에러 내용. 

Caused by: java.lang.IllegalArgumentException: Can not set rememberMeCookieName and custom rememberMeServices.
	at org.springframework.security.config.annotation.web.configurers.RememberMeConfigurer.validateInput(RememberMeConfigurer.java:306)
	at org.springframework.security.config.annotation.web.configurers.RememberMeConfigurer.init(RememberMeConfigurer.java:270)
	at org.springframework.security.config.annotation.web.configurers.RememberMeConfigurer.init(RememberMeConfigurer.java:80)
	at org.springframework.security.config.annotation.AbstractConfiguredSecurityBuilder.init(AbstractConfiguredSecurityBuilder.java:370)
	at org.springframework.security.config.annotation.AbstractConfiguredSecurityBuilder.doBuild(AbstractConfiguredSecurityBuilder.java:324)
	at org.springframework.security.config.annotation.AbstractSecurityBuilder.build(AbstractSecurityBuilder.java:41)
	at org.springframework.security.config.annotation.web.builders.WebSecurity.performBuild(WebSecurity.java:292)
	at org.springframework.security.config.annotation.web.builders.WebSecurity.performBuild(WebSecurity.java:79)
	at org.springframework.security.config.annotation.AbstractConfiguredSecurityBuilder.doBuild(AbstractConfiguredSecurityBuilder.java:333)
	at org.springframework.security.config.annotation.AbstractSecurityBuilder.build(AbstractSecurityBuilder.java:41)
	at org.springframework.security.config.annotation.web.configuration.WebSecurityConfiguration.springSecurityFilterChain(WebSecurityConfiguration.java:104)
	at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
	at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source)
	at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
	at java.lang.reflect.Method.invoke(Unknown Source)
	at org.springframework.beans.factory.support.SimpleInstantiationStrategy.instantiate(SimpleInstantiationStrategy.java:154)
	... 27 common frames omitted

설정 내용. 

private void configureRememberMe(HttpSecurity http) throws Exception {
        http.rememberMe()
               .key(REMEMBERME_KEY)
               .rememberMeParameter(REMEMBERME_PARAMETER)
               .rememberMeCookieName(REMEMBERME_COOKIENAME)
               .rememberMeServices(persistentTokenBasedRememberMeServices())
               .tokenValiditySeconds(60 * 60 * 24 * 7)
               .alwaysRemember(true)
               .tokenRepository(rememberMeTokenRepository)
               .userDetailsService(rememberMeUserService);
	}


    @Bean
   	public PersistentTokenBasedRememberMeServices persistentTokenBasedRememberMeServices() {
   	    PersistentTokenBasedRememberMeServices persistenceTokenBasedservice = new PersistentTokenBasedRememberMeServices(REMEMBERME_KEY, userDetailsService(), rememberMeTokenRepository);
   	    persistenceTokenBasedservice.setParameter(REMEMBERME_PARAMETER);
   	    persistenceTokenBasedservice.setAlwaysRemember(false);
   	    persistenceTokenBasedservice.setCookieName(REMEMBERME_COOKIENAME);
   	    persistenceTokenBasedservice.setTokenValiditySeconds(60 * 60 * 24 * 7);		// 토큰 유효시간 1주일 설정
   	    return persistenceTokenBasedservice;
    }

원인 

.rememberMeCookieName(REMEMBERME_COOKIENAME)
.rememberMeServices(persistentTokenBasedRememberMeServices())

설정시 rememberMeServices로 할지 스프링 시큐리트를 가지고 할지를 선택해서 하나만 설정을 해야지 에러가 나지 않는다. 
둘다 하면 에러가 위와 같은 에러 발생.

해결방안. 

rememberMeServices 또는 스프링 설정 둘중 하나를 선택해서 설정하면 해결완료. 

 

private void configureRememberMe(HttpSecurity http) throws Exception {
        http.rememberMe()
               .key(REMEMBERME_KEY)
               .rememberMeParameter(REMEMBERME_PARAMETER)
               .rememberMeCookieName(REMEMBERME_COOKIENAME)
               .alwaysRemember(true)
               .tokenValiditySeconds(60 * 60 * 24 * 7)
               .tokenRepository(tokenRepository())
               .userDetailsService(userDetailsService());
	}

에러 내용

muliple 프로젝트로 gradle를 사용하고 있는데 갑자기 "does not exist" 에러가 발생했다.

> Task :varsql-core:compileQuerydsl FAILED
F:\02.test\test\test-core\src\main\java\com\test\core\common\util\DataExportUtil.java:27: error: package com.varsql.core.common.constants does not exist
import com.varsql.core.common.constants.BlankConstants;


.....


