SessionManagementFilter分析--上

最新推荐文章于 2024-12-31 21:45:00 发布
转载 最新推荐文章于 2024-12-31 21:45:00 发布 · 3.1k 阅读 · 0

SessionManagementFilter过滤器对应的类路径为 
org.springframework.security.web.session.SessionManagementFilter 
这个过滤器看名字就知道是管理session的了,http标签是自动配置时,默认是添加SessionManagementFilter过滤器到filterChainProxy中的,如果不想使用这个过滤器,需要做如下配置 
Java代码  收藏代码
  1. <security:http auto-config="true">  
  2.   <security:session-management session-fixation-protection="none"/>  
  3. </security:http>  


其实在之前的过滤器中有使用到session策略了,但是没有细说。 
SessionManagementFilter提供两大类功能: 
1.session固化保护-通过session-fixation-protection配置 
2.session并发控制-通过concurrency-control配置 
下面看SessionManagementFilter的bean是如何创建的 
Java代码  收藏代码
  1. void createSessionManagementFilters() {  
  2.     Element sessionMgmtElt = DomUtils.getChildElementByTagName(httpElt, Elements.SESSION_MANAGEMENT);  
  3.     Element sessionCtrlElt = null;  
  4.   
  5.     String sessionFixationAttribute = null;  
  6.     String invalidSessionUrl = null;  
  7.     String sessionAuthStratRef = null;  
  8.     String errorUrl = null;  
  9.     //如果配置了标签,解析标签的属性、子标签  
  10.     if (sessionMgmtElt != null) {  
  11.         sessionFixationAttribute = sessionMgmtElt.getAttribute(ATT_SESSION_FIXATION_PROTECTION);  
  12.         invalidSessionUrl = sessionMgmtElt.getAttribute(ATT_INVALID_SESSION_URL);  
  13.         sessionAuthStratRef = sessionMgmtElt.getAttribute(ATT_SESSION_AUTH_STRATEGY_REF);  
  14.         errorUrl = sessionMgmtElt.getAttribute(ATT_SESSION_AUTH_ERROR_URL);  
  15.         sessionCtrlElt = DomUtils.getChildElementByTagName(sessionMgmtElt, Elements.CONCURRENT_SESSIONS);  
  16.         //判断是否配置了concurrency-control子标签  
  17.         if (sessionCtrlElt != null) {  
  18.             //配置了并发控制标签则创建并发控制过滤器和session注册的bean定义  
  19.             createConcurrencyControlFilterAndSessionRegistry(sessionCtrlElt);  
  20.         }  
  21.     }  
  22.   
  23.     if (!StringUtils.hasText(sessionFixationAttribute)) {  
  24.         sessionFixationAttribute = OPT_SESSION_FIXATION_MIGRATE_SESSION;  
  25.     } else if (StringUtils.hasText(sessionAuthStratRef)) {  
  26.         pc.getReaderContext().error(ATT_SESSION_FIXATION_PROTECTION + " attribute cannot be used" +  
  27.                 " in combination with " + ATT_SESSION_AUTH_STRATEGY_REF, pc.extractSource(sessionCtrlElt));  
  28.     }  
  29.   
  30.     boolean sessionFixationProtectionRequired = !sessionFixationAttribute.equals(OPT_SESSION_FIXATION_NO_PROTECTION);  
  31.   
  32.     BeanDefinitionBuilder sessionStrategy;  
  33.     //如果配置了concurrency-control子标签  
  34.     if (sessionCtrlElt != null) {  
  35.         assert sessionRegistryRef != null;  
  36.         //session控制策略为ConcurrentSessionControlStrategy  
  37.         sessionStrategy = BeanDefinitionBuilder.rootBeanDefinition(ConcurrentSessionControlStrategy.class);  
  38.         sessionStrategy.addConstructorArgValue(sessionRegistryRef);  
  39.   
  40.         String maxSessions = sessionCtrlElt.getAttribute("max-sessions");  
  41.         //添加最大session数  
  42.         if (StringUtils.hasText(maxSessions)) {  
  43.             sessionStrategy.addPropertyValue("maximumSessions", maxSessions);  
  44.         }  
  45.         String exceptionIfMaximumExceeded = sessionCtrlElt.getAttribute("error-if-maximum-exceeded");  
  46.   
  47.         if (StringUtils.hasText(exceptionIfMaximumExceeded)) {  
  48.             sessionStrategy.addPropertyValue("exceptionIfMaximumExceeded", exceptionIfMaximumExceeded);  
  49.         }  
  50.     } else if (sessionFixationProtectionRequired || StringUtils.hasText(invalidSessionUrl)  
  51.             || StringUtils.hasText(sessionAuthStratRef)) {  
  52.         //如果没有配置concurrency-control子标签  
  53.           //session控制策略是SessionFixationProtectionStrategy  
  54.         sessionStrategy = BeanDefinitionBuilder.rootBeanDefinition(SessionFixationProtectionStrategy.class);  
  55.     } else {  
  56.         //<session-management session-fixation-protection="none"/>  
  57.         sfpf = null;  
  58.         return;  
  59.     }  
  60.     //创建SessionManagementFilter,并设置依赖的bean、property  
  61.     BeanDefinitionBuilder sessionMgmtFilter = BeanDefinitionBuilder.rootBeanDefinition(SessionManagementFilter.class);  
  62.     RootBeanDefinition failureHandler = new RootBeanDefinition(SimpleUrlAuthenticationFailureHandler.class);  
  63.     if (StringUtils.hasText(errorUrl)) {  
  64.         failureHandler.getPropertyValues().addPropertyValue("defaultFailureUrl", errorUrl);  
  65.     }  
  66.     sessionMgmtFilter.addPropertyValue("authenticationFailureHandler", failureHandler);  
  67.     sessionMgmtFilter.addConstructorArgValue(contextRepoRef);  
  68.   
  69.     if (!StringUtils.hasText(sessionAuthStratRef)) {  
  70.         BeanDefinition strategyBean = sessionStrategy.getBeanDefinition();  
  71.   
  72.         if (sessionFixationProtectionRequired) {  
  73.             sessionStrategy.addPropertyValue("migrateSessionAttributes",  
  74.                     Boolean.valueOf(sessionFixationAttribute.equals(OPT_SESSION_FIXATION_MIGRATE_SESSION)));  
  75.         }  
  76.         sessionAuthStratRef = pc.getReaderContext().generateBeanName(strategyBean);  
  77.         pc.registerBeanComponent(new BeanComponentDefinition(strategyBean, sessionAuthStratRef));  
  78.     }  
  79.   
  80.     if (StringUtils.hasText(invalidSessionUrl)) {  
  81.         sessionMgmtFilter.addPropertyValue("invalidSessionUrl", invalidSessionUrl);  
  82.     }  
  83.   
  84.     sessionMgmtFilter.addPropertyReference("sessionAuthenticationStrategy", sessionAuthStratRef);  
  85.   
  86.     sfpf = (RootBeanDefinition) sessionMgmtFilter.getBeanDefinition();  
  87.     sessionStrategyRef = new RuntimeBeanReference(sessionAuthStratRef);  
  88. }  
  89.   
  90. //创建并发控制Filter和session注册的bean  
  91. private void createConcurrencyControlFilterAndSessionRegistry(Element element) {  
  92.     final String ATT_EXPIRY_URL = "expired-url";  
  93.     final String ATT_SESSION_REGISTRY_ALIAS = "session-registry-alias";  
  94.     final String ATT_SESSION_REGISTRY_REF = "session-registry-ref";  
  95.   
  96.     CompositeComponentDefinition compositeDef =  
  97.         new CompositeComponentDefinition(element.getTagName(), pc.extractSource(element));  
  98.     pc.pushContainingComponent(compositeDef);  
  99.   
  100.     BeanDefinitionRegistry beanRegistry = pc.getRegistry();  
  101.   
  102.     String sessionRegistryId = element.getAttribute(ATT_SESSION_REGISTRY_REF);  
  103.     //判断是否配置了session-registry-ref属性,用于扩展  
  104.      //默认情况下使用SessionRegistryImpl类管理session的注册  
  105.     if (!StringUtils.hasText(sessionRegistryId)) {  
  106.         // Register an internal SessionRegistryImpl if no external reference supplied.  
  107.         RootBeanDefinition sessionRegistry = new RootBeanDefinition(SessionRegistryImpl.class);  
  108.         sessionRegistryId = pc.getReaderContext().registerWithGeneratedName(sessionRegistry);  
  109.         pc.registerComponent(new BeanComponentDefinition(sessionRegistry, sessionRegistryId));  
  110.     }  
  111.   
  112.     String registryAlias = element.getAttribute(ATT_SESSION_REGISTRY_ALIAS);  
  113.     if (StringUtils.hasText(registryAlias)) {  
  114.         beanRegistry.registerAlias(sessionRegistryId, registryAlias);  
  115.     }  
  116.     //创建并发session控制的Filter  
  117.     BeanDefinitionBuilder filterBuilder =  
  118.             BeanDefinitionBuilder.rootBeanDefinition(ConcurrentSessionFilter.class);  
  119.     //注入session的注册实现类  
  120.     filterBuilder.addPropertyReference("sessionRegistry", sessionRegistryId);  
  121.   
  122.     Object source = pc.extractSource(element);  
  123.     filterBuilder.getRawBeanDefinition().setSource(source);  
  124.     filterBuilder.setRole(BeanDefinition.ROLE_INFRASTRUCTURE);  
  125.   
  126.     String expiryUrl = element.getAttribute(ATT_EXPIRY_URL);  
  127.   
  128.     if (StringUtils.hasText(expiryUrl)) {  
  129.         WebConfigUtils.validateHttpRedirect(expiryUrl, pc, source);  
  130.         filterBuilder.addPropertyValue("expiredUrl", expiryUrl);  
  131.     }  
  132.   
  133.     pc.popAndRegisterContainingComponent();  
  134.   
  135.     concurrentSessionFilter = filterBuilder.getBeanDefinition();  
  136.     sessionRegistryRef = new RuntimeBeanReference(sessionRegistryId);  
  137. }  


接着看SessionManagementFilter过滤器执行过程 
Java代码  收藏代码
  1. public void doFilter(ServletRequest req, ServletResponse res, FilterChain chain)  
  2.         throws IOException, ServletException {  
  3.     HttpServletRequest request = (HttpServletRequest) req;  
  4.     HttpServletResponse response = (HttpServletResponse) res;  
  5.     //省略……  
  6.      //判断当前session中是否有SPRING_SECURITY_CONTEXT属性  
  7.     if (!securityContextRepository.containsContext(request)) {  
  8.         Authentication authentication = SecurityContextHolder.getContext().getAuthentication();  
  9.   
  10.         if (authentication != null && !authenticationTrustResolver.isAnonymous(authentication)) {  
  11.             try {  
  12.                 //再通过sessionStrategy执行session固化、并发处理  
  13.                    //与UsernamePasswordAuthenticationFilter时处理一样,后面会仔细分析。  
  14.                 sessionStrategy.onAuthentication(authentication, request, response);  
  15.             } catch (SessionAuthenticationException e) {  
  16.                 SecurityContextHolder.clearContext();  
  17.                 failureHandler.onAuthenticationFailure(request, response, e);  
  18.                 return;  
  19.             }  
  20.             //把SecurityContext设置到当前session中  
  21.             securityContextRepository.saveContext(SecurityContextHolder.getContext(), request, response);  
  22.         } else {  
  23.             if (request.getRequestedSessionId() != null && !request.isRequestedSessionIdValid()) {  
  24.                 if (invalidSessionUrl != null) {  
  25.                     request.getSession();  
  26.                     redirectStrategy.sendRedirect(request, response, invalidSessionUrl);  
  27.   
