当前位置: 首页 > news >正文

做网站找王思奇百度学术查重

news 2025/8/13 5:35:29
做网站找王思奇,百度学术查重,基于php的图书管理系统论文,腾讯云海外服务器url说明方法/login/oauth/authorize授权断点。无登录态时跳转到/authentication/require,有登录态时跳转到/loginorg.springframework.security.oauth2.provider.endpoint.AuthorizationEndpoint#authorize/authentication/require自己写的用于重定向到登录页面的ur…
url说明方法
/login
/oauth/authorize授权断点。无登录态时跳转到/authentication/require,有登录态时跳转到/loginorg.springframework.security.oauth2.provider.endpoint.AuthorizationEndpoint#authorize
/authentication/require自己写的用于重定向到登录页面的urlcn.merryyou.sso.controller.LoginController#require
/authentication/form提交登录信息,据说是UsernamePasswordAuthenticationFilter处理此请求

在这里插入图片描述

扩展点

扩展点说明
主题数据账户密码
密码解析器提供密码加密及比对服务
自定义授权及安全拦截策略HttpSecurity的相关配置

校验密码的流程-获取用户

loadUserByUsername:26, SsoUserDetailsService (cn.merryyou.sso.server)
retrieveUser:114, DaoAuthenticationProvider (org.springframework.security.authentication.dao)
authenticate:144, AbstractUserDetailsAuthenticationProvider (org.springframework.security.authentication.dao)// 之后的166行会进行密码比对
authenticate:174, ProviderManager (org.springframework.security.authentication)
authenticate:199, ProviderManager (org.springframework.security.authentication)
attemptAuthentication:94, UsernamePasswordAuthenticationFilter (org.springframework.security.web.authentication)
doFilter:212, AbstractAuthenticationProcessingFilter (org.springframework.security.web.authentication)
doFilter:331, FilterChainProxy$VirtualFilterChain (org.springframework.security.web)
doFilter:116, LogoutFilter (org.springframework.security.web.authentication.logout)
doFilter:331, FilterChainProxy$VirtualFilterChain (org.springframework.security.web)
doFilterInternal:64, HeaderWriterFilter (org.springframework.security.web.header)
doFilter:107, OncePerRequestFilter (org.springframework.web.filter)
doFilter:331, FilterChainProxy$VirtualFilterChain (org.springframework.security.web)
doFilter:105, SecurityContextPersistenceFilter (org.springframework.security.web.context)
doFilter:331, FilterChainProxy$VirtualFilterChain (org.springframework.security.web)
doFilterInternal:56, WebAsyncManagerIntegrationFilter (org.springframework.security.web.context.request.async)
doFilter:107, OncePerRequestFilter (org.springframework.web.filter)
doFilter:331, FilterChainProxy$VirtualFilterChain (org.springframework.security.web)
doFilterInternal:214, FilterChainProxy (org.springframework.security.web)
doFilter:177, FilterChainProxy (org.springframework.security.web)
invokeDelegate:346, DelegatingFilterProxy (org.springframework.web.filter)
doFilter:262, DelegatingFilterProxy (org.springframework.web.filter)
internalDoFilter:193, ApplicationFilterChain (org.apache.catalina.core)
doFilter:166, ApplicationFilterChain (org.apache.catalina.core)
doFilterInternal:99, RequestContextFilter (org.springframework.web.filter)
doFilter:107, OncePerRequestFilter (org.springframework.web.filter)
internalDoFilter:193, ApplicationFilterChain (org.apache.catalina.core)
doFilter:166, ApplicationFilterChain (org.apache.catalina.core)
doFilterInternal:105, HttpPutFormContentFilter (org.springframework.web.filter)
doFilter:107, OncePerRequestFilter (org.springframework.web.filter)
internalDoFilter:193, ApplicationFilterChain (org.apache.catalina.core)
doFilter:166, ApplicationFilterChain (org.apache.catalina.core)
doFilterInternal:81, HiddenHttpMethodFilter (org.springframework.web.filter)
doFilter:107, OncePerRequestFilter (org.springframework.web.filter)
internalDoFilter:193, ApplicationFilterChain (org.apache.catalina.core)
doFilter:166, ApplicationFilterChain (org.apache.catalina.core)
doFilterInternal:197, CharacterEncodingFilter (org.springframework.web.filter)
doFilter:107, OncePerRequestFilter (org.springframework.web.filter)
internalDoFilter:193, ApplicationFilterChain (org.apache.catalina.core)
doFilter:166, ApplicationFilterChain (org.apache.catalina.core)
invoke:198, StandardWrapperValve (org.apache.catalina.core)
invoke:96, StandardContextValve (org.apache.catalina.core)
invoke:478, AuthenticatorBase (org.apache.catalina.authenticator)
invoke:140, StandardHostValve (org.apache.catalina.core)
invoke:80, ErrorReportValve (org.apache.catalina.valves)
invoke:87, StandardEngineValve (org.apache.catalina.core)
service:342, CoyoteAdapter (org.apache.catalina.connector)
service:799, Http11Processor (org.apache.coyote.http11)
process:66, AbstractProcessorLight (org.apache.coyote)
process:868, AbstractProtocol$ConnectionHandler (org.apache.coyote)
doRun:1455, NioEndpoint$SocketProcessor (org.apache.tomcat.util.net)
run:49, SocketProcessorBase (org.apache.tomcat.util.net)
runWorker:1149, ThreadPoolExecutor (java.util.concurrent)
run:624, ThreadPoolExecutor$Worker (java.util.concurrent)
run:61, TaskThread$WrappingRunnable (org.apache.tomcat.util.threads)
run:748, Thread (java.lang)

