UserDetailsService,
private val authenticationManagerBuilder: AuthenticationManagerBuilder,
private val tokenProvider: TokenProvider,
private val jHipsterProperties: JHipsterProperties,
private val corsFilter: CorsFilter,
private val problemSupport: SecurityProblemSupport) : WebSecurityConfigurerAdapter() {
private val log = LoggerFactory.getLogger(SecurityConfiguration::class.java)
@PostConstruct
fun init() {
try {
authenticationManagerBuilder
.userDetailsService(userDetailsService)
.passwordEncoder(passwordEncoder())
} catch (e: Exception) {
throw BeanInitializationException("Security configuration failed", e)
}
}
@Bean
@Override
@Throws(Exception::class)
override fun authenticationManagerBean(): AuthenticationManager {
return super.authenticationManagerBean()
}
@Bean
fun passwordEncoder(): PasswordEncoder {
return BCryptPasswordEncoder()
}
@Bean
fun grantedAuthorityDefaults(): GrantedAuthorityDefaults {
return GrantedAuthorityDefaults("") // Remove the ROLE_ prefix
}
@Throws(Exception::class)
override fun configure(web: WebSecurity) {
web.ignoring()
.antMatchers(HttpMethod.OPTIONS, "/**")
.antMatchers("/app/**/*.{js,html}")
.antMatchers("/i18n/**")
.antMatchers("/content/**")
.antMatchers("/test/**")
}
@Throws(Exception::class)
override fun configure(http: HttpSecurity) {
http
.csrf()
.disable()
.addFilterBefore(corsFilter, UsernamePasswordAuthenticationFilter::class.java)
.exceptionHandling()
.authenticationEntryPoint(problemSupport)
.accessDeniedHandler(problemSupport)
.and()
.headers()
.frameOptions()
.disable()
.and()
.sessionManagement()
.sessionCreationPolicy(SessionCreationPolicy.STATELESS)
.and()
.authorizeRequests()
.antMatchers("/api/register").permitAll()
.antMatchers("/api/activate").permitAll()
.antMatchers("/api/authenticate").permitAll()
.antMatchers("/api/account/reset-password/init").permitAll()
.antMatchers("/api/account/reset-password/finish").permitAll()
.antMatchers("/api/counties").permitAll()
.antMatchers("/api/**").authenticated()
.antMatchers("/websocket/**").permitAll()
.antMatchers("/webhooks/stripe").permitAll()
.antMatchers("/admin").hasRole("ADMIN")
.and()
.apply(securityConfigurerAdapter())
}
private fun securityConfigurerAdapter(): JWTConfigurer {
return JWTConfigurer(tokenProvider)
}
}
每当我的角度站点到达/api/authenticate
端点时,我都会收到以下错误:
2019-06-07 17:46:37.014 DEBUG 22072 --- [nio-8080-exec-2] javax.management : NotificationBroadcasterSupport::sendNotification
java.lang.NullPointerException: null
at io.micrometer.core.instrument.binder.tomcat.TomcatMetrics.lambda$registerMetricsEventually$aa4da135$1(TomcatMetrics.java:260)
at java.management/javax.management.NotificationBroadcasterSupport.sendNotification(NotificationBroadcasterSupport.java:238)
at java.management/javax.management.MBeanServerDelegate.sendNotification(MBeanServerDelegate.java:211)
at java.management/com.sun.jmx.interceptor.DefaultMBeanServerInterceptor.sendNotification(DefaultMBeanServerInterceptor.java:1473)
at java.management/com.sun.jmx.interceptor.DefaultMBeanServerInterceptor.registerWithRepository(DefaultMBeanServerInterceptor.java:1867)
at java.management/com.sun.jmx.interceptor.DefaultMBeanServerInterceptor.registerDynamicMBean(DefaultMBeanServerInterceptor.java:955)
at java.management/com.sun.jmx.interceptor.DefaultMBeanServerInterceptor.registerObject(DefaultMBeanServerInterceptor.java:890)
at java.management/com.sun.jmx.interceptor.DefaultMBeanServerInterceptor.registerMBean(DefaultMBeanServerInterceptor.java:320)
at java.management/com.sun.jmx.mbeanserver.JmxMBeanServer.registerMBean(JmxMBeanServer.java:522)
at org.apache.tomcat.util.modeler.Registry.registerComponent(Registry.java:639)
at org.apache.coyote.AbstractProtocol$ConnectionHandler.register(AbstractProtocol.java:1061)
at org.apache.coyote.AbstractProtocol$ConnectionHandler.process(AbstractProtocol.java:825)
at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1747)
at org.apache.tomcat.util.net.SocketProcessorBase.run(SocketProcessorBase.java:49)
at java.base/java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1128)
at java.base/java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:628)
at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61)
at java.base/java.lang.Thread.run(Thread.java:835)
注意:它实际上不会影响应用程序的功能,但我不想让我的应用程序在每次有人尝试点击登录页面时都抛出错误......
解决方案
推荐阅读
- json - reactjs 不在 Object.assign 中运行函数
- javascript - 遍历数组 - 将 promise 返回的值添加到数组中的每个对象
- java - 检查光线是否与虚拟框相交
- java - 删除 java aspectj 输出中的冗余方法
- python - 安装 tensorflow 时出现问题(此平台上不支持轮子)
- java - 最新稳定版本的黄瓜
- javascript - 如何在另一个文件中调用 JS 函数?
- javascript - 如何将具有泛型类型的方法发送到 RXJS bindCallback?
- python - 如何使用 numpy 更改二维数组元素
- python - 为特定行和列绘制 DataFrame Python