  28.                     return;  
  29.                 }  
  30.             }  
  31.         }  
  32.     }  
  33.   
  34.     chain.doFilter(request, response);  
  35. }  


如果项目需要使用session的并发控制,需要做如下的配置 
Xml代码  收藏代码
  1. <session-management invalid-session-url="/login.jsp">  
  2.     <concurrency-control max-sessions="1" error-if-maximum-exceeded="true" expired-url="/login.jsp"/>  
  3. </session-management>  

session-fixation-protection属性支持三种不同的选项允许你使用 
none:使得session固化攻击失效(未配置其他属性) 
migrateSession:当用户经过认证后分配一个新的session,它保证原session的所有属性移到新session中 
newSession:当用户认证后,建立一个新的session,原(未认证时)session的属性不会进行移到新session中来 


如果使用了标签concurrency-control,那么filterchainProxy中会添加新的过滤器 
ConcurrentSessionFilter。这个过滤器的顺序在SecurityContextPersistenceFilter之前。说明未创建空的认证实体时就需要对session进行并发控制了 
看ConcurrentSessionFilter执行过程 
Java代码  收藏代码
  1. public void doFilter(ServletRequest req, ServletResponse res, FilterChain chain)  
  2.         throws IOException, ServletException {  
  3.     HttpServletRequest request = (HttpServletRequest) req;  
  4.     HttpServletResponse response = (HttpServletResponse) res;  
  5.   
  6.     HttpSession session = request.getSession(false);  
  7.     if (session != null) {  
  8.         //这个SessionInformation是在执行SessionManagementFilter时通过sessionRegistry构造的并且放置在map集合中的  
  9.         SessionInformation info = sessionRegistry.getSessionInformation(session.getId());  
  10.         //如果当前session已经注册了  
  11.         if (info != null) {  
  12.             //如果当前session失效了  
  13.             if (info.isExpired()) {  
  14.                 // Expired - abort processing  
  15.                 //强制退出  
  16.                 doLogout(request, response);  
  17.                 //目标url为expired-url标签配置的属性值  
  18.                 String targetUrl = determineExpiredUrl(request, info);  
  19.                 //跳转到指定url  
  20.                 if (targetUrl != null) {  
  21.                     redirectStrategy.sendRedirect(request, response, targetUrl);  
  22.   
  23.                     return;  
  24.                 } else {  
  25.                     response.getWriter().print("This session has been expired (possibly due to multiple concurrent " +  
  26.                             "logins being attempted as the same user).");  
  27.                     response.flushBuffer();  
  28.                 }  
  29.   
  30.                 return;  
  31.             } else {  
  32.                 // Non-expired - update last request date/time  
  33.                 //session未失效,刷新时间  
  34.                 info.refreshLastRequest();  
  35.             }  
  36.         }  
  37.     }  
  38.   
  39.     chain.doFilter(request, response);  
  40. }  

那么分析完ConcurrentSessionFilter过滤器的执行过程,具体有什么作用呢? 
简单点概括就是:从session缓存中获取当前session信息,如果发现过期了,就跳转到expired-url配置的url或者响应session失效提示信息。当前session有哪些情况会导致session失效呢?这里的失效并不是指在web容器中session的失效,而是spring security把登录成功的session封装为SessionInformation并放到注册类缓存中,如果SessionInformation的expired变量为true,则表示session已失效。 
所以,ConcurrentSessionFilter过滤器主要检查SessionInformation的expired变量的值 


为了能清楚解释session 并发控制的过程,现在引入UsernamePasswordAuthenticationFilter过滤器,因为该过滤器就是对登录账号进行认证的,并且在分析UsernamePasswordAuthenticationFilter过滤器时,也没有详细讲解session的处理。 
UsernamePasswordAuthenticationFilter的doFilter是由父类AbstractAuthenticationProcessingFilter完成的,截取部分重要代码 
Java代码  收藏代码
  1. try {  
  2.     //由子类UsernamePasswordAuthenticationFilter认证  
  3.       //之前已经详细分析  
  4.     authResult = attemptAuthentication(request, response);  
  5.     if (authResult == null) {  
  6.         // return immediately as subclass has indicated that it hasn't completed authentication  
  7.         return;  
  8.     }  
  9.     //由session策略类完成session固化处理、并发控制处理  
  10.       //如果当前认证实体的已注册session数超出最大并发的session数  
  11.       //这里会抛出AuthenticationException  
  12.     sessionStrategy.onAuthentication(authResult, request, response);  
  13. }  
  14. catch (AuthenticationException failed) {  
  15.     // Authentication failed  
  16.     //捕获到异常,直接跳转到失败页面或做其他处理  
  17.     unsuccessfulAuthentication(request, response, failed);  
  18.   
  19.     return;  
  20. }  

session处理的方法就是这一语句 
Java代码  收藏代码
  1. sessionStrategy.onAuthentication(authResult, request, response);  

如果是采用了并发控制session,则sessionStrategy为ConcurrentSessionControlStrategy类,具体源码: 
Java代码  收藏代码
  1. public void onAuthentication(Authentication authentication, HttpServletRequest request,  
  2.         HttpServletResponse response) {  
  3.     //检查是否允许认证  
  4.     checkAuthenticationAllowed(authentication, request);  
  5.   
  6.     // Allow the parent to create a new session if necessary  
  7.     //执行父类SessionFixationProtectionStrategy的onAuthentication,完成session固化工作。其实就是重新建立一个session,并且把之前的session失效掉。  
  8.     super.onAuthentication(authentication, request, response);  
  9.     //向session注册类SessionRegistryImpl注册当前session、认证实体  
  10.      //实际上SessionRegistryImpl维护两个缓存列表,分别是  
  11.      //1.sessionIds(Map):key=sessionid,value=SessionInformation  
  12.     //2.principals(Map):key=principal,value=HashSet  
  13.     sessionRegistry.registerNewSession(request.getSession().getId(), authentication.getPrincipal());  
  14. }  
  15. //检查是否允许认证通过,如果通过直接返回,不通过,抛出AuthenticationException  
  16. private void checkAuthenticationAllowed(Authentication authentication, HttpServletRequest request)  
  17.         throws AuthenticationException {  
  18.     //获取当前认证实体的session集合  
  19.     final List<SessionInformation> sessions = sessionRegistry.getAllSessions(authentication.getPrincipal(), false);  
  20.   
  21.     int sessionCount = sessions.size();  
  22.     //获取的并发session数(由max-sessions属性配置)  
  23.     int allowedSessions = getMaximumSessionsForThisUser(authentication);  
  24.     //如果当前认证实体的已注册session数小于max-sessions,允许通过  
  25.     if (sessionCount < allowedSessions) {  
  26.         // They haven't got too many login sessions running at present  
  27.         return;  
  28.     }  
  29.     //如果allowedSessions配置为-1,说明未限制并发session数,允许通过  
  30.     if (allowedSessions == -1) {  
  31.         // We permit unlimited logins  
  32.         return;  
  33.     }  
  34.     //如果当前认证实体的已注册session数等于max-sessions  
  35.     //判断当前的session是否已经注册过了,如果注册过了,允许通过  
  36.     if (sessionCount == allowedSessions) {  
  37.         HttpSession session = request.getSession(false);  
  38.   
  39.         if (session != null) {  
  40.             // Only permit it though if this request is associated with one of the already registered sessions  
  41.             for (SessionInformation si : sessions) {  
  42.                 if (si.getSessionId().equals(session.getId())) {  
  43.                     return;  
  44.                 }  
  45.             }  
  46.         }  
  47.         // If the session is null, a new one will be created by the parent class, exceeding the allowed number  
  48.     }  
  49.     //以上条件都不满足时,进一步处理  
  50.     allowableSessionsExceeded(sessions, allowedSessions, sessionRegistry);  
  51. }  
  52.   
  53. protected void allowableSessionsExceeded(List<SessionInformation> sessions, int allowableSessions,  
  54.         SessionRegistry registry) throws SessionAuthenticationException {  
  55.     //判断配置的error-if-maximum-exceeded属性,如果为true,抛出异常  
  56.     if (exceptionIfMaximumExceeded || (sessions == null)) {  
  57.         throw new SessionAuthenticationException(messages.getMessage("ConcurrentSessionControllerImpl.exceededAllowed",  
  58.                 new Object[] {new Integer(allowableSessions)},  
  59.                 "Maximum sessions of {0} for this principal exceeded"));  
  60.     }  
  61.     //如果配置的error-if-maximum-exceeded为false,接下来就是取出最先注册的session信息(这里是封装到SessionInformation),然后让最先认证成功的session过期。当ConcurrentSessionFilter过滤器检查到这个过期的session,就执行session失效的处理。  
  62.     // Determine least recently used session, and mark it for invalidation  
  63.     SessionInformation leastRecentlyUsed = null;  
  64.   
  65.     for (int i = 0; i < sessions.size(); i++) {  
  66.         if ((leastRecentlyUsed == null)  
  67.                 || sessions.get(i).getLastRequest().before(leastRecentlyUsed.getLastRequest())) {  
  68.             leastRecentlyUsed = sessions.get(i);  
  69.         }  
  70.     }  
  71.     leastRecentlyUsed.expireNow();  
  72. }  


经过以上分析,可以这么理解 

如果concurrency-control标签配置了error-if-maximum-exceeded="true",max-sessions="1",那么第二次登录时,是登录不了的。如果error-if-maximum-exceeded="false",那么第二次是能够登录到系统的,但是第一个登录的账号再次发起请求时,会跳转到expired-url配置的url中(如果没有配置,则显示This session has been expired (possibly due to multiple concurrent logins being attempted as the same user).提示信息) 

由于篇幅过长,SessionManagementFilter、org.springframework.security.web.session.HttpSessionEventPublisher就放到下部分再分析了
14 spring-security 中的 SessionManagerFilter 导致的每刷新一次页面 JSESSIONID 切换一次 导致 session 不可用
970655147的专栏
04-12 1357
然后 响应了一个 set-cookie 的响应头, 告诉客户端这边重新更新 cookie, 第一批次的请求的所有响应里面都有这个 set-cookie, 并且每一个 set-cookie 中的 JSESSIONID 不一。按照 我们的通常的 web 经验的理解, 一个 session 应该是有一定的生命周期的, 为啥这里每一批次请求 就会切换 JSESSIONID 呢?然后 这个处理之后的其他业务使用到了 request.getSession(true) 的相关业务操作, 会创建新的 session。
纷杂的spring-boot-starter
我的LOG
01-13 481
纷杂的spring-boot-starter简述应用日志和spring-boot-starter-logging快速Web应用开发与spring-boot-starter-web项目结构层面的约定SpringMVC框架层面的约定和定制嵌入式Web容器层面的约定和定制数据访问与spring-boot-starter-jdbcSpringBoot应用的数据库版本化管理 简述 1)基于Spring框架的“约定优先于配置(COC)”理念以及最佳实践之路。 2)提供了针对日常企业应用研发各种场景的spring-boo
Spring Security3源码分析(13)-SessionManagementFilter分析-
Benjamin
09-11 2173
SessionManagementFilter过滤器对应的类路径为  org.springframework.security.web.session.SessionManagementFilter  这个过滤器看名字就知道是管理session的了,http标签是自动配置时,默认是添加SessionManagementFilter过滤器到filterChainProxy中的,如果不想使用这个过
[11] SessionManagementFilter
热门推荐
既无风雨也无晴
03-16 2万+
SessionManagementFilter 介绍 该Filter内部包含了SessionAuthenticationStrategy和SecurityContextRepository,SessionAuthenticationStrategy是一个复合会话认证策略CompositeSessionAuthenticationStrategy,默认情况下仅包含一个ChangeSessionId...
