Jackson MismatchedInputException:由于输入结束,没有要映射的内容

【问题标题】:Jackson MismatchedInputException: No content to map due to end-of-inputJackson MismatchedInputException:由于输入结束,没有要映射的内容
【发布时间】:2018-12-23 00:49:07
【问题描述】:

我正在尝试在我的项目中实现 JWTAuthentication。我已经这样设置了我的实体:

@Entity
public class ApplicationUser {
    @Id
    @GeneratedValue(strategy = GenerationType.IDENTITY)
    Long id;
    String username,password;

    public Long getId() {
        return id;
    }

    public void setId(Long id) {
        this.id = id;
    }

    public String getUsername() {
        return username;
    }

    public void setUsername(String username) {
        this.username = username;
    }

    public String getPassword() {
        return password;
    }

    public void setPassword(String password) {
        this.password = password;
    }
}

然后我像这样设置 AuthenticationFilter:

    public class JWTAuthenticationFilter extends UsernamePasswordAuthenticationFilter {
        private AuthenticationManager authenticationManager;

        public JWTAuthenticationFilter(AuthenticationManager authenticationManager) {
            this.authenticationManager = authenticationManager;
        }

        @Override
        public Authentication attemptAuthentication(HttpServletRequest request, HttpServletResponse response) throws AuthenticationException {
            try {
                System.out.println("request "+request.getPathInfo());
                ApplicationUser user = new ObjectMapper().readValue(request.getInputStream(),ApplicationUser.class);
//this is where the exception is    
                return authenticationManager.authenticate(new UsernamePasswordAuthenticationToken(user.getUsername(),user.getPassword(),new ArrayList<>()));
            } catch (IOException e) {
                throw new RuntimeException(e);
            }
        }

        @Override
        protected void successfulAuthentication(HttpServletRequest request, HttpServletResponse response, FilterChain chain, Authentication authResult) throws IOException, ServletException {
            String token = Jwts.builder()
                    .setSubject(((ApplicationUser) authResult.getPrincipal()).getUsername())
                    .setExpiration(new Date(System.currentTimeMillis() + EXPIRATION_TIME))
                    .signWith(SignatureAlgorithm.HS512, SECRET.getBytes())
                    .compact();
            response.addHeader(HEADER_STRING, TOKEN_PREFIX + token);
        }
    }

这是我的安全配置:

@EnableWebSecurity
public class SecurityConfig extends WebSecurityConfigurerAdapter {

    private BCryptPasswordEncoder bCryptPasswordEncoder;
    private UserDetailsService userDetailsService;

    public SecurityConfig(AppUserDetailService userDetailsService, BCryptPasswordEncoder bCryptPasswordEncoder){
        this.bCryptPasswordEncoder=bCryptPasswordEncoder;
        this.userDetailsService=userDetailsService;
    }



    @Override
    protected void configure(HttpSecurity http) throws Exception {
        http.cors().and().csrf().disable().authorizeRequests()
                .antMatchers(HttpMethod.POST, SIGN_UP_URL).permitAll()
//                .antMatchers(HttpMethod.POST,LOGIN_URL).permitAll()
                .anyRequest().authenticated()
                .and()
                .addFilter(new JWTAuthenticationFilter(authenticationManager()))
                .addFilter(new JWTAuthorizationFilter(authenticationManager()))
                // this disables session creation on Spring Security
                .sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS);
    }
    @Override
    public void configure(AuthenticationManagerBuilder auth) throws Exception {
        auth.userDetailsService(userDetailsService).passwordEncoder(bCryptPasswordEncoder);
    }
    @Bean
    CorsConfigurationSource corsConfigurationSource() {
        final UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource();
        source.registerCorsConfiguration("/**", new CorsConfiguration().applyPermitDefaultValues());
        return source;
    }
}

注册工作正常,但是当我尝试使用相同的凭据登录时,出现以下异常:

原因:com.fasterxml.jackson.databind.exc.MismatchedInputException:由于输入结束,没有要映射的内容 在 [来源:(org.apache.catalina.connector.CoyoteInputStream);行:1,列:0] 在 com.fasterxml.jackson.databind.exc.MismatchedInputException.from(MismatchedInputException.java:59) ~[jackson-databind-2.9.6.jar:2.9.6] 在 com.fasterxml.jackson.databind.ObjectMapper._initForReading(ObjectMapper.java:4145) ~[jackson-databind-2.9.6.jar:2.9.6] 在 com.fasterxml.jackson.databind.ObjectMapper._readMapAndClose(ObjectMapper.java:4000) ~[jackson-databind-2.9.6.jar:2.9.6] 在 com.fasterxml.jackson.databind.ObjectMapper.readValue(ObjectMapper.java:3070) ~[jackson-databind-2.9.6.jar:2.9.6] 在 com.project.pq.security.JWTAuthenticationFilter.attemptAuthentication(JWTAuthenticationFilter.java:35) ~[classes/:na] ...省略了53个常用框架

我正在使用 Postman 访问 API,在那里我将 application/json 设置为内容类型,并将用户名和密码作为 post 参数发送。我正在关注this 教程。我究竟做错了什么?任何帮助,将不胜感激。

谢谢

【问题讨论】:

  • 不要使用过滤器中的 POST 内容,尤其是适用于所有 URL 的过滤器。如果登录需要一个带有 JSON 内容的指定 URL 的 POST,那么它应该由一个 Servlet 处理,而不是一个过滤器。身份验证过滤器用于处理标头值(例如Authentication),因此可以在处理任意请求期间即时进行身份验证。

标签: java spring-boot spring-security jwt jackson-databind


【解决方案1】:

我有同样的错误,必须删除 ApplicationUser 用户 = 新 ObjectMapper().readValue(request.getInputStream(),ApplicationUser.class);

直接使用request.getParameter:

                new UsernamePasswordAuthenticationToken(
                    request.getParameter("username"),
                    request.getParameter("password"),
                    Collections.emptyList()
            )

【讨论】:

  • 你找到这种行为的原因了吗?我也有同样的问题。
  • 用 request.getParameter("") 替换 objectMapper 行就像魅力一样
猜你喜欢
  • 1970-01-01
  • 2018-09-23
  • 1970-01-01
  • 1970-01-01
  • 1970-01-01
  • 2019-04-13
  • 2012-09-13
  • 1970-01-01
  • 2015-01-11
相关资源
最近更新 更多
热门标签
Java Python linux javascript Mysql C# Docker 算法 前端 SpringBoot Redis Vue spring 设计模式 .net core .net kubernetes c++ 数据库 数据结构 大数据 js 机器学习 微服务 Android Go 程序员 面试 JVM ASP.net core 云原生 人工智能 后端 PHP git CSS golang k8s Nginx Django mybatis 深度学习 多线程 React 架构 devops 爬虫 云计算 Spring Boot LeetCode