【发布时间】:2021-01-29 05:43:10
【问题描述】:
我有一个 Jhipster 构建的后端,并希望在请求发送无效身份验证承载令牌时进行记录。
目前使用 Postman,我可以发送一个有效的令牌来获取我需要的信息,并且记录如下:
2020-10-14 10:11:37.591 DEBUG 4132 --- [ XNIO-1 task-1] s.n.www.protocol.http.HttpURLConnection : sun.net.www.MessageHeader@77674d5d5 pairs: {GET /auth/realms/p
latform-development/protocol/openid-connect/certs HTTP/1.1: null}{Accept: application/json, application/jwk-set+json}{User-Agent: Java/11.0.7}{Host: sso.eva-int.c
om}{Connection: keep-alive}
2020-10-14 10:11:37.630 DEBUG 4132 --- [ XNIO-1 task-1] s.n.www.protocol.http.HttpURLConnection : sun.net.www.MessageHeader@2527b0a66 pairs: {null: HTTP/1.1 200
OK}{Connection: keep-alive}{Cache-Control: no-cache}{Content-Type: application/json}{Content-Length: 1703}{Date: Wed, 14 Oct 2020 17:11:36 GMT}
2020-10-14 10:11:37.649 DEBUG 4132 --- [ XNIO-1 task-1] jdk.event.security : X509Certificate: Alg:SHA256withRSA, Serial:17251f0f612, Subjec
t:CN=platform-development, Issuer:CN=platform-development, Key type:RSA, Length:2048, Cert Id:1603036153, Valid from:5/26/20, 10:02 AM, Valid until:5/26/30, 10:04
AM
当我发送一个无效令牌时,我会收到一个状态为 401 的响应,并且标题显示“invalid_token”,这很好,但应用程序中没有记录任何内容。
处理这个问题的代码似乎来自 Spring Security 依赖项。有没有办法让它注销更多信息?
【问题讨论】:
-
您选择了哪种身份验证类型?
标签: java spring-security oauth-2.0 jhipster jwt-auth