Spring Security3源码分析-SessionManagementFilter分析-
Dead_Knight的专栏
05-08 238
很多spring security3资料在介绍session的并发控制都要求配置HttpSessionEventPublisher的监听器,如下 [code="xml"] org.springframework.security.web.session.HttpSessionEventPublisher [/code] 这个监听器...
Spring Security Web 5.1.2 源码解析 -- SessionManagementFilter
Details Inside Spring
12-08 1781
概述 该过滤器会检测从当前请求处理开始到目前为止的过程中是否发生了用户登录认证行为(比如这是一个用户名/密码表单提交的请求处理过程),如果检测到这一情况,执行相应的session认证策略(一个SessionAuthenticationStrategy),然后继续继续请求的处理。 针对Servlet 3.1+,缺省所使用的SessionAuthenticationStrategy会是一个Change...
Spring Security(学习笔记) --会话管理(会话并发管理实现以及源码分析,会话固定攻击)!
TONGZHOUGONGDU的博客
04-28 1160
本篇介绍了会话概念,以及并发会话管理,看了下并发会话的源码,最后介绍了下会话固定攻击的概念,以及Security自带的防御会话攻击的策略,下一篇我们来看看Security中的防火墙。
"C:\Program Files\Java\jdk-1.8\bin\java.exe" -Dpandora.location=E:\apache-maven-3.8.1-bin\taobao-hsf.sar-dev-SNAPSHOT.jar -Xmx1g -XX:TieredStopAtLevel=1 -noverify -Dspring.output.ansi.enabled=always -Dcom.sun.management.jmxremote -Dspring.jmx.enabled=true -Dspring.liveBeansView.mbeanDomain -Dspring.application.admin.enabled=true "-Dmanagement.endpoints.jmx.exposure.include=*" "-javaagent:E:\idea\IntelliJ IDEA 2023.2\lib\idea_rt.jar=53638:E:\idea\IntelliJ IDEA 2023.2\bin" -Dfile.encoding=UTF-8 -classpath C:\Users\Lplayer\AppData\Local\Temp\classpath1138593618.jar com.insigma.InsiisWebApplication fail to download http://mvnrepo.alibaba-inc.com/mvn/repository/com/alibaba/citrus/tool/antx-autoconfig/1.2-jdk9/antx-autoconfig-1.2-jdk9.jar to C:\Users\Lplayer\.autoconf\autoconf-1.2-jdk9.jar C:\Users\Lplayer\.autoconf\autoconf-1.2-jdk9.jar doesn't exist. ____ _ ____ _ | _ \ __ _ _ __ __| | ___ _ __ __ _ | __ ) ___ ___ | |_ | |_) / _` | '_ \ / _` |/ _ \| '__/ _` | | _ \ / _ \ / _ \| __| | __/ (_| | | | | (_| | (_) | | | (_| | | |_) | (_) | (_) | |_ |_| \__,_|_| |_|\__,_|\___/|_| \__,_| |____/ \___/ \___/ \__| :: Pandora Boot :: 2.1.9.1 Set log4j.defaultInitOverride to true. JM.Log:INFO Init JM logger with Log4jLoggerFactory JM.Log:INFO Log root path: C:\Users\Lplayer\logs\ JM.Log:INFO Set pandora log path: C:\Users\Lplayer\logs\pandora JM.Log:INFO Init JM logger with Log4jLoggerFactory JM.Log:INFO Log root path: C:\Users\Lplayer\logs\ JM.Log:INFO Set pandora log path: C:\Users\Lplayer\logs\pandora JM.Log:INFO Init JM logger with Log4jLoggerFactory JM.Log:INFO Log root path: C:\Users\Lplayer\logs\ JM.Log:INFO Set pandolet log path: C:\Users\Lplayer\logs\pandolet INFO: spas-client-initializer init Wed Aug 06 09:00:34 CST 2025 spas-sdk-client's ModuleClassLoader JM.Log:INFO Init JM logger with Slf4jLoggerFactory success, spas-sdk-client's ModuleClassLoader Wed Aug 06 09:00:34 CST 2025 spas-sdk-client's ModuleClassLoader JM.Log:INFO Log root path: C:\Users\Lplayer\logs\ Wed Aug 06 09:00:34 CST 2025 spas-sdk-client's ModuleClassLoader JM.Log:INFO Set spas log path: C:\Users\Lplayer\logs\spas Wed Aug 06 09:00:34 CST 2025 eagleeye-core's ModuleClassLoader JM.Log:INFO Init JM logger with Slf4jLoggerFactory success, eagleeye-core's ModuleClassLoader Wed Aug 06 09:00:34 CST 2025 eagleeye-core's ModuleClassLoader JM.Log:INFO Log root path: C:\Users\Lplayer\logs\ Wed Aug 06 09:00:34 CST 2025 eagleeye-core's ModuleClassLoader JM.Log:INFO Set metrics log path: C:\Users\Lplayer\logs\metrics Wed Aug 06 09:00:35 CST 2025 vipserver-client's ModuleClassLoader JM.Log:INFO Init JM logger with Log4jLoggerFactory, vipserver-client's ModuleClassLoader Wed Aug 06 09:00:35 CST 2025 vipserver-client's ModuleClassLoader JM.Log:INFO Log root path: C:\Users\Lplayer\logs\ Wed Aug 06 09:00:35 CST 2025 vipserver-client's ModuleClassLoader JM.Log:INFO Set vipsrv-logs log path: C:\Users\Lplayer\logs\vipsrv-logs Wed Aug 06 09:00:35 CST 2025 monitor's ModuleClassLoader JM.Log:INFO Init JM logger with Slf4jLoggerFactory success, monitor's ModuleClassLoader Wed Aug 06 09:00:35 CST 2025 monitor's ModuleClassLoader JM.Log:INFO Log root path: C:\Users\Lplayer\logs\ Wed Aug 06 09:00:35 CST 2025 monitor's ModuleClassLoader JM.Log:INFO Set tomcat-monitor log path: C:\Users\Lplayer\logs\tomcat-monitor Wed Aug 06 09:00:35 CST 2025 hsf's ModuleClassLoader JM.Log:INFO Init JM logger with Slf4jLoggerFactory success, hsf's ModuleClassLoader Wed Aug 06 09:00:35 CST 2025 hsf's ModuleClassLoader JM.Log:INFO Log root path: C:\Users\Lplayer\logs\ Wed Aug 06 09:00:35 CST 2025 hsf's ModuleClassLoader JM.Log:INFO Set hsf log path: C:\Users\Lplayer\logs\hsf SLF4J: Class path contains multiple SLF4J bindings. SLF4J: Found binding in [jar:file:/E:/apache-maven-3.8.1-bin/taobao-hsf.sar-dev-SNAPSHOT.jar!/plugins/hsf!/lib/logback-classic-1.2.3.jar!/org/slf4j/impl/StaticLoggerBinder.class] SLF4J: Found binding in [jar:file:/E:/apache-maven-3.8.1-bin/taobao-hsf.sar-dev-SNAPSHOT.jar!/plugins/hsf!/lib/slf4j-log4j12-1.6.1.jar!/org/slf4j/impl/StaticLoggerBinder.class] SLF4J: See http://www.slf4j.org/codes.html#multiple_bindings for an explanation. SLF4J: Actual binding is of type [ch.qos.logback.classic.util.ContextSelectorStaticBinder] *******************HSF PORT:12200 ************** *************Pandora QOS PORT:12201 ************** *************Tomcat Monitor Port:8006 ************** *******************Sentinel PORT:8719 ************** log4j:WARN No appenders could be found for logger (io.netty.util.internal.logging.InternalLoggerFactory). log4j:WARN Please initialize the log4j system properly. log4j:WARN See http://logging.apache.org/log4j/1.2/faq.html#noconfig for more info. **************************************************************************************** ** ** ** Pandora Container ** ** ** ** Pandora Host: 10.66.242.118 ** ** Pandora Version: 2.1.4 ** ** SAR Version: edas.sar.V3.5.3 ** ** Package Time: 2025-08-06 09:00:32 ** ** ** ** Plug-in Modules: 19 ** ** ** ** metrics .......................................... 1.7.0 ** ** edas-assist ...................................... 2.0 ** ** pandora-qos-service .............................. edas215 ** ** pandolet ......................................... 1.0.0 ** ** spas-sdk-client .................................. 1.3.0 ** ** eagleeye-core .................................... 1.7.10.1 ** ** tddl-driver ...................................... 1.0.5-SNAPSHOT ** ** vipserver-client ................................. 4.7.9-SNAPSHOT ** ** diamond-client ................................... 3.8.10 ** ** configcenter-client .............................. 1.0.3 ** ** spas-sdk-service ................................. 1.3.0 ** ** dpath ............................................ 1.4 ** ** config-client .................................... 1.9.6 ** ** unitrouter ....................................... 1.0.11 ** ** monitor .......................................... 1.2.3-SNAPSHOT ** ** sentinel-plugin .................................. 2.12.12-edas ** ** ons-client ....................................... 1.8.0-EagleEye ** ** hsf .............................................. 2.2.7.3.1-TLS ** ** pandora-framework ................................ 2.0.8 ** ** ** ** [WARNING] All these plug-in modules will override maven pom.xml dependencies. ** ** More: http://gitlab.alibaba-inc.com/middleware-container/pandora/wikis/home ** ** ** **************************************************************************************** INFO: spas-client-initializer start JM.Log:INFO Init JM logger with Log4jLoggerFactory JM.Log:INFO Log root path: C:\Users\Lplayer\logs\ JM.Log:INFO Set pandora log path: C:\Users\Lplayer\logs\pandora Init available components Scanning for available components in the runtime Starting available components Skip ProjectInfoInitializer. 2025-08-06 09:00:37.814 INFO 3324 --- [ main] trationDelegate$BeanPostProcessorChecker : Bean 'org.springframework.cloud.autoconfigure.ConfigurationPropertiesRebinderAutoConfiguration' of type [org.springframework.cloud.autoconfigure.ConfigurationPropertiesRebinderAutoConfiguration$$EnhancerBySpringCGLIB$$dd14cfb2] is not eligible for getting processed by all BeanPostProcessors (for example: not eligible for auto-proxying) 2025-08-06 09:00:37.845 INFO 3324 --- [ main] c.a.c.c.acm.AliCloudAcmInitializer : Initialize acm from acm configuration. . ____ _ __ _ _ /\\ / ___'_ __ _ _(_)_ __ __ _ \ \ \ \ ( ( )\___ | '_ | '_| | '_ \/ _` | \ \ \ \ \\/ ___)| |_)| | | | | || (_| | ) ) ) ) ' |____| .__|_| |_|_| |_\__, | / / / / =========|_|==============|___/=/_/_/_/ :: Spring Boot :: (v2.1.4.RELEASE) Wed Aug 06 09:00:38 CST 2025 diamond-client's ModuleClassLoader JM.Log:INFO Init JM logger with Slf4jLoggerFactory success, diamond-client's ModuleClassLoader Wed Aug 06 09:00:38 CST 2025 diamond-client's ModuleClassLoader JM.Log:INFO Log root path: C:\Users\Lplayer\logs\ Wed Aug 06 09:00:38 CST 2025 diamond-client's ModuleClassLoader JM.Log:INFO Set diamond-client log path: C:\Users\Lplayer\logs\diamond-client 09:00:38.851 [main] INFO c.t.d.identify.CredentialWatcher - [] [] [] No credential found 2025-08-06 09:00:38.961 INFO 3324 --- [ main] b.c.PropertySourceBootstrapConfiguration : Located property source: CompositePropertySource {name='diamond', propertySources=[]} Skip ProjectInfoInitializer. 2025-08-06 09:00:38.981 INFO 3324 --- [ main] com.insigma.InsiisWebApplication : The following profiles are active: redis,datasource,security,mybatis,async 2025-08-06 09:00:42.299 INFO 3324 --- [ main] .s.d.r.c.RepositoryConfigurationDelegate : Multiple Spring Data modules found, entering strict repository configuration mode! 2025-08-06 09:00:42.299 INFO 3324 --- [ main] .s.d.r.c.RepositoryConfigurationDelegate : Bootstrapping Spring Data repositories in DEFAULT mode. 2025-08-06 09:00:42.810 INFO 3324 --- [ main] .s.d.r.c.RepositoryConfigurationDelegate : Finished Spring Data repository scanning in 503ms. Found 21 repository interfaces. 