zoukankan      html  css  js  c++  java
  • spring security 4.2后出现CouldnotverifytheprovidedCSRFtokenbecauseyoursessionwasnotfound

    升级到spring security 4.2后,登录不了,出现下面的错误

    WARN DefaultHandlerExceptionResolver:361 - Failed to bind request element: org.springframework.web.method.annotation.MethodArgumentTypeMismatchException: Failed to convert value of type 'java.lang.String' to required type 'int'; nested exception is java.lang.NumberFormatException: For input string: "CouldnotverifytheprovidedCSRFtokenbecauseyoursessionwasnotfound."

    修改spring security配置文件后,解决,如下:

    <http use-expressions="true" auto-config="true">
    <form-login login-page="/login.do" always-use-default-target="false" />
    <logout invalidate-session="true" logout-url="/logout.do" logout-success-url="/login.do"/>
    <!-- 免登录验证,当session还在,防问是会自己登录 -->
    <remember-me/>
    <custom-filter before="FILTER_SECURITY_INTERCEPTOR" ref="myFilter"/>
    <access-denied-handler ref="accessDeniedHandler"/>
    <!-- 4.0以后默认打开csrf,不允许post,设置为不打开 -->
    <csrf disabled="true"/>
    <!-- 4.0以后X-Frame-Options的默认大多也是DENY,这种情况下,浏览器拒绝当前页面加载任何Frame页面 -->
    <headers>
    <frame-options policy="SAMEORIGIN"/>
    </headers>
    </http>

  • 相关阅读:
    链表栈
    双链表
    Linux sar命令查看系统资源使用情况
    Linux 命令(w/who/whoami/who am i)
    shell脚本引用expect
    expect 免交互配置互信
    expect 远程传输文件
    expect 远程执行命令-02
    expect 远程执行命令-01
    expect 脚本自定义变量和位置变量
  • 原文地址:https://www.cnblogs.com/zmc/p/8287079.html
Copyright © 2011-2022 走看看