比对密码

additionalAuthenticationChecks:94, DaoAuthenticationProvider (org.springframework.security.authentication.dao)
authenticate:166, AbstractUserDetailsAuthenticationProvider (org.springframework.security.authentication.dao)
authenticate:174, ProviderManager (org.springframework.security.authentication)
authenticate:199, ProviderManager (org.springframework.security.authentication)
attemptAuthentication:94, UsernamePasswordAuthenticationFilter (org.springframework.security.web.authentication)
doFilter:212, AbstractAuthenticationProcessingFilter (org.springframework.security.web.authentication)
doFilter:331, FilterChainProxy$VirtualFilterChain (org.springframework.security.web)
doFilter:116, LogoutFilter (org.springframework.security.web.authentication.logout)
doFilter:331, FilterChainProxy$VirtualFilterChain (org.springframework.security.web)
doFilterInternal:64, HeaderWriterFilter (org.springframework.security.web.header)
doFilter:107, OncePerRequestFilter (org.springframework.web.filter)
doFilter:331, FilterChainProxy$VirtualFilterChain (org.springframework.security.web)
doFilter:105, SecurityContextPersistenceFilter (org.springframework.security.web.context)
doFilter:331, FilterChainProxy$VirtualFilterChain (org.springframework.security.web)
doFilterInternal:56, WebAsyncManagerIntegrationFilter (org.springframework.security.web.context.request.async)
doFilter:107, OncePerRequestFilter (org.springframework.web.filter)
doFilter:331, FilterChainProxy$VirtualFilterChain (org.springframework.security.web)
doFilterInternal:214, FilterChainProxy (org.springframework.security.web)
doFilter:177, FilterChainProxy (org.springframework.security.web)
invokeDelegate:346, DelegatingFilterProxy (org.springframework.web.filter)
doFilter:262, DelegatingFilterProxy (org.springframework.web.filter)
internalDoFilter:193, ApplicationFilterChain (org.apache.catalina.core)
doFilter:166, ApplicationFilterChain (org.apache.catalina.core)
doFilterInternal:99, RequestContextFilter (org.springframework.web.filter)
doFilter:107, OncePerRequestFilter (org.springframework.web.filter)
internalDoFilter:193, ApplicationFilterChain (org.apache.catalina.core)
doFilter:166, ApplicationFilterChain (org.apache.catalina.core)
doFilterInternal:105, HttpPutFormContentFilter (org.springframework.web.filter)
doFilter:107, OncePerRequestFilter (org.springframework.web.filter)
internalDoFilter:193, ApplicationFilterChain (org.apache.catalina.core)
doFilter:166, ApplicationFilterChain (org.apache.catalina.core)
doFilterInternal:81, HiddenHttpMethodFilter (org.springframework.web.filter)
doFilter:107, OncePerRequestFilter (org.springframework.web.filter)
internalDoFilter:193, ApplicationFilterChain (org.apache.catalina.core)
doFilter:166, ApplicationFilterChain (org.apache.catalina.core)
doFilterInternal:197, CharacterEncodingFilter (org.springframework.web.filter)
doFilter:107, OncePerRequestFilter (org.springframework.web.filter)
internalDoFilter:193, ApplicationFilterChain (org.apache.catalina.core)
doFilter:166, ApplicationFilterChain (org.apache.catalina.core)
invoke:198, StandardWrapperValve (org.apache.catalina.core)
invoke:96, StandardContextValve (org.apache.catalina.core)
invoke:478, AuthenticatorBase (org.apache.catalina.authenticator)
invoke:140, StandardHostValve (org.apache.catalina.core)
invoke:80, ErrorReportValve (org.apache.catalina.valves)
invoke:87, StandardEngineValve (org.apache.catalina.core)
service:342, CoyoteAdapter (org.apache.catalina.connector)
service:799, Http11Processor (org.apache.coyote.http11)
process:66, AbstractProcessorLight (org.apache.coyote)
process:868, AbstractProtocol$ConnectionHandler (org.apache.coyote)
doRun:1455, NioEndpoint$SocketProcessor (org.apache.tomcat.util.net)
run:49, SocketProcessorBase (org.apache.tomcat.util.net)
runWorker:1149, ThreadPoolExecutor (java.util.concurrent)
run:624, ThreadPoolExecutor$Worker (java.util.concurrent)
run:61, TaskThread$WrappingRunnable (org.apache.tomcat.util.threads)
run:748, Thread (java.lang)