2025-08-06 09:00:42.817 INFO 3324 --- [ main] .s.d.r.c.RepositoryConfigurationDelegate : Multiple Spring Data modules found, entering strict repository configuration mode! 2025-08-06 09:00:42.817 INFO 3324 --- [ main] .s.d.r.c.RepositoryConfigurationDelegate : Bootstrapping Spring Data repositories in DEFAULT mode. 2025-08-06 09:00:42.981 INFO 3324 --- [ main] .RepositoryConfigurationExtensionSupport : Spring Data MongoDB - Could not safely identify store assignment for repository candidate interface com.insigma.sys.repository.Aa26Repository. 2025-08-06 09:00:42.982 INFO 3324 --- [ main] .RepositoryConfigurationExtensionSupport : Spring Data MongoDB - Could not safely identify store assignment for repository candidate interface com.insigma.sys.repository.MenuRepository. 2025-08-06 09:00:42.982 INFO 3324 --- [ main] .RepositoryConfigurationExtensionSupport : Spring Data MongoDB - Could not safely identify store assignment for repository candidate interface com.insigma.sys.repository.RoleRepository. 2025-08-06 09:00:42.983 INFO 3324 --- [ main] .RepositoryConfigurationExtensionSupport : Spring Data MongoDB - Could not safely identify store assignment for repository candidate interface com.insigma.sys.repository.SysCodeRepository. 2025-08-06 09:00:42.983 INFO 3324 --- [ main] .RepositoryConfigurationExtensionSupport : Spring Data MongoDB - Could not safely identify store assignment for repository candidate interface com.insigma.sys.repository.SysErrorRepository. 2025-08-06 09:00:42.983 INFO 3324 --- [ main] .RepositoryConfigurationExtensionSupport : Spring Data MongoDB - Could not safely identify store assignment for repository candidate interface com.insigma.sys.repository.SysHolidayRepository. 2025-08-06 09:00:42.983 INFO 3324 --- [ main] .RepositoryConfigurationExtensionSupport : Spring Data MongoDB - Could not safely identify store assignment for repository candidate interface com.insigma.sys.repository.SysIdMappingRespository. 2025-08-06 09:00:42.984 INFO 3324 --- [ main] .RepositoryConfigurationExtensionSupport : Spring Data MongoDB - Could not safely identify store assignment for repository candidate interface com.insigma.sys.repository.SysOrgRepository. 2025-08-06 09:00:42.984 INFO 3324 --- [ main] .RepositoryConfigurationExtensionSupport : Spring Data MongoDB - Could not safely identify store assignment for repository candidate interface com.insigma.sys.repository.SysRoleFunctionRepository. 2025-08-06 09:00:42.984 INFO 3324 --- [ main] .RepositoryConfigurationExtensionSupport : Spring Data MongoDB - Could not safely identify store assignment for repository candidate interface com.insigma.sys.repository.SysUserAreaRepository. 2025-08-06 09:00:42.985 INFO 3324 --- [ main] .RepositoryConfigurationExtensionSupport : Spring Data MongoDB - Could not safely identify store assignment for repository candidate interface com.insigma.sys.repository.SysUserRepository. 2025-08-06 09:00:42.986 INFO 3324 --- [ main] .RepositoryConfigurationExtensionSupport : Spring Data MongoDB - Could not safely identify store assignment for repository candidate interface com.insigma.sys.repository.SysUserRoleRepository. 2025-08-06 09:00:42.986 INFO 3324 --- [ main] .RepositoryConfigurationExtensionSupport : Spring Data MongoDB - Could not safely identify store assignment for repository candidate interface com.insigma.drugs.repository.ProtalDrugsRepository. 2025-08-06 09:00:42.986 INFO 3324 --- [ main] .RepositoryConfigurationExtensionSupport : Spring Data MongoDB - Could not safely identify store assignment for repository candidate interface com.insigma.framework.oplog.repository.OpLogRepository. 2025-08-06 09:00:42.986 INFO 3324 --- [ main] .RepositoryConfigurationExtensionSupport : Spring Data MongoDB - Could not safely identify store assignment for repository candidate interface com.insigma.framework.commons.repository.SysOperateLogRepository. 2025-08-06 09:00:42.987 INFO 3324 --- [ main] .RepositoryConfigurationExtensionSupport : Spring Data MongoDB - Could not safely identify store assignment for repository candidate interface com.insigma.framework.oplog.repository.OpLogFormRepository. 2025-08-06 09:00:42.987 INFO 3324 --- [ main] .RepositoryConfigurationExtensionSupport : Spring Data MongoDB - Could not safely identify store assignment for repository candidate interface com.insigma.web.support.dao.Aa01Repository. 2025-08-06 09:00:42.989 INFO 3324 --- [ main] .RepositoryConfigurationExtensionSupport : Spring Data MongoDB - Could not safely identify store assignment for repository candidate interface com.insigma.web.support.dao.CodeTypeRepository. 2025-08-06 09:00:42.989 INFO 3324 --- [ main] .RepositoryConfigurationExtensionSupport : Spring Data MongoDB - Could not safely identify store assignment for repository candidate interface com.insigma.web.support.dao.MdParamRepository. 2025-08-06 09:00:42.989 INFO 3324 --- [ main] .RepositoryConfigurationExtensionSupport : Spring Data MongoDB - Could not safely identify store assignment for repository candidate interface com.insigma.framework.web.securities.repository.SysLogonLogRepository. 2025-08-06 09:00:43.026 INFO 3324 --- [ main] .RepositoryConfigurationExtensionSupport : Spring Data MongoDB - Could not safely identify store assignment for repository candidate interface com.insigma.framework.web.securities.repository.SysLogonLogRepository. 2025-08-06 09:00:43.027 INFO 3324 --- [ main] .s.d.r.c.RepositoryConfigurationDelegate : Finished Spring Data repository scanning in 210ms. Found 0 repository interfaces. 2025-08-06 09:00:43.038 INFO 3324 --- [ main] .s.d.r.c.RepositoryConfigurationDelegate : Multiple Spring Data modules found, entering strict repository configuration mode! 2025-08-06 09:00:43.039 INFO 3324 --- [ main] .s.d.r.c.RepositoryConfigurationDelegate : Bootstrapping Spring Data repositories in DEFAULT mode. 2025-08-06 09:00:43.205 INFO 3324 --- [ main] .RepositoryConfigurationExtensionSupport : Spring Data Redis - Could not safely identify store assignment for repository candidate interface com.insigma.sys.repository.Aa26Repository. 2025-08-06 09:00:43.205 INFO 3324 --- [ main] .RepositoryConfigurationExtensionSupport : Spring Data Redis - Could not safely identify store assignment for repository candidate interface com.insigma.sys.repository.MenuRepository. 2025-08-06 09:00:43.205 INFO 3324 --- [ main] .RepositoryConfigurationExtensionSupport : Spring Data Redis - Could not safely identify store assignment for repository candidate interface com.insigma.sys.repository.RoleRepository. 2025-08-06 09:00:43.205 INFO 3324 --- [ main] .RepositoryConfigurationExtensionSupport : Spring Data Redis - Could not safely identify store assignment for repository candidate interface com.insigma.sys.repository.SysCodeRepository. 2025-08-06 09:00:43.206 INFO 3324 --- [ main] .RepositoryConfigurationExtensionSupport : Spring Data Redis - Could not safely identify store assignment for repository candidate interface com.insigma.sys.repository.SysErrorRepository. 2025-08-06 09:00:43.206 INFO 3324 --- [ main] .RepositoryConfigurationExtensionSupport : Spring Data Redis - Could not safely identify store assignment for repository candidate interface com.insigma.sys.repository.SysHolidayRepository. 2025-08-06 09:00:43.206 INFO 3324 --- [ main] .RepositoryConfigurationExtensionSupport : Spring Data Redis - Could not safely identify store assignment for repository candidate interface com.insigma.sys.repository.SysIdMappingRespository. 2025-08-06 09:00:43.206 INFO 3324 --- [ main] .RepositoryConfigurationExtensionSupport : Spring Data Redis - Could not safely identify store assignment for repository candidate interface com.insigma.sys.repository.SysOrgRepository. 2025-08-06 09:00:43.206 INFO 3324 --- [ main] .RepositoryConfigurationExtensionSupport : Spring Data Redis - Could not safely identify store assignment for repository candidate interface com.insigma.sys.repository.SysRoleFunctionRepository. 2025-08-06 09:00:43.206 INFO 3324 --- [ main] .RepositoryConfigurationExtensionSupport : Spring Data Redis - Could not safely identify store assignment for repository candidate interface com.insigma.sys.repository.SysUserAreaRepository. 2025-08-06 09:00:43.206 INFO 3324 --- [ main] .RepositoryConfigurationExtensionSupport : Spring Data Redis - Could not safely identify store assignment for repository candidate interface com.insigma.sys.repository.SysUserRepository. 2025-08-06 09:00:43.207 INFO 3324 --- [ main] .RepositoryConfigurationExtensionSupport : Spring Data Redis - Could not safely identify store assignment for repository candidate interface com.insigma.sys.repository.SysUserRoleRepository. 2025-08-06 09:00:43.207 INFO 3324 --- [ main] .RepositoryConfigurationExtensionSupport : Spring Data Redis - Could not safely identify store assignment for repository candidate interface com.insigma.drugs.repository.ProtalDrugsRepository. 2025-08-06 09:00:43.207 INFO 3324 --- [ main] .RepositoryConfigurationExtensionSupport : Spring Data Redis - Could not safely identify store assignment for repository candidate interface com.insigma.framework.oplog.repository.OpLogRepository. 