Spring Boot: Filter execution threw an exception - java.lang.AbstractMethodError
Spring Boot: Filter execution threw an exception - java.lang.AbstractMethodError
我使用spring boot设置了一个相当简单的安全应用程序,但是在成功登录后,我一直从服务器获得这个异常:
javax.servlet.ServletException: Filter execution threw an exception org.springframework.web.filter.HiddenHttpMethodFilter.doFilterInternal(HiddenHttpMethodFilter.java:77) org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107) org.springframework.web.filter.CharacterEncodingFilter.doFilterInternal(CharacterEncodingFilter.java:85) org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107) org.springframework.boot.context.web.ErrorPageFilter.doFilter(ErrorPageFilter.java:116) org.springframework.boot.context.web.ErrorPageFilter.access$000(ErrorPageFilter.java:60) org.springframework.boot.context.web.ErrorPageFilter$1.doFilterInternal(ErrorPageFilter.java:91) org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107) org.springframework.boot.context.web.ErrorPageFilter.doFilter(ErrorPageFilter.java:109) root cause java.lang.AbstractMethodError javax.servlet.http.HttpServletRequestWrapper.changeSessionId(HttpServletRequestWrapper.java:290) javax.servlet.http.HttpServletRequestWrapper.changeSessionId(HttpServletRequestWrapper.java:290) sun.reflect.GeneratedMethodAccessor295.invoke(Unknown Source) sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) java.lang.reflect.Method.invoke(Method.java:497) org.springframework.util.ReflectionUtils.invokeMethod(ReflectionUtils.java:203) org.springframework.util.ReflectionUtils.invokeMethod(ReflectionUtils.java:188) org.springframework.security.web.authentication.session.ChangeSessionIdAuthenticationStrategy.applySessionFixation(ChangeSessionIdAuthenticationStrategy.java:48) org.springframework.security.web.authentication.session.AbstractSessionFixationProtectionStrategy.onAuthentication(AbstractSessionFixationProtectionStrategy.java:82) org.springframework.security.web.authentication.session.ChangeSessionIdAuthenticationStrategy.onAuthentication(ChangeSessionIdAuthenticationStrategy.java:32) org.springframework.security.web.authentication.session.CompositeSessionAuthenticationStrategy.onAuthentication(CompositeSessionAuthenticationStrategy.java:83) org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter.doFilter(AbstractAuthenticationProcessingFilter.java:216) org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342) org.springframework.security.web.authentication.logout.LogoutFilter.doFilter(LogoutFilter.java:110) org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342) org.springframework.security.web.csrf.CsrfFilter.doFilterInternal(CsrfFilter.java:105) org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107) org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342) org.springframework.security.web.context.SecurityContextPersistenceFilter.doFilter(SecurityContextPersistenceFilter.java:87) org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342) org.springframework.security.web.context.request.async.WebAsyncManagerIntegrationFilter.doFilterInternal(WebAsyncManagerIntegrationFilter.java:50) org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107) org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342) org.springframework.security.web.FilterChainProxy.doFilterInternal(FilterChainProxy.java:192) org.springframework.security.web.FilterChainProxy.doFilter(FilterChainProxy.java:160) org.springframework.web.filter.HiddenHttpMethodFilter.doFilterInternal(HiddenHttpMethodFilter.java:77) org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107) org.springframework.web