FAILURE: Build failed with an exception.

* What went wrong:
Execution failed for task ':test-projecet:compileQuerydsl'.
> Compilation failed; see the compiler error output for details.

 

해결방안

기본 설정. 

	def querydslSrcDir = 'src/main/generated'

	querydsl {
	    library = "com.querydsl:querydsl-apt"
	    jpa = true
	    querydslSourcesDir = querydslSrcDir
	}
	
	compileQuerydsl{ // querydsl 컴파일시 사용하는 애노테이션프로세서('com.querydsl.apt.jpa.JPAAnnotationProcessor')의 경로를 querydsl 이 지정한 경로를 이용한다는 선언
	    options.annotationProcessorPath = configurations.querydsl
	}

	configurations {
	    querydsl.extendsFrom compileClasspath
	}

	sourceSets {
	    main {
	        java {
	            srcDirs = ['src/main/java', querydslSrcDir]
	        }
	    }
	}

해결 설정. 

def querydslSrcDir = 'src/main/generated'

	querydsl {
	    library = "com.querydsl:querydsl-apt"
	    jpa = true
	    querydslSourcesDir = querydslSrcDir
	}
	
	compileQuerydsl{ // querydsl 컴파일시 사용하는 애노테이션프로세서('com.querydsl.apt.jpa.JPAAnnotationProcessor')의 경로를 querydsl 이 지정한 경로를 이용한다는 선언
	    options.annotationProcessorPath = configurations.querydsl
	}

	configurations {
	    querydsl.extendsFrom compileClasspath
	}

	sourceSets {
	    main {
	        java {
	            srcDirs = ['src/main/java', querydslSrcDir]
	        }
	    }
	}
	// 이 부분이 추가. 
	tasks.withType(JavaCompile) {
	    options.annotationProcessorGeneratedSourcesDirectory = file(querydslSrcDir)
	}

 

에러 내용. 

elipse Markers에서 나오는 에러 내용. 

Description	Resource	Path	Location	Type
CHKJ3000E: WAR Validation Failed: org.eclipse.jst.j2ee.commonarchivecore.internal.exception.DeploymentDescriptorLoadException: WEB-INF/web.xml	dynamic-web		Unknown	Validation Message

 해결방법 : 

Project >Properties >Validation: Web (xxx) Validator 의 체크 박스 해제

이클립스 설정 방법

프로젝트를 새로 셋팅후 아래와 같은 에러가 발생하고 있었다. 

이유를 찾아보니  아래 에러 로그는 debug level에서 찍히는 로그였다. 