2025-08-06 09:00:43.207 INFO 3324 --- [ main] .RepositoryConfigurationExtensionSupport : Spring Data Redis - Could not safely identify store assignment for repository candidate interface com.insigma.framework.commons.repository.SysOperateLogRepository. 2025-08-06 09:00:43.207 INFO 3324 --- [ main] .RepositoryConfigurationExtensionSupport : Spring Data Redis - Could not safely identify store assignment for repository candidate interface com.insigma.framework.oplog.repository.OpLogFormRepository. 2025-08-06 09:00:43.207 INFO 3324 --- [ main] .RepositoryConfigurationExtensionSupport : Spring Data Redis - Could not safely identify store assignment for repository candidate interface com.insigma.web.support.dao.Aa01Repository. 2025-08-06 09:00:43.207 INFO 3324 --- [ main] .RepositoryConfigurationExtensionSupport : Spring Data Redis - Could not safely identify store assignment for repository candidate interface com.insigma.web.support.dao.CodeTypeRepository. 2025-08-06 09:00:43.207 INFO 3324 --- [ main] .RepositoryConfigurationExtensionSupport : Spring Data Redis - Could not safely identify store assignment for repository candidate interface com.insigma.web.support.dao.MdParamRepository. 2025-08-06 09:00:43.207 INFO 3324 --- [ main] .RepositoryConfigurationExtensionSupport : Spring Data Redis - Could not safely identify store assignment for repository candidate interface com.insigma.framework.web.securities.repository.SysLogonLogRepository. 2025-08-06 09:00:43.231 INFO 3324 --- [ main] .RepositoryConfigurationExtensionSupport : Spring Data Redis - Could not safely identify store assignment for repository candidate interface com.insigma.framework.web.securities.repository.SysLogonLogRepository. 2025-08-06 09:00:43.231 INFO 3324 --- [ main] .s.d.r.c.RepositoryConfigurationDelegate : Finished Spring Data repository scanning in 184ms. Found 0 repository interfaces. 2025-08-06 09:00:43.414 WARN 3324 --- [ main] o.m.s.mapper.ClassPathMapperScanner : Skipping MapperFactoryBean with name 'caseInfoDDao' and 'com.insigma.business.bigdata.dao.CaseInfoDDao' mapperInterface. Bean already defined with the same name! 2025-08-06 09:00:43.515 INFO 3324 --- [ main] o.s.cloud.context.scope.GenericScope : BeanFactory id=715b0589-9638-3765-9a2d-50e339059fc9 2025-08-06 09:00:43.637 INFO 3324 --- [ main] c.a.b.h.c.HsfConsumerPostProcessor : registered HSFConsumerBean "queryAdmdvsService" in spring context. 2025-08-06 09:00:43.637 INFO 3324 --- [ main] c.a.b.h.c.HsfConsumerPostProcessor : registered HSFConsumerBean "queryDataDicService" in spring context. 2025-08-06 09:00:43.637 INFO 3324 --- [ main] c.a.b.h.c.HsfConsumerPostProcessor : registered HSFConsumerBean "roleAuthInfoService" in spring context. 2025-08-06 09:00:43.637 INFO 3324 --- [ main] c.a.b.h.c.HsfConsumerPostProcessor : registered HSFConsumerBean "admrolService" in spring context. 2025-08-06 09:00:43.637 INFO 3324 --- [ main] c.a.b.h.c.HsfConsumerPostProcessor : registered HSFConsumerBean "orguntService" in spring context. 2025-08-06 09:00:43.637 INFO 3324 --- [ main] c.a.b.h.c.HsfConsumerPostProcessor : registered HSFConsumerBean "unitService" in spring context. 2025-08-06 09:00:43.637 INFO 3324 --- [ main] c.a.b.h.c.HsfConsumerPostProcessor : registered HSFConsumerBean "userService" in spring context. 2025-08-06 09:00:43.637 INFO 3324 --- [ main] c.a.b.h.c.HsfConsumerPostProcessor : registered HSFConsumerBean "sysUactService" in spring context. 2025-08-06 09:00:43.637 INFO 3324 --- [ main] c.a.b.h.c.HsfConsumerPostProcessor : registered HSFConsumerBean "resuService" in spring context. 2025-08-06 09:00:43.637 INFO 3324 --- [ main] c.a.b.h.c.HsfConsumerPostProcessor : registered HSFConsumerBean "bizrolService" in spring context. 2025-08-06 09:00:43.637 INFO 3324 --- [ main] c.a.b.h.c.HsfConsumerPostProcessor : registered HSFConsumerBean "publicFeedetlChkDetMgtService" in spring context. Wed Aug 06 09:00:43 CST 2025 dpath's ModuleClassLoader JM.Log:INFO Init JM logger with Slf4jLoggerFactory success, dpath's ModuleClassLoader Wed Aug 06 09:00:43 CST 2025 dpath's ModuleClassLoader JM.Log:INFO Log root path: C:\Users\Lplayer\logs\ Wed Aug 06 09:00:43 CST 2025 dpath's ModuleClassLoader JM.Log:INFO Set dpath log path: C:\Users\Lplayer\logs\dpath Wed Aug 06 09:00:43 CST 2025 dpath's ModuleClassLoader JM.Log:INFO Can't find method for class ch.qos.logback.classic.AsyncAppender setMaxFlushTime 3000 Wed Aug 06 09:00:43 CST 2025 dpath's ModuleClassLoader JM.Log:INFO Can't find method for class ch.qos.logback.classic.AsyncAppender setNeverBlock true Wed Aug 06 09:00:46 CST 2025 config-client's ModuleClassLoader JM.Log:INFO Init JM logger with Slf4jLoggerFactory success, config-client's ModuleClassLoader Wed Aug 06 09:00:46 CST 2025 config-client's ModuleClassLoader JM.Log:INFO Log root path: C:\Users\Lplayer\logs\ 09:00:46.888 [HSF-Framework-ExportRefer-14-thread-1] INFO ConfigClientLogger - [] [] [] JM_CC_LOG_RETAIN_COUNT:6, JM_LOG_FILE_SIZE:200MB Wed Aug 06 09:00:46 CST 2025 config-client's ModuleClassLoader JM.Log:INFO Set configclient log path: C:\Users\Lplayer\logs\configclient 2025-08-06 09:00:49.973 INFO 3324 --- [ main] trationDelegate$BeanPostProcessorChecker : Bean 'queryAdmdvsService' of type [com.taobao.hsf.app.spring.util.HSFSpringConsumerBean] is not eligible for getting processed by all BeanPostProcessors (for example: not eligible for auto-proxying) 2025-08-06 09:00:52.994 INFO 3324 --- [ main] trationDelegate$BeanPostProcessorChecker : Bean 'queryDataDicService' of type [com.taobao.hsf.app.spring.util.HSFSpringConsumerBean] is not eligible for getting processed by all BeanPostProcessors (for example: not eligible for auto-proxying) 2025-08-06 09:00:56.018 INFO 3324 --- [ main] trationDelegate$BeanPostProcessorChecker : Bean 'roleAuthInfoService' of type [com.taobao.hsf.app.spring.util.HSFSpringConsumerBean] is not eligible for getting processed by all BeanPostProcessors (for example: not eligible for auto-proxying) 2025-08-06 09:00:59.040 INFO 3324 --- [ main] trationDelegate$BeanPostProcessorChecker : Bean 'admrolService' of type [com.taobao.hsf.app.spring.util.HSFSpringConsumerBean] is not eligible for getting processed by all BeanPostProcessors (for example: not eligible for auto-proxying) 2025-08-06 09:01:02.062 INFO 3324 --- [ main] trationDelegate$BeanPostProcessorChecker : Bean 'orguntService' of type [com.taobao.hsf.app.spring.util.HSFSpringConsumerBean] is not eligible for getting processed by all BeanPostProcessors (for example: not eligible for auto-proxying) 2025-08-06 09:01:05.082 INFO 3324 --- [ main] trationDelegate$BeanPostProcessorChecker : Bean 'unitService' of type [com.taobao.hsf.app.spring.util.HSFSpringConsumerBean] is not eligible for getting processed by all BeanPostProcessors (for example: not eligible for auto-proxying) 2025-08-06 09:01:08.103 INFO 3324 --- [ main] trationDelegate$BeanPostProcessorChecker : Bean 'userService' of type [com.taobao.hsf.app.spring.util.HSFSpringConsumerBean] is not eligible for getting processed by all BeanPostProcessors (for example: not eligible for auto-proxying) 2025-08-06 09:01:11.121 INFO 3324 --- [ main] trationDelegate$BeanPostProcessorChecker : Bean 'sysUactService' of type [com.taobao.hsf.app.spring.util.HSFSpringConsumerBean] is not eligible for getting processed by all BeanPostProcessors (for example: not eligible for auto-proxying) 2025-08-06 09:01:14.146 INFO 3324 --- [ main] trationDelegate$BeanPostProcessorChecker : Bean 'resuService' of type [com.taobao.hsf.app.spring.util.HSFSpringConsumerBean] is not eligible for getting processed by all BeanPostProcessors (for example: not eligible for auto-proxying) 2025-08-06 09:01:17.170 INFO 3324 --- [ main] trationDelegate$BeanPostProcessorChecker : Bean 'bizrolService' of type [com.taobao.hsf.app.spring.util.HSFSpringConsumerBean] is not eligible for getting processed by all BeanPostProcessors (for example: not eligible for auto-proxying) 2025-08-06 09:01:20.193 INFO 3324 --- [ main] trationDelegate$BeanPostProcessorChecker : Bean 'publicFeedetlChkDetMgtService' of type [com.taobao.hsf.app.spring.util.HSFSpringConsumerBean] is not eligible for getting processed by all BeanPostProcessors (for example: not eligible for auto-proxying) 2025-08-06 09:01:20.270 INFO 3324 --- [ main] trationDelegate$BeanPostProcessorChecker : Bean 'org.springframework.transaction.annotation.ProxyTransactionManagementConfiguration' of type [org.springframework.transaction.annotation.ProxyTransactionManagementConfiguration$$EnhancerBySpringCGLIB$$c0faccb5] is not eligible for getting processed by all BeanPostProcessors (for example: not eligible for auto-proxying) 2025-08-06 09:01:20.378 INFO 3324 --- [ main] trationDelegate$BeanPostProcessorChecker : Bean 'redisConfig' of type [com.insigma.web.support.redis.RedisConfig$$EnhancerBySpringCGLIB$$20be0ef0] is not eligible for getting processed by all BeanPostProcessors (for example: not eligible for auto-proxying) 2025-08-06 09:01:20.401 INFO 3324 --- [ main] trationDelegate$BeanPostProcessorChecker : Bean 'multipleDataSourceConfig' of type [com.insigma.hsaf.common.config.MultipleDataSourceConfig$$EnhancerBySpringCGLIB$$1e06f17d] is not eligible for getting processed by all BeanPostProcessors (for example: not eligible for auto-proxying) 2025-08-06 09:01:20.432 INFO 3324 --- [ main] trationDelegate$BeanPostProcessorChecker : Bean 'spring.datasource-org.springframework.boot.autoconfigure.jdbc.DataSourceProperties' of type [org.springframework.boot.autoconfigure.jdbc.DataSourceProperties] is not eligible for getting processed by all BeanPostProcessors (for example: not eligible for auto-proxying) 2025-08-06 09:01:20.475 INFO 3324 --- [ main] trationDelegate$BeanPostProcessorChecker : Bean 'com.alibaba.druid.spring.boot.autoconfigure.stat.DruidFilterConfiguration' of type [com.alibaba.druid.spring.boot.autoconfigure.stat.DruidFilterConfiguration] is not eligible for getting processed by all BeanPostProcessors (for example: not eligible for auto-proxying) 2025-08-06 09:01:20.492 INFO 3324 --- [ main] trationDelegate$BeanPostProcessorChecker : Bean 'statFilter' of type [com.alibaba.druid.filter.stat.StatFilter] is not eligible for getting processed by all BeanPostProcessors (for example: not eligible for auto-proxying) 2025-08-06 09:01:20.597 INFO 3324 --- [ main] trationDelegate$BeanPostProcessorChecker : Bean 'wallConfig' of type [com.alibaba.druid.wall.WallConfig] is not eligible for getting processed by all BeanPostProcessors (for example: not eligible for auto-proxying) 2025-08-06 09:01:20.616 INFO 3324 --- [ main] trationDelegate$BeanPostProcessorChecker : Bean 'wallFilter' of type [com.alibaba.druid.wall.WallFilter] is not eligible for getting processed by all BeanPostProcessors (for example: not eligible for auto-proxying) 2025-08-06 09:01:20.676 INFO 3324 --- [ main] trationDelegate$BeanPostProcessorChecker : Bean 'slf4jLogFilter' of type [com.alibaba.druid.filter.logging.Slf4jLogFilter] is not eligible for getting processed by all BeanPostProcessors (for example: not eligible for auto-proxying) Wed Aug 06 09:01:20 CST 2025 WARN: Establishing SSL connection without server's identity verification is not recommended. According to MySQL 5.5.45+, 5.6.26+ and 5.7.6+ requirements SSL connection must be established by default if explicit option isn't set. For compliance with existing applications not using SSL the verifyServerCertificate property is set to 'false'. You need either to explicitly disable SSL by setting useSSL=false, or set useSSL=true and provide truststore for server certificate verification. Wed Aug 06 09:01:20 CST 2025 WARN: Establishing SSL connection without server's identity verification is not recommended. According to MySQL 5.5.45+, 5.6.26+ and 5.7.6+ requirements SSL connection must be established by default if explicit option isn't set. For compliance with existing applications not using SSL the verifyServerCertificate property is set to 'false'. You need either to explicitly disable SSL by setting useSSL=false, or set useSSL=true and provide truststore for server certificate verification. Wed Aug 06 09:01:20 CST 2025 WARN: Establishing SSL connection without server's identity verification is not recommended. According to MySQL 5.5.45+, 5.6.26+ and 5.7.6+ requirements SSL connection must be established by default if explicit option isn't set. For compliance with existing applications not using SSL the verifyServerCertificate property is set to 'false'. You need either to explicitly disable SSL by setting useSSL=false, or set useSSL=true and provide truststore for server certificate verification. Wed Aug 06 09:01:20 CST 2025 WARN: Establishing SSL connection without server's identity verification is not recommended. According to MySQL 5.5.45+, 5.6.26+ and 5.7.6+ requirements SSL connection must be established by default if explicit option isn't set. For compliance with existing applications not using SSL the verifyServerCertificate property is set to 'false'. You need either to explicitly disable SSL by setting useSSL=false, or set useSSL=true and provide truststore for server certificate verification. Wed Aug 06 09:01:21 CST 2025 WARN: Establishing SSL connection without server's identity verification is not recommended. According to MySQL 5.5.45+, 5.6.26+ and 5.7.6+ requirements SSL connection must be established by default if explicit option isn't set. For compliance with existing applications not using SSL the verifyServerCertificate property is set to 'false'. You need either to explicitly disable SSL by setting useSSL=false, or set useSSL=true and provide truststore for server certificate verification. 2025-08-06 09:01:21.030 INFO 3324 --- [ main] com.alibaba.druid.pool.DruidDataSource : {dataSource-1} inited 2025-08-06 09:01:21.030 INFO 3324 --- [ main] trationDelegate$BeanPostProcessorChecker : Bean 'primaryDataSource' of type [com.insigma.hsaf.common.config.MultipleDataSourceConfig$DruidDataSourceWrapper] is not eligible for getting processed by all BeanPostProcessors (for example: not eligible for auto-proxying) 2025-08-06 09:01:21.074 INFO 3324 --- [ main] trationDelegate$BeanPostProcessorChecker : Bean 'org.springframework.boot.autoconfigure.jdbc.DataSourceInitializerInvoker' of type [org.springframework.boot.autoconfigure.jdbc.DataSourceInitializerInvoker] is not eligible for getting processed by all BeanPostProcessors (for example: not eligible for auto-proxying) 2025-08-06 09:01:21.086 INFO 3324 --- [ main] trationDelegate$BeanPostProcessorChecker : Bean 'spring.jdbc-org.springframework.boot.autoconfigure.jdbc.JdbcProperties' of type [org.springframework.boot.autoconfigure.jdbc.JdbcProperties] is not eligible for getting processed by all BeanPostProcessors (for example: not eligible for auto-proxying) 2025-08-06 09:01:21.087 INFO 3324 --- [ main] trationDelegate$BeanPostProcessorChecker : Bean 'org.springframework.boot.autoconfigure.jdbc.JdbcTemplateAutoConfiguration$JdbcTemplateConfiguration' of type [org.springframework.boot.autoconfigure.jdbc.JdbcTemplateAutoConfiguration$JdbcTemplateConfiguration$$EnhancerBySpringCGLIB$$d985fb22] is not eligible for getting processed by all BeanPostProcessors (for example: not eligible for auto-proxying) 2025-08-06 09:01:21.097 INFO 3324 --- [ main] trationDelegate$BeanPostProcessorChecker : Bean 'jdbcTemplate' of type [org.springframework.jdbc.core.JdbcTemplate] is not eligible for getting processed by all BeanPostProcessors (for example: not eligible for auto-proxying) 2025-08-06 09:01:21.117 INFO 3324 --- [ main] trationDelegate$BeanPostProcessorChecker : Bean 'odinLogServiceImpl' of type [com.insigma.framework.log.service.impl.OdinLogServiceImpl] is not eligible for getting processed by all BeanPostProcessors (for example: not eligible for auto-proxying) 2025-08-06 09:01:21.136 INFO 3324 --- [ main] trationDelegate$BeanPostProcessorChecker : Bean 'odinLogAspect' of type [com.insigma.framework.log.OdinLogAspect] is not eligible for getting processed by all BeanPostProcessors (for example: not eligible for auto-proxying) 2025-08-06 09:01:21.144 INFO 3324 --- [ main] trationDelegate$BeanPostProcessorChecker : Bean 'org.springframework.cloud.autoconfigure.ConfigurationPropertiesRebinderAutoConfiguration' of type [org.springframework.cloud.autoconfigure.ConfigurationPropertiesRebinderAutoConfiguration$$EnhancerBySpringCGLIB$$dd14cfb2] is not eligible for getting processed by all BeanPostProcessors (for example: not eligible for auto-proxying) 2025-08-06 09:01:21.458 INFO 3324 --- [ main] o.s.b.w.embedded.tomcat.TomcatWebServer : Tomcat initialized with port(s): 9100 (http) 八月 06, 2025 9:01:21 上午 org.apache.coyote.AbstractProtocol init 信息: Initializing ProtocolHandler ["http-nio-9100"] log4j:WARN No appenders could be found for logger (org.apache.coyote.http11.Http11NioProtocol). log4j:WARN Please initialize the log4j system properly. log4j:WARN See http://logging.apache.org/log4j/1.2/faq.html#noconfig for more info. 八月 06, 2025 9:01:21 上午 org.apache.catalina.core.StandardService startInternal 信息: Starting service [Tomcat] 八月 06, 2025 9:01:21 上午 org.apache.catalina.core.StandardEngine startInternal 信息: Starting Servlet engine: [Apache Tomcat/9.0.17] 八月 06, 2025 9:01:21 上午 org.apache.catalina.core.AprLifecycleListener lifecycleEvent 信息: Loaded APR based Apache Tomcat Native library [1.3.1] using APR version [1.7.4]. 八月 06, 2025 9:01:21 上午 org.apache.catalina.core.AprLifecycleListener lifecycleEvent 信息: APR capabilities: IPv6 [true], sendfile [true], accept filters [false], random [true]. 八月 06, 2025 9:01:21 上午 org.apache.catalina.core.AprLifecycleListener lifecycleEvent 信息: APR/OpenSSL configuration: useAprConnector [false], useOpenSSL [true] 八月 06, 2025 9:01:21 上午 org.apache.catalina.core.AprLifecycleListener initializeSSL 信息: OpenSSL successfully initialized [OpenSSL 3.0.14 4 Jun 2024] 八月 06, 2025 9:01:21 上午 org.apache.catalina.core.ApplicationContext log 信息: Initializing Spring embedded WebApplicationContext 2025-08-06 09:01:21.555 INFO 3324 --- [ main] o.s.web.context.ContextLoader : Root WebApplicationContext: initialization completed in 42560 ms 2025-08-06 09:01:21.567 INFO 3324 --- [ main] c.i.f.system.safety.SysSafetyProperties : sql: SysSafetyProperties.SQL(badstr=null) System is starting! UTF-8:一个汉字的字节数为:3 2025-08-06 09:01:22.651 INFO 3324 --- [ main] c.i.o.f.safe.validate.SignatureValidate : li: anytomcat2023-03-04anyunlimitedinsiisunlimited安徽省医保核心配置文件anyWindowsTf-c4-d3-UZ-d3-1646357567308502[][]10安徽省医保(核三框架)DEVELOP[{}]rule=0, version=6.0delay=0, extend=, format=2, product=insiis, release=1.0 2025-08-06 09:01:22.652 INFO 3324 --- [ main] c.i.o.f.safe.validate.SignatureValidate : 9180cd3c218c8736c1a23333546bff22f4017978 2025-08-06 09:01:22.666 INFO 3324 --- [ main] c.i.o.f.safe.ValidateContExecute : Apache Tomcat/9.0.17 您的核心配置文件已经失效测!