.filter.CharacterEncodingFilter.doFilterInternal(CharacterEncodingFilter.java:85) org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107) org.springframework.boot.context.web.ErrorPageFilter.doFilter(ErrorPageFilter.java:116) org.springframework.boot.context.web.ErrorPageFilter.access$000(ErrorPageFilter.java:60) org.springframework.boot.context.web.ErrorPageFilter$1.doFilterInternal(ErrorPageFilter.java:91) org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107) org.springframework.boot.context.web.ErrorPageFilter.doFilter(ErrorPageFilter.java:109)
这是我的初始化类:
@EnableAutoConfiguration
@SpringBootApplication
public class RecruitingDashboardApplication extends SpringBootServletInitializer {
@Override
protected SpringApplicationBuilder configure(SpringApplicationBuilder application) {
return application.sources(RecruitingDashboardApplication.class);
}
public static void main(String[] args) throws Exception {
SpringApplication.run(RecruitingDashboardApplication.class, args);
}
}
以及我的viewResolver配置类:
@Configuration
public class WebMvcConfig extends WebMvcConfigurerAdapter {
@Bean
public ViewResolver viewResolver() {
ClassLoaderTemplateResolver templateResolver = new ClassLoaderTemplateResolver();
templateResolver.setPrefix("templates/");
templateResolver.setSuffix(".html");
SpringTemplateEngine engine = new SpringTemplateEngine();
engine.setTemplateResolver(templateResolver);
ThymeleafViewResolver viewResolver = new ThymeleafViewResolver();
viewResolver.setTemplateEngine(engine);
return viewResolver;
}
@Override
public void addViewControllers(ViewControllerRegistry registry) {
registry.addViewController("/").setViewName("dashboard");
registry.addViewController("/login").setViewName("login");
}
}
最后是我的安全配置类:
@Configuration
@EnableWebMvcSecurity
public class SecurityConfig extends WebSecurityConfigurerAdapter {
@Override
protected void configure(HttpSecurity http) throws Exception {
http.headers()
.frameOptions()
.disable()
.authorizeRequests()
.antMatchers("/css/**", "/img/**", "/fonts/**").permitAll()
.anyRequest()
.authenticated()
.and()
.formLogin()
.loginPage("/login")
.permitAll()
.and()
.logout()
.permitAll();
}
@Autowired
public void configureGlobal(AuthenticationManagerBuilder auth) throws Exception {
auth
.inMemoryAuthentication()
.withUser("username").password("password").roles("USER");
}
}
这些是我使用的pom依赖:
org.springframework.boot spring-boot-starter-security org.springframework.boot spring-boot-starter-web org.springframework.boot spring-boot-starter-tomcat org.springframework.boot spring-boot-starter-thymeleaf org.springframework.boot spring-boot-starter-tomcat provided net.sourceforge.nekohtml nekohtml 1.9.22
非常感谢您的帮助。我已经花了三天的时间解决这个问题,我已经在网上搜索了所有地方,但是我找不到解决方案。
更新
在部署到Tomcat 8时,似乎我没有得到异常。我只在Tomcat 7上得到它。
更新2
我更新了我的pom文件,将spring-boot-starter-tomcat依赖项的范围设置为provided。我还从spring-boot-starter-web中排除了相同的传递依赖项,如这个问题中所描述的。然而,问题仍然存在。
Spring Boot: Filter execution threw an exception - java.lang.AbstractMethodError
问题原因:部署的war文件使用了embedded web container(默认是Tomcat),而该容器使用了与项目中另一个版本的servlet-api。在war文件中没有发现servlet-api,但是通过mvn dependency:tree命令也没有找到冲突的依赖。
解决方法:需要将spring-boot-starter-tomcat标记为provided scope,以便war文件不会带上额外的依赖。可以使用Spring Boot maven插件将provided的依赖分离到fat war文件的另一个位置,这样仍然可以通过命令行运行war文件(java -jar yourapp.war)。如果不需要这样的功能,可以不使用Spring Boot maven插件。
注意:不要修改tomcat/lib文件夹中的servlet-api,因为这是服务器必须使用的原始jar文件。问题的原因很可能是war文件中包含了servlet-api(可能是重命名过的或者用其他名称),需要检查war文件的WEB-INF/lib文件夹,确保其中没有servlet相关的jar文件。
参考链接:
http://docs.spring.io/spring-boot/docs/current/reference/htmlsingle/#howto-create-a-deployable-war-file
http://stackoverflow.com/questions/26642493