根据实验结果总结的JSESSIONID规则(可能有错误,但可以解释单点登录时的JSESSIONID变化过程):
1、访问时携带的JSESSIONID无效或者没有携带,tomcat会通过response中的set-cookie设置JSESSIONID。
2、set-cookie设置的JSESSIONID会被保留在postman中
3、postman中会根据JSESSIONID中path与当前url的匹配情况选择相应的JSESSIONID添加到请求头

+++++++++++++++以下是研究日志++++++++++++++++++++++

url在哪个类中配置的?
应该了解下正常的controller处理请求的堆栈是啥
org.springframework.web.servlet.handler.AbstractHandlerMethodMapping#lookupHandlerMethod加断点
在这里插入图片描述
在下面截图可以看到正常的controller与url对应关系的存储位置
在这里插入图片描述

下图可以看到/authentication/require接口和handler的位置对应关系
在这里插入图片描述
无法找到
GET /uaa/oauth/authorize?client_id=merryyou1&redirect_uri=http://localhost:8083/client1/login&response_type=code&state=dSx7fy HTTP/1.1
这个请求在哪里触发的。
已知/uaa/oauth/authorize这个请求返回302,重定向到/uaa/authentication/require,/uaa/authentication/require是自己写的,然后通过HttpSecurity配置。

点击"登录"时触发接口/authentication/form,此接口在哪?
加断点没找到,但是找到了其重定向的那个连接/uaa/oauth/authorize
在这里插入图片描述

authorize:123, AuthorizationEndpoint (org.springframework.security.oauth2.provider.endpoint)
invoke0:-1, NativeMethodAccessorImpl (sun.reflect)
invoke:62, NativeMethodAccessorImpl (sun.reflect)
invoke:43, DelegatingMethodAccessorImpl (sun.reflect)
invoke:498, Method (java.lang.reflect)
doInvoke:205, InvocableHandlerMethod (org.springframework.web.method.support)
invokeForRequest:133, InvocableHandlerMethod (org.springframework.web.method.support)
invokeAndHandle:97, ServletInvocableHandlerMethod (org.springframework.web.servlet.mvc.method.annotation)
invokeHandlerMethod:827, RequestMappingHandlerAdapter (org.springframework.web.servlet.mvc.method.annotation)
handleInternal:738, RequestMappingHandlerAdapter (org.springframework.web.servlet.mvc.method.annotation)
handle:85, AbstractHandlerMethodAdapter (org.springframework.web.servlet.mvc.method)
doDispatch:967, DispatcherServlet (org.springframework.web.servlet)