请及时更换。Your core config have expired! Please update it! 2025-08-06 09:01:23.038 INFO 3324 --- [ main] c.i.o.f.safe.ValidateContExecute : IP: [127.0.0.1, 0:0:0:0:0:0:0:1, fe80:0:0:0:cb88:c7b3:57ec:13b3%eth3, fe80:0:0:0:6d46:2122:72d0:9648%eth4, 10.66.242.118, fe80:0:0:0:b0b9:6640:37a:c4b2%eth5, fe80:0:0:0:83dc:74e7:38e:235b%eth7, fe80:0:0:0:fc5c:c0e0:f227:7889%wlan0, 192.168.18.1, fe80:0:0:0:b714:55b0:2962:c0f2%eth9, 192.168.163.1, fe80:0:0:0:d554:a3f0:a6ea:47d3%eth10, fe80:0:0:0:aed2:bc06:dc31:db57%wlan1, 192.168.83.243, 240e:45a:48d:67c2:6dbd:62cf:5eda:307c, 240e:45a:48d:67c2:fddf:2d50:d7db:573f, fe80:0:0:0:2dc6:6f4:b194:de03%wlan2] 2025-08-06 09:01:23.038 INFO 3324 --- [ main] c.i.o.f.safe.ValidateContExecute : CPU core: 20 2025-08-06 09:01:23.039 INFO 3324 --- [ main] c.i.o.f.safe.ValidateContExecute : Windows 11 10.0 2025-08-06 09:01:23.100 INFO 3324 --- [ main] c.i.o.f.safe.ValidateContExecute : Computer MAC: [] 2025-08-06 09:01:23.409 INFO 3324 --- [ main] o.hibernate.jpa.internal.util.LogHelper : HHH000204: Processing PersistenceUnitInfo [ name: default ...] 2025-08-06 09:01:23.476 INFO 3324 --- [ main] org.hibernate.Version : HHH000412: Hibernate Core {5.0.12.Final} 2025-08-06 09:01:23.478 INFO 3324 --- [ main] org.hibernate.cfg.Environment : HHH000206: hibernate.properties not found 2025-08-06 09:01:23.479 INFO 3324 --- [ main] org.hibernate.cfg.Environment : HHH000021: Bytecode provider name : javassist 2025-08-06 09:01:23.522 INFO 3324 --- [ main] o.hibernate.annotations.common.Version : HCANN000001: Hibernate Commons Annotations {5.0.1.Final} 2025-08-06 09:01:23.613 INFO 3324 --- [ main] org.hibernate.dialect.Dialect : HHH000400: Using dialect: org.hibernate.dialect.MySQL5InnoDBDialect 2025-08-06 09:01:23.775 WARN 3324 --- [ main] org.hibernate.id.UUIDHexGenerator : HHH000409: Using org.hibernate.id.UUIDHexGenerator which does not generate IETF RFC 4122 compliant UUID values; consider using org.hibernate.id.UUIDGenerator instead 2025-08-06 09:01:24.127 INFO 3324 --- [ main] j.LocalContainerEntityManagerFactoryBean : Initialized JPA EntityManagerFactory for persistence unit 'default' 2025-08-06 09:01:25.142 INFO 3324 --- [ main] io.lettuce.core.EpollProvider : Starting without optional epoll library 2025-08-06 09:01:25.143 INFO 3324 --- [ main] io.lettuce.core.KqueueProvider : Starting without optional kqueue library 2025-08-06 09:01:26.137 INFO 3324 --- [ main] c.i.h.c.a.cache.AdmdvsDimCacheManager : init admdvsDim Start 2025-08-06 09:01:27.066 INFO 3324 --- [ main] c.i.h.c.a.cache.AdmdvsDimCacheManager : init admdvsDim End 2025-08-06 09:01:27.635 INFO 3324 --- [ main] o.h.h.i.QueryTranslatorFactoryInitiator : HHH000397: Using ASTQueryTranslatorFactory 2025-08-06 09:01:27.993 INFO 3324 --- [ main] com.alibaba.druid.pool.DruidDataSource : {dataSource-2} inited 2025-08-06 09:01:28.092 INFO 3324 --- [ main] f.a.AutowiredAnnotationBeanPostProcessor : Autowired annotation is not supported on static fields: private static boolean com.insigma.sys.common.SysManageMode.tripleMode 2025-08-06 09:01:28.136 INFO 3324 --- [ main] com.insigma.sys.config.UEditorConfig : 读取UEditor配置文件成功! 2025-08-06 09:01:28.808 INFO 3324 --- [ main] c.i.hsa.common.base.job.CacheRefreshJob : begin refresh enforce dict cache ... 2025-08-06 09:01:28.809 INFO 3324 --- [ main] c.i.hsa.common.base.job.CacheRefreshJob : success refresh enforce dict cache ... 2025-08-06 09:01:28.809 INFO 3324 --- [ main] c.i.hsa.common.base.job.CacheRefreshJob : begin refresh enforce admdvsDim cache ... 2025-08-06 09:01:28.815 INFO 3324 --- [ main] c.i.h.c.a.cache.AdmdvsDimCacheManager : init admdvsDim Start 2025-08-06 09:01:29.615 INFO 3324 --- [ main] c.i.h.c.a.cache.AdmdvsDimCacheManager : init admdvsDim End 2025-08-06 09:01:29.615 INFO 3324 --- [ main] c.i.hsa.common.base.job.CacheRefreshJob : success refresh enforce admdvsDim cache ... 2025-08-06 09:01:29.627 INFO 3324 --- [ main] f.a.AutowiredAnnotationBeanPostProcessor : Autowired annotation is not supported on static methods: public static void com.insigma.hsa.common.excel.ExcelUtils.setPageSize(int) 2025-08-06 09:01:29.735 WARN 3324 --- [ main] c.i.framework.GlobalExceptionCollector : 没有找到公共服务异常统一管理方法[call4Exception],该功能将自动关闭! 2025-08-06 09:01:30.454 INFO 3324 --- [ main] o.s.s.concurrent.ThreadPoolTaskExecutor : Initializing ExecutorService 'applicationTaskExecutor' 2025-08-06 09:01:30.519 WARN 3324 --- [ main] aWebConfiguration$JpaWebMvcConfiguration : spring.jpa.open-in-view is enabled by default. Therefore, database queries may be performed during view rendering. Explicitly configure spring.jpa.open-in-view to disable this warning Logging initialized using 'class org.apache.ibatis.logging.stdout.StdOutImpl' adapter. 2025-08-06 09:01:31.239 INFO 3324 --- [ main] .s.s.UserDetailsServiceAutoConfiguration : Using generated security password: f0640dd2-67b8-4024-bdd5-51708f0024e3 2025-08-06 09:01:31.321 INFO 3324 --- [ main] o.s.s.web.DefaultSecurityFilterChain : Creating filter chain: org.springframework.security.web.util.matcher.AnyRequestMatcher@1, [org.springframework.security.web.context.request.async.WebAsyncManagerIntegrationFilter@34fd82cd, org.springframework.security.web.context.SecurityContextPersistenceFilter@18010665, org.springframework.security.web.header.HeaderWriterFilter@2e41e742, org.springframework.security.web.authentication.logout.LogoutFilter@203b2f14, com.insigma.hsaf.security.web.support.SSOUserContextFilter@28d38918, org.springframework.security.web.savedrequest.RequestCacheAwareFilter@19f1d1d, org.springframework.security.web.servletapi.SecurityContextHolderAwareRequestFilter@2a5b5e33, org.springframework.security.web.authentication.AnonymousAuthenticationFilter@14029881, org.springframework.security.web.session.SessionManagementFilter@307d7688, org.springframework.security.web.access.ExceptionTranslationFilter@5e09b1a6, org.springframework.security.web.access.intercept.FilterSecurityInterceptor@ddbbb82] 2025-08-06 09:01:31.325 INFO 3324 --- [ main] o.s.s.web.DefaultSecurityFilterChain : Creating filter chain: org.springframework.security.web.util.matcher.AnyRequestMatcher@1, [org.springframework.security.web.context.request.async.WebAsyncManagerIntegrationFilter@1925b878, org.springframework.security.web.context.SecurityContextPersistenceFilter@e449c7c, org.springframework.security.web.header.HeaderWriterFilter@4464aae2, org.springframework.security.web.authentication.logout.LogoutFilter@247dd07, org.springframework.security.web.savedrequest.RequestCacheAwareFilter@112d42ba, org.springframework.security.web.servletapi.SecurityContextHolderAwareRequestFilter@707fc9c7, org.springframework.security.web.authentication.AnonymousAuthenticationFilter@7f9b0fb, org.springframework.security.web.session.SessionManagementFilter@238a281f, org.springframework.security.web.access.ExceptionTranslationFilter@63ff8137, org.springframework.security.web.access.intercept.FilterSecurityInterceptor@61a5226d] 2025-08-06 09:01:32.445 INFO 3324 --- [ main] o.s.b.w.embedded.tomcat.TomcatWebServer : Tomcat initialized with port(s): 7099 (http) 2025-08-06 09:01:32.451 INFO 3324 --- [ main] o.s.web.context.ContextLoader : Root WebApplicationContext: initialization completed in 81 ms 八月 06, 2025 9:01:32 上午 org.apache.coyote.AbstractProtocol init 信息: Initializing ProtocolHandler ["http-nio-7099"] 八月 06, 2025 9:01:32 上午 org.apache.catalina.core.StandardService startInternal 信息: Starting service [Tomcat] 八月 06, 2025 9:01:32 上午 org.apache.catalina.core.StandardEngine startInternal 信息: Starting Servlet engine: [Apache Tomcat/9.0.17] 八月 06, 2025 9:01:32 上午 org.apache.catalina.core.ApplicationContext log 信息: Initializing Spring embedded WebApplicationContext 2025-08-06 09:01:32.465 INFO 3324 --- [ main] o.s.b.a.e.web.EndpointLinksResolver : Exposing 2 endpoint(s) beneath base path '/actuator' 2025-08-06 09:01:32.501 INFO 3324 --- [ool-20-thread-1] c.i.h.c.d.impl.DataDicLocalServiceImpl : DataDicLocalServiceImpl---------getDataDict--------start 八月 06, 2025 9:01:32 上午 org.apache.coyote.AbstractProtocol start 信息: Starting ProtocolHandler ["http-nio-7099"] 2025-08-06 09:01:32.541 INFO 3324 --- [ool-20-thread-1] c.i.h.c.d.impl.DataDicLocalServiceImpl : 配置的字典编码.size=0 2025-08-06 09:01:32.557 INFO 3324 --- [ main] o.s.b.w.embedded.tomcat.TomcatWebServer : Tomcat started on port(s): 7099 (http) with context path '' 2025-08-06 09:01:32.574 INFO 3324 --- [ool-20-thread-1] c.i.hsa.common.dict.DataDictManager : 加载字典数=1160 2025-08-06 09:01:33.165 INFO 3324 --- [ main] s.a.ScheduledAnnotationBeanPostProcessor : No TaskScheduler/ScheduledExecutorService bean found for scheduled processing 2025-08-06 09:01:33.173 INFO 3324 --- [ main] o.s.b.w.embedded.tomcat.TomcatWebServer : Tomcat started on port(s): 9100 (http) with context path '/insiis7-enforce' 2025-08-06 09:01:33.175 INFO 3324 --- [ main] com.insigma.InsiisWebApplication : Started InsiisWebApplication in 57.123 seconds (JVM running for 67.713) 八月 06, 2025 9:01:33 上午 org.apache.coyote.AbstractProtocol start 信息: Starting ProtocolHandler ["http-nio-9100"] 2025-08-06 09:01:33.205 INFO 3324 --- [ main] c.i.b.send.server.init.InitServer : 初始化结果en:false Service(pandora boot) startup in 61482 ms 2025-08-06 09:01:33.786 INFO 3324 --- [ool-21-thread-1] c.i.h.c.region.service.PoolareaManager : 加载统筹区数据! 