Spring Boot: Filter execution threw an exception - java.lang.AbstractMethodError
Spring Boot: Filter execution threw an exception - java.lang.AbstractMethodError
我使用spring boot设置了一个相当简单的安全应用程序,但是在成功登录后,我一直从服务器获得这个异常:
javax.servlet.ServletException: Filter execution threw an exception org.springframework.web.filter.HiddenHttpMethodFilter.doFilterInternal(HiddenHttpMethodFilter.java:77) org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107) org.springframework.web.filter.CharacterEncodingFilter.doFilterInternal(CharacterEncodingFilter.java:85) org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107) org.springframework.boot.context.web.ErrorPageFilter.doFilter(ErrorPageFilter.java:116) org.springframework.boot.context.web.ErrorPageFilter.access$000(ErrorPageFilter.java:60) org.springframework.boot.context.web.ErrorPageFilter$1.doFilterInternal(ErrorPageFilter.java:91) org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107) org.springframework.boot.context.web.ErrorPageFilter.doFilter(ErrorPageFilter.java:109) root cause java.lang.AbstractMethodError javax.servlet.http.HttpServletRequestWrapper.changeSessionId(HttpServletRequestWrapper.java:290) javax.servlet.http.HttpServletRequestWrapper.changeSessionId(HttpServletRequestWrapper.java:290) sun.reflect.GeneratedMethodAccessor295.invoke(Unknown Source) sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) java.lang.reflect.Method.invoke(Method.java:497) org.springframework.util.ReflectionUtils.invokeMethod(ReflectionUtils.java:203) org.springframework.util.ReflectionUtils.invokeMethod(ReflectionUtils.java:188) org.springframework.security.web.authentication.session.ChangeSessionIdAuthenticationStrategy.applySessionFixation(ChangeSessionIdAuthenticationStrategy.java:48) org.springframework.security.web.authentication.session.AbstractSessionFixationProtectionStrategy.onAuthentication(AbstractSessionFixationProtectionStrategy.java:82) org.springframework.security.web.authentication.session.ChangeSessionIdAuthenticationStrategy.onAuthentication(ChangeSessionIdAuthenticationStrategy.java:32) org.springframework.security.web.authentication.session.CompositeSessionAuthenticationStrategy.onAuthentication(CompositeSessionAuthenticationStrategy.java:83) org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter.doFilter(AbstractAuthenticationProcessingFilter.java:216) org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342) org.springframework.security.web.authentication.logout.LogoutFilter.doFilter(LogoutFilter.java:110) org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342) org.springframework.security.web.csrf.CsrfFilter.doFilterInternal(CsrfFilter.java:105) org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107) org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342) org.springframework.security.web.context.SecurityContextPersistenceFilter.doFilter(SecurityContextPersistenceFilter.java:87) org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342) org.springframework.security.web.context.request.async.WebAsyncManagerIntegrationFilter.doFilterInternal(WebAsyncManagerIntegrationFilter.java:50) org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107) org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342) org.springframework.security.web.FilterChainProxy.doFilterInternal(FilterChainProxy.java:192) org.springframework.security.web.FilterChainProxy.doFilter(FilterChainProxy.java:160) org.springframework.web.filter.HiddenHttpMethodFilter.doFilterInternal(HiddenHttpMethodFilter.java:77) org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107) org.springframework.web.filter.CharacterEncodingFilter.doFilterInternal(CharacterEncodingFilter.java:85) org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107) org.springframework.boot.context.web.ErrorPageFilter.doFilter(ErrorPageFilter.java:116) org.springframework.boot.context.web.ErrorPageFilter.access$000(ErrorPageFilter.java:60) org.springframework.boot.context.web.ErrorPageFilter$1.doFilterInternal(ErrorPageFilter.java:91) org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107) org.springframework.boot.context.web.ErrorPageFilter.doFilter(ErrorPageFilter.java:109)
这是我的初始化类:
@EnableAutoConfiguration @SpringBootApplication public class RecruitingDashboardApplication extends SpringBootServletInitializer { @Override protected SpringApplicationBuilder configure(SpringApplicationBuilder application) { return application.sources(RecruitingDashboardApplication.class); } public static void main(String[] args) throws Exception { SpringApplication.run(RecruitingDashboardApplication.class, args); } }
以及我的viewResolver配置类:
@Configuration public class WebMvcConfig extends WebMvcConfigurerAdapter { @Bean public ViewResolver viewResolver() { ClassLoaderTemplateResolver templateResolver = new ClassLoaderTemplateResolver(); templateResolver.setPrefix("templates/"); templateResolver.setSuffix(".html"); SpringTemplateEngine engine = new SpringTemplateEngine(); engine.setTemplateResolver(templateResolver); ThymeleafViewResolver viewResolver = new ThymeleafViewResolver(); viewResolver.setTemplateEngine(engine); return viewResolver; } @Override public void addViewControllers(ViewControllerRegistry registry) { registry.addViewController("/").setViewName("dashboard"); registry.addViewController("/login").setViewName("login"); } }
最后是我的安全配置类:
@Configuration @EnableWebMvcSecurity public class SecurityConfig extends WebSecurityConfigurerAdapter { @Override protected void configure(HttpSecurity http) throws Exception { http.headers() .frameOptions() .disable() .authorizeRequests() .antMatchers("/css/**", "/img/**", "/fonts/**").permitAll() .anyRequest() .authenticated() .and() .formLogin() .loginPage("/login") .permitAll() .and() .logout() .permitAll(); } @Autowired public void configureGlobal(AuthenticationManagerBuilder auth) throws Exception { auth .inMemoryAuthentication() .withUser("username").password("password").roles("USER"); } }
这些是我使用的pom依赖:
org.springframework.boot spring-boot-starter-security org.springframework.boot spring-boot-starter-web org.springframework.boot spring-boot-starter-tomcat org.springframework.boot spring-boot-starter-thymeleaf org.springframework.boot spring-boot-starter-tomcat provided net.sourceforge.nekohtml nekohtml 1.9.22
非常感谢您的帮助。我已经花了三天的时间解决这个问题,我已经在网上搜索了所有地方,但是我找不到解决方案。
更新
在部署到Tomcat 8时,似乎我没有得到异常。我只在Tomcat 7上得到它。
更新2
我更新了我的pom文件,将spring-boot-starter-tomcat
依赖项的范围设置为provided
。我还从spring-boot-starter-web
中排除了相同的传递依赖项,如这个问题中所描述的。然而,问题仍然存在。
Spring Boot: Filter execution threw an exception - java.lang.AbstractMethodError
问题原因:部署的war文件使用了embedded web container(默认是Tomcat),而该容器使用了与项目中另一个版本的servlet-api。在war文件中没有发现servlet-api,但是通过mvn dependency:tree命令也没有找到冲突的依赖。
解决方法:需要将spring-boot-starter-tomcat标记为provided scope,以便war文件不会带上额外的依赖。可以使用Spring Boot maven插件将provided的依赖分离到fat war文件的另一个位置,这样仍然可以通过命令行运行war文件(java -jar yourapp.war)。如果不需要这样的功能,可以不使用Spring Boot maven插件。
注意:不要修改tomcat/lib文件夹中的servlet-api,因为这是服务器必须使用的原始jar文件。问题的原因很可能是war文件中包含了servlet-api(可能是重命名过的或者用其他名称),需要检查war文件的WEB-INF/lib文件夹,确保其中没有servlet相关的jar文件。
参考链接:
http://docs.spring.io/spring-boot/docs/current/reference/htmlsingle/#howto-create-a-deployable-war-file
http://stackoverflow.com/questions/26642493