重新触发登录逻辑,可以看到org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter#attemptAuthentication的调用,据说此方法是/authentication/form

attemptAuthentication:70, UsernamePasswordAuthenticationFilter (org.springframework.security.web.authentication)
doFilter:212, AbstractAuthenticationProcessingFilter (org.springframework.security.web.authentication)
doFilter:331, FilterChainProxy$VirtualFilterChain (org.springframework.security.web)
doFilter:116, LogoutFilter (org.springframework.security.web.authentication.logout)
doFilter:331, FilterChainProxy$VirtualFilterChain (org.springframework.security.web)
doFilterInternal:64, HeaderWriterFilter (org.springframework.security.web.header)
doFilter:107, OncePerRequestFilter (org.springframework.web.filter)
doFilter:331, FilterChainProxy$VirtualFilterChain (org.springframework.security.web)
doFilter:105, SecurityContextPersistenceFilter (org.springframework.security.web.context)
doFilter:331, FilterChainProxy$VirtualFilterChain (org.springframework.security.web)
doFilterInternal:56, WebAsyncManagerIntegrationFilter (org.springframework.security.web.context.request.async)
doFilter:107, OncePerRequestFilter (org.springframework.web.filter)
doFilter:331, FilterChainProxy$VirtualFilterChain (org.springframework.security.web)
doFilterInternal:214, FilterChainProxy (org.springframework.security.web)
doFilter:177, FilterChainProxy (org.springframework.security.web)
invokeDelegate:346, DelegatingFilterProxy (org.springframework.web.filter)
doFilter:262, DelegatingFilterProxy (org.springframework.web.filter)
internalDoFilter:193, ApplicationFilterChain (org.apache.catalina.core)
doFilter:166, ApplicationFilterChain (org.apache.catalina.core)
doFilterInternal:99, RequestContextFilter (org.springframework.web.filter)
doFilter:107, OncePerRequestFilter (org.springframework.web.filter)
internalDoFilter:193, ApplicationFilterChain (org.apache.catalina.core)
doFilter:166, ApplicationFilterChain (org.apache.catalina.core)
doFilterInternal:105, HttpPutFormContentFilter (org.springframework.web.filter)
doFilter:107, OncePerRequestFilter (org.springframework.web.filter)
internalDoFilter:193, ApplicationFilterChain (org.apache.catalina.core)
doFilter:166, ApplicationFilterChain (org.apache.catalina.core)
doFilterInternal:81, HiddenHttpMethodFilter (org.springframework.web.filter)
doFilter:107, OncePerRequestFilter (org.springframework.web.filter)
internalDoFilter:193, ApplicationFilterChain (org.apache.catalina.core)
doFilter:166, ApplicationFilterChain (org.apache.catalina.core)
doFilterInternal:197, CharacterEncodingFilter (org.springframework.web.filter)
doFilter:107, OncePerRequestFilter (org.springframework.web.filter)
internalDoFilter:193, ApplicationFilterChain (org.apache.catalina.core)
doFilter:166, ApplicationFilterChain (org.apache.catalina.core)
invoke:198, StandardWrapperValve (org.apache.catalina.core)
invoke:96, StandardContextValve (org.apache.catalina.core)
invoke:478, AuthenticatorBase (org.apache.catalina.authenticator)
invoke:140, StandardHostValve (org.apache.catalina.core)
invoke:80, ErrorReportValve (org.apache.catalina.valves)
invoke:87, StandardEngineValve (org.apache.catalina.core)
service:342, CoyoteAdapter (org.apache.catalina.connector)
service:799, Http11Processor (org.apache.coyote.http11)
process:66, AbstractProcessorLight (org.apache.coyote)
process:868, AbstractProtocol$ConnectionHandler (org.apache.coyote)
doRun:1455, NioEndpoint$SocketProcessor (org.apache.tomcat.util.net)
run:49, SocketProcessorBase (org.apache.tomcat.util.net)
runWorker:1149, ThreadPoolExecutor (java.util.concurrent)
run:624, ThreadPoolExecutor$Worker (java.util.concurrent)
run:61, TaskThread$WrappingRunnable (org.apache.tomcat.util.threads)
run:748, Thread (java.lang)

filter在web中的定位 --done。Filter是Servlet规范的一部分,它的主要目的是在请求到达Servlet(包括Spring MVC的DispatcherServlet)之前或之后执行某些操作

client中/ 和 /login之间的跳转逻辑是如何实现的?
感觉和EnableOAuth2Sso这个注解有关
这个博客讲的太细了,不适合初学者
初学者应该先了解如何使用,然后是http交互逻辑,最后是原理

