统一登录无法跳转到授权页面

Blade 未结

关注举报

 1  802

niexh 剑童 2023-04-07 14:51

一、该问题的重现步骤是什么？

浏览器输入如下地址，会重定向到http://ip:9100/oauth/login

2. 输入正确的租户和用户名密码后，无法跳转到授权页面，还一直停留在这个登录页面

二、你期待的结果是什么？实际看到的又是什么？

希望能正常跳转到授权页面，实际上一直停留在登录页面

三、你正在使用的是什么产品，什么版本？在什么操作系统上？

bladex 3.1.0 linux cent os 7.9

四、请提供详细的错误堆栈信息，这很重要。

============== Sql Start ==============

Execute SQL : select client_id, CONCAT('{noop}', client_secret) as client_secret, resource_ids , scope, authorized_grant_types, web_server_redirect_uri, authorities, access_token_validity , refresh_token_validity, additional_information, autoapprove from blade_client where client_id = 'saber'

Execute Time: 0.108ms

============== Sql End ==============

2023-04-07 15:18:00.536 DEBUG 1 --- [ XNIO-1 task-3] o.s.web.servlet.DispatcherServlet : Failed to complete request: org.springframework.security.authentication.InsufficientAuthenticationException: User must be authenticated with Spring Security before authorization can be completed.

2023-04-07 15:18:00.537 DEBUG 1 --- [ XNIO-1 task-3] io.undertow.session : Setting max inactive interval for null to 1800

2023-04-07 15:18:00.537 DEBUG 1 --- [ XNIO-1 task-3] io.undertow.session : Created session with id 0wCFLv7jf5ltYrDNv_Uh8VZHTHdBrf1LykAamzx1 for exchange HttpServerExchange{ GET /oauth/authorize}

2023-04-07 15:18:00.537 DEBUG 1 --- [ XNIO-1 task-3] o.s.s.w.s.HttpSessionRequestCache : Saved request http://192.168.1.45:9100/oauth/authorize?response_type=code&tenant_id=000000&client_id=saber to session

2023-04-07 15:18:00.537 DEBUG 1 --- [ XNIO-1 task-3] s.w.a.DelegatingAuthenticationEntryPoint : Trying to match using Or [RequestHeaderRequestMatcher [expectedHeaderName=X-Requested-With, expectedHeaderValue=XMLHttpRequest], And [Not [MediaTypeRequestMatcher [contentNegotiationStrategy=org.springframework.web.accept.ContentNegotiationManager@8dd9d157, matchingMediaTypes=[text/html], useEquals=false, ignoredMediaTypes=[]]], MediaTypeRequestMatcher [contentNegotiationStrategy=org.springframework.web.accept.ContentNegotiationManager@8dd9d157, matchingMediaTypes=[application/atom+xml, application/x-www-form-urlencoded, application/json, application/octet-stream, application/xml, multipart/form-data, text/xml], useEquals=false, ignoredMediaTypes=[*/*]]], MediaTypeRequestMatcher [contentNegotiationStrategy=org.springframework.web.accept.ContentNegotiationManager@8dd9d157, matchingMediaTypes=[*/*], useEquals=true, ignoredMediaTypes=[]]]

2023-04-07 15:18:00.537 DEBUG 1 --- [ XNIO-1 task-3] s.w.a.DelegatingAuthenticationEntryPoint : Trying to match using And [Not [RequestHeaderRequestMatcher [expectedHeaderName=X-Requested-With, expectedHeaderValue=XMLHttpRequest]], MediaTypeRequestMatcher [contentNegotiationStrategy=org.springframework.web.accept.ContentNegotiationManager@8dd9d157, matchingMediaTypes=[application/xhtml+xml, image/*, text/html, text/plain], useEquals=false, ignoredMediaTypes=[*/*]]]

2023-04-07 15:18:00.537 DEBUG 1 --- [ XNIO-1 task-3] s.w.a.DelegatingAuthenticationEntryPoint : Match found! Executing org.springframework.security.web.authentication.LoginUrlAuthenticationEntryPoint@aea3aed1

2023-04-07 15:18:00.537 DEBUG 1 --- [ XNIO-1 task-3] o.s.s.web.DefaultRedirectStrategy : Redirecting to http://192.168.1.45:9100/oauth/login

2023-04-07 15:18:00.537 DEBUG 1 --- [ XNIO-1 task-3] w.c.HttpSessionSecurityContextRepository : Did not store empty SecurityContext

2023-04-07 15:18:00.537 DEBUG 1 --- [ XNIO-1 task-3] s.s.w.c.SecurityContextPersistenceFilter : Cleared SecurityContextHolder to complete request

五、若有更多详细信息，请在下面提供。

本地启动的服务使用统一登录是可以正常跳转到授权页面的，在服务器上部署的就不行，不知道是不是部署脚本提供的nginx配置哪里有问题

目前发现停止一台auth服务，可以正常进入授权页面，但是auth服务集群，有两台就不行

nginx的负载均衡模式用ip_hash试试

作者追问:2023-04-07 17:24

这个知道，但是这样设置就偏离了微服务的本意，本质上就不是负载均衡调用了