2020-04-14 14:50:01 DEBUG o.s.s.w.u.m.AntPathRequestMatcher - Checking match of request : '/admin/'; against '/admin/**'
2020-04-14 14:50:01 DEBUG o.s.s.w.a.i.FilterSecurityInterceptor - Secure object: FilterInvocation: URL: /admin/; Attributes: [hasAuthority('ADMIN')]
2020-04-14 14:50:01 DEBUG o.s.s.w.a.i.FilterSecurityInterceptor - Previously Authenticated: org.springframework.security.authentication.AnonymousAuthenticationToken@5d31995d: Principal: anonymousUser; Credentials: [PROTECTED]; Authenticated: true; Details: org.springframework.security.web.authentication.WebAuthenticationDetails@0: RemoteIpAddress: 0:0:0:0:0:0:0:1; SessionId: B834B1F371A507D73771517A56970EFC; Granted Authorities: ROLE_ANONYMOUS
2020-04-14 14:50:01 DEBUG o.s.s.access.vote.AffirmativeBased - Voter: org.springframework.security.web.access.expression.WebExpressionVoter@5d314383, returned: -1
2020-04-14 14:50:01 DEBUG o.s.s.w.a.ExceptionTranslationFilter - Access is denied (user is anonymous); redirecting to authentication entry point
org.springframework.security.access.AccessDeniedException: Access is denied
	at org.springframework.security.access.vote.AffirmativeBased.decide(AffirmativeBased.java:84)
	at org.springframework.security.access.intercept.AbstractSecurityInterceptor.beforeInvocation(AbstractSecurityInterceptor.java:233)
	at org.springframework.security.web.access.intercept.FilterSecurityInterceptor.invoke(FilterSecurityInterceptor.java:123)
	at org.springframework.security.web.access.intercept.FilterSecurityInterceptor.doFilter(FilterSecurityInterceptor.java:90)
	at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334)
	at org.springframework.security.web.access.ExceptionTranslationFilter.doFilter(ExceptionTranslationFilter.java:118)
	at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334)
	at org.springframework.security.web.session.SessionManagementFilter.doFilter(SessionManagementFilter.java:137)
	at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334)
	at org.springframework.security.web.authentication.AnonymousAuthenticationFilter.doFilter(AnonymousAuthenticationFilter.java:111)
	at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334)
	at org.springframework.security.web.servletapi.SecurityContextHolderAwareRequestFilter.doFilter(SecurityContextHolderAwareRequestFilter.java:158)
	at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334)
	at org.springframework.security.web.savedrequest.RequestCacheAwareFilter.doFilter(RequestCacheAwareFilter.java:63)
	at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334)
	at org.springframework.security.web.authentication.www.BasicAuthenticationFilter.doFilterInternal(BasicAuthenticationFilter.java:155)
	at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:119)
	at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334)
	at org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter.doFilter(AbstractAuthenticationProcessingFilter.java:200)
	at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334)
	at org.springframework.security.web.authentication.logout.LogoutFilter.doFilter(LogoutFilter.java:116)
	at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334)
	at org.springframework.security.web.csrf.CsrfFilter.doFilterInternal(CsrfFilter.java:117)
	at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:119)
	at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334)
	at org.springframework.security.web.header.HeaderWriterFilter.doHeadersAfter(HeaderWriterFilter.java:92)
	at org.springframework.security.web.header.HeaderWriterFilter.doFilterInternal(HeaderWriterFilter.java:77)
	at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:119)
	at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334)
	at org.springframework.security.web.context.SecurityContextPersistenceFilter.doFilter(SecurityContextPersistenceFilter.java:105)
	at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334)
	at org.springframework.security.web.context.request.async.WebAsyncManagerIntegrationFilter.doFilterInternal(WebAsyncManagerIntegrationFilter.java:56)
	at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:119)
	at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334)
	at org.springframework.security.web.FilterChainProxy.doFilterInternal(FilterChainProxy.java:215)
	at org.springframework.security.web.FilterChainProxy.doFilter(FilterChainProxy.java:178)
	at org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:358)
	at org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:271)
	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
	at org.springframework.web.filter.CharacterEncodingFilter.doFilterInternal(CharacterEncodingFilter.java:201)
	at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:119)
	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
	at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:202)
	at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:96)
	at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:541)
	at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:139)
	at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:92)
	at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:74)
	at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:343)
	at org.apache.coyote.http11.Http11Processor.service(Http11Processor.java:373)
	at org.apache.coyote.AbstractProcessorLight.process(AbstractProcessorLight.java:65)
	at org.apache.coyote.AbstractProtocol$ConnectionHandler.process(AbstractProtocol.java:868)
	at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1594)
	at org.apache.tomcat.util.net.SocketProcessorBase.run(SocketProcessorBase.java:49)
	at java.util.concurrent.ThreadPoolExecutor.runWorker(Unknown Source)
	at java.util.concurrent.ThreadPoolExecutor$Worker.run(Unknown Source)
	at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61)
	at java.lang.Thread.run(Unknown Source)

 

에러는 프로그램이 작동하는데에는 아무 영향이 없다. 

참고 사이트 : https://docs.spring.io/spring-security/site/docs/3.0.8.RELEASE/faq/faq.html#faq-anon-access-denied

	
I get an exception with the message "Access is denied (user is anonymous);". What's wrong?

This is a debug level message which occurs the first time an anonymous user attempts to access a protected resource.

    DEBUG [ExceptionTranslationFilter] - Access is denied (user is anonymous); redirecting to authentication entry point
    org.springframework.security.AccessDeniedException: Access is denied
    at org.springframework.security.vote.AffirmativeBased.decide(AffirmativeBased.java:68)
    at org.springframework.security.intercept.AbstractSecurityInterceptor.beforeInvocation(AbstractSecurityInterceptor.java:262)
                
It is normal and shouldn't be anything to worry about.

 

발생원인 :  인증을 하지 않고 인증된 url에 접근 할려고 할때 발생함. 

해결방법 : spring security log level 를 높여 주면 됨. 

application.properties에 아래와 같은 프로퍼티 항목이 있으면 여기의 로그레벨을  debug 보다 높은 level 로 올려주면됨.

logging.level.org.springframework.security=DEBUG

logback

<logger name="org.springframework.security" level="info"/>

+ Recent posts

티스토리툴바