重新阅读官方文档。–done。没看懂,改看b站视频教程

JSESSIONID
博客1;jsessionid与tomcat关系比较大;这个视频没有客户端的介绍
经过实验发现jsessionid和端口可能对应关系,因为当我访问的应用个数与postman中的jsessionid数量相同
使用chrome看看是否能看到jsessionid和端口的对应关系
应该不是和端口对应,是和路径对应,仔细看cookie,其中设置了path,postman应该是根据path判断使用哪个jsessionid

JSESSIONID=3D1A6E7BEE757E28BC0A97F60636AC3A; Path=/uaa; HttpOnly;

client和resource使用哪个?–done。使用资源,大家都是用资源
多看几个视频,看看大家用啥
视频1;视频没讲单点登录
视频2;无源码,没说是客户端还是资源
视频3;这个视频看简介,只有资源没有客户端;没有登录跳转

视频这个视频中的"access_token客户端模式"和"access_token授权码模式"有啥区别?应用场景分别是啥?–done。这个视频中没有正常展示单点登录功能,都是用百度的链接做的模拟

client资源
我能找到的所有单点登录教学视频用的都是这个
简单
支持登录跳转

感觉client更符合使用场景。百度下其使用场景 --done。看博客感觉是spring为了简化单点登录开发流程提供的注解,原文"只需要添加一个注解和少量配置即可将我们的服务作为一个单点登陆应用"

==============================

需要确认下set-cookie的path字段是否真如推测那样可以让postman根据请求中的url选择不同cookie

client-id: merryyou1这种方式可以配置客户端。客户端在oauth中的定位是啥?每个客户端对数据有不同授权?
user-authorization-uri是请求认证,access-token-uri是请求令牌,两者啥关系?

需要了解下HttpSecurity各个配置的含义

http://www.tj-hxxt.cn/news/100958.html

相关文章:

  • 随机图片网站北京疫情最新情况
  • 网站建设与管理自考重点什么叫做优化
  • 做国际生意的网站有哪些最新推广赚钱的app
  • 做淘宝链接网站百度登录入口百度
  • 汕头教育的网站建设百度网络小说排行榜
  • 网站建设教程 epub深圳谷歌推广公司
  • 做网站职校选什么专业百度搜索引擎优化指南最新版
  • 房屋设计图平面图苏州seo关键词优化报价
  • 用html能做企业网站吗网络营销的具体形式种类
  • 军事新闻网关键词优化软件排行
  • 个人网站设计英文网站推广
  • 南昌网站建设公司好么网络营销和电子商务的区别
  • 企业网站建设的注意事项百度秒收录蜘蛛池
  • 如何搭建电影网站网站排名软件利搜
  • 手机网站分辨率做多大百度一下照片识别
  • 汉口网站推广公司链接制作软件
  • 开发区网站建设网络营销首先要做什么
  • 网站建设质量如何衡量百度sem是什么意思
  • 找图纸的网站厦门网络推广培训
  • 微信、网站提成方案点做阿里指数查询官网入口
  • 网站如何在百度个人网站怎么制作
  • 网站建设教程在线观看站长工具高清
  • 我学的 网站开发 能进华为公司么友情链接交换形式有哪些
  • wordpress 清理百度seo词条优化
  • 深圳网站建设nooqi.cn网站域名ip查询
  • 特价旅游机票网站建设企点qq官网
  • 商城app搭建优秀网站seo报价
  • 交友网站怎么都是做投资的手机怎么做网站免费的
  • 我的网站在百度搜不到网络广告推广
  • 程序外包公司山东网络推广优化排名