2025-08-06 09:01:33.908 INFO 3324 --- [ool-21-thread-1] c.i.h.c.region.service.PoolareaManager : 加载和缓存所有统筹区完毕!queryResult.size=4478 2025-08-06 09:01:33.943 INFO 3324 --- [ool-21-thread-1] c.i.h.c.region.service.PoolareaManager : 加载统筹区数据完毕!highest.size=469,groupResult.size=373 Wed Aug 06 09:01:34 CST 2025 WARN: Establishing SSL connection without server's identity verification is not recommended. According to MySQL 5.5.45+, 5.6.26+ and 5.7.6+ requirements SSL connection must be established by default if explicit option isn't set. For compliance with existing applications not using SSL the verifyServerCertificate property is set to 'false'. You need either to explicitly disable SSL by setting useSSL=false, or set useSSL=true and provide truststore for server certificate verification. 八月 06, 2025 9:01:34 上午 org.apache.catalina.core.ApplicationContext log 信息: Initializing Spring DispatcherServlet 'dispatcherServlet' 2025-08-06 09:01:34.244 INFO 3324 --- [)-10.66.242.118] o.s.web.servlet.DispatcherServlet : Initializing Servlet 'dispatcherServlet' 2025-08-06 09:01:34.256 INFO 3324 --- [)-10.66.242.118] o.s.web.servlet.DispatcherServlet : Completed initialization in 12 ms Wed Aug 06 09:01:34 CST 2025 WARN: Establishing SSL connection without server's identity verification is not recommended. According to MySQL 5.5.45+, 5.6.26+ and 5.7.6+ requirements SSL connection must be established by default if explicit option isn't set. For compliance with existing applications not using SSL the verifyServerCertificate property is set to 'false'. You need either to explicitly disable SSL by setting useSSL=false, or set useSSL=true and provide truststore for server certificate verification. Wed Aug 06 09:01:34 CST 2025 WARN: Establishing SSL connection without server's identity verification is not recommended. According to MySQL 5.5.45+, 5.6.26+ and 5.7.6+ requirements SSL connection must be established by default if explicit option isn't set. For compliance with existing applications not using SSL the verifyServerCertificate property is set to 'false'. You need either to explicitly disable SSL by setting useSSL=false, or set useSSL=true and provide truststore for server certificate verification. Wed Aug 06 09:01:34 CST 2025 WARN: Establishing SSL connection without server's identity verification is not recommended. According to MySQL 5.5.45+, 5.6.26+ and 5.7.6+ requirements SSL connection must be established by default if explicit option isn't set. For compliance with existing applications not using SSL the verifyServerCertificate property is set to 'false'. You need either to explicitly disable SSL by setting useSSL=false, or set useSSL=true and provide truststore for server certificate verification. Wed Aug 06 09:01:34 CST 2025 WARN: Establishing SSL connection without server's identity verification is not recommended. According to MySQL 5.5.45+, 5.6.26+ and 5.7.6+ requirements SSL connection must be established by default if explicit option isn't set. For compliance with existing applications not using SSL the verifyServerCertificate property is set to 'false'. You need either to explicitly disable SSL by setting useSSL=false, or set useSSL=true and provide truststore for server certificate verification. 2025-08-06 09:01:34.363 INFO 3324 --- [)-10.66.242.118] com.alibaba.druid.pool.DruidDataSource : {dataSource-3} inited 2025-08-06 09:01:35.750 INFO 3324 --- [ool-21-thread-1] c.i.h.c.admdvs.bo.impl.AdmdvsBOImpl : 加载行政区划数据... 2025-08-06 09:01:35.778 INFO 3324 --- [ool-21-thread-1] c.i.h.c.admdvs.bo.impl.AdmdvsBOImpl : 行政区划数据缓存完毕!省份数=1,地市数=1,区县数=17 2025-08-06 09:04:28.806 INFO 3324 --- [nio-9100-exec-9] c.i.h.s.w.support.SSOUserContextFilter : in SSOUserContextFilter! securitytype is hsa-sso-mock 2025-08-06 09:04:28.806 INFO 3324 --- [nio-9100-exec-3] c.i.h.s.w.support.SSOUserContextFilter : in SSOUserContextFilter! securitytype is hsa-sso-mock 2025-08-06 09:04:28.806 INFO 3324 --- [nio-9100-exec-1] c.i.h.s.w.support.SSOUserContextFilter : in SSOUserContextFilter! securitytype is hsa-sso-mock 2025-08-06 09:04:28.829 INFO 3324 --- [nio-9100-exec-9] c.i.f.w.s.web.RepeatRequestFilter : ===repeat=false=== 2025-08-06 09:04:28.829 INFO 3324 --- [nio-9100-exec-3] c.i.f.w.s.web.RepeatRequestFilter : ===repeat=false=== 2025-08-06 09:04:28.830 INFO 3324 --- [nio-9100-exec-1] c.i.f.w.s.web.RepeatRequestFilter : ===repeat=false=== Hibernate: select sysmenu0_.functionid as function1_7_, sysmenu0_.active as active2_7_, sysmenu0_.auflag as auflag3_7_, sysmenu0_.description as descript4_7_, sysmenu0_.developer as develope5_7_, sysmenu0_.digest as digest6_7_, sysmenu0_.funcode as funcode7_7_, sysmenu0_.funorder as funorder8_7_, sysmenu0_.funtype as funtype9_7_, sysmenu0_.icon as icon10_7_, sysmenu0_.idpath as idpath11_7_, sysmenu0_.islog as islog12_7_, sysmenu0_.location as locatio13_7_, sysmenu0_.nodetype as nodetyp14_7_, sysmenu0_.parentid as parenti15_7_, sysmenu0_.rbflag as rbflag16_7_, sysmenu0_.slevel as slevel17_7_, sysmenu0_.title as title18_7_ from SYSFUNCTION sysmenu0_ order by sysmenu0_.funorder 2025-08-06 09:04:31.567 INFO 3324 --- [nio-9100-exec-2] c.i.h.s.w.support.SSOUserContextFilter : in SSOUserContextFilter! securitytype is hsa-sso-mock 2025-08-06 09:04:31.569 INFO 3324 --- [nio-9100-exec-2] c.i.f.w.s.web.RepeatRequestFilter : ===repeat=false=== Hibernate: select sysmenu0_.functionid as function1_7_, sysmenu0_.active as active2_7_, sysmenu0_.auflag as auflag3_7_, sysmenu0_.description as descript4_7_, sysmenu0_.developer as develope5_7_, sysmenu0_.digest as digest6_7_, sysmenu0_.funcode as funcode7_7_, sysmenu0_.funorder as funorder8_7_, sysmenu0_.funtype as funtype9_7_, sysmenu0_.icon as icon10_7_, sysmenu0_.idpath as idpath11_7_, sysmenu0_.islog as islog12_7_, sysmenu0_.location as locatio13_7_, sysmenu0_.nodetype as nodetyp14_7_, sysmenu0_.parentid as parenti15_7_, sysmenu0_.rbflag as rbflag16_7_, sysmenu0_.slevel as slevel17_7_, sysmenu0_.title as title18_7_ from SYSFUNCTION sysmenu0_ order by sysmenu0_.funorder 2025-08-06 09:04:31.570 INFO 3324 --- [nio-9100-exec-6] c.i.h.s.w.support.SSOUserContextFilter : in SSOUserContextFilter! securitytype is hsa-sso-mock 2025-08-06 09:04:31.570 INFO 3324 --- [io-9100-exec-10] c.i.h.s.w.support.SSOUserContextFilter : in SSOUserContextFilter! securitytype is hsa-sso-mock 2025-08-06 09:04:31.572 INFO 3324 --- [io-9100-exec-10] c.i.f.w.s.web.RepeatRequestFilter : ===repeat=false=== 2025-08-06 09:04:31.572 INFO 3324 --- [nio-9100-exec-6] c.i.f.w.s.web.RepeatRequestFilter : ===repeat=false=== 为什么运行不结束
最新发布
08-07
我们正在分析一个Java Spring Boot应用启动后未结束运行的问题。根据Spring Boot的特性,应用启动后应该会保持运行状态(例如,作为Web应用等待HTTP请求),但有时我们期望应用执行完某些任务后自动退出,而它却没有...
java - SpringBoot3.x接入Security6.x实现JWT认证
草青工作室 的专栏
12-31 1745
使用OncePerRequestFilter的优点是,能保证一个请求只过一次筛选器。可以在filter中实现对jwt的校验,验证成功后需要对Security上下文进行标注。标记认证已经通过,这点非常重要。如果认证完了不标注,后边的过滤器还是认为未认证导致无权限失败。以上支持介绍了对于已有JWT统一认证系统的接入(JWT解析和认证),不涉及JWT生成和管理相关内容。
spring security源码分析.pdf
07-11
#### 十四、SessionManagementFilter 分析 1. **作用**:`SessionManagementFilter` 用于管理用户的会话。 2. **执行逻辑**: - 监控用户的会话状态。 - 实现会话固定保护、最大会话数量限制等功能。 - 更新 `...
Spring Security学习笔记之SessionManagementFilter
py_xin的博客
10-11 3730
开始的时候不明白这个过滤器的作用是什么. 看源码: public void doFilter(ServletRequest req, ServletResponse res, FilterChain chain) throws IOException, ServletException { HttpServletRequest request = (HttpServletRequest)
ConcurrentSessionFilter
yecong111的专栏
11-28 8240
ConcurrentSessionFilter做的功能比较简单,主要是判断session是否过期以及更新最新访问时间      通过代码HttpSession session = request.getSession(false);判断获取session 1、首先判断session是否存在--------HttpSession session = request.getSession(fals
Spring Security3源码分析-SessionManagementFilter分析-
Dead_Knight的专栏
05-08 310
SessionManagementFilter过滤器对应的类路径为 org.springframework.security.web.session.SessionManagementFilter 这个过滤器看名字就知道是管理session的了,http标签是自动配置时,默认是添加SessionManagementFilter过滤器到filterChainProxy中的,如果不想使用这个过滤...
spring gateway 自定义sessionmanager_SpringCloud系列Gateway:自定义过滤器
weixin_34851528的博客
01-25 650
通过上一篇文章SpringCloud系列Gateway:过滤器总结我们知道Gateway的过滤器分为网关过滤器和全局过滤器,今天带大家看看如何自定义这两种过滤器。自定义网关过滤器自定义网关过滤器有两种实现方式实现GatewayFilter接口实现GatewayFilterFactory接口下面针对两种方式分别介绍实现GatewayFilter接口自定义过滤器/** * 自定义网关过滤器 * @au...
session网站登录控制——filter方式
archer的技术故事
10-12 1691
session网站登录控制——filter方式
spring security 各个filter的主要功能
qq_29415357的博客
03-21 1188
spring security 各个filter的主要功能 spring security是一个安全框架,主要实现登录认证、权限鉴定、session管理等工作。其把工作委托给springsecurityFilterChain来操作,大约有14个Filter。 1、WebAsyncManagerIntegrationFilter: 提供了对securityContext和WebAsyncManager的集成,使其支持把SecurityContext设置基于ThreadLocal的SecurityContext
spring-secrity的Filter顺序+自定义过滤器
毅香雪海的博客
09-05 2268
spring-secrity的Filter顺序+自定义过滤器
SpringSecurity------Session Management(十二)
豢龙先生
06-21 2756
有时,总是创建会话是很有价值的,我们可以通过配置ForceEagerSessionCreationFilter来完成: 二、Detecting Timeouts 可以配置Spring Security来检测无效会话ID的提交,并将用户重定向到适当的URL,这是通过会话管理(session-management)实现的: 使用上面的配置来检测会话超时,如果用户在登出之后没有关闭浏览器的情况下重新登录,可能会报告一个错误。这是因为执行了登出,会话失效时存储在浏览器的Cookie不会被清除,而且会随着后续请求重新
SpringSecurity如何管理session
xsgnzb的专栏
03-14 1129
SessionManagementFilter是在用户认证成功后,执行一些session相关的工作,包括防止固定会话攻击,多点登录登自动下线等。用户通过扩展点,能自定义各种策略。下面是SessionManagementFilter的流程图,分为4个子流程:认证通过,执行策略成功,保存SecurityContext,执行下一个Filter认证通过,执行策略失败,执行身份认证失败策略(一般是重定向到登录页面),结束请求。
Spring Security核心过滤器链分析
最后,SessionManagementFilter(编号9)负责管理用户的会话。它会监控用户会话的有效性,并且可以配置以处理会话过期或并发会话控制等问题。 这些过滤器构成了Spring Security的核心,它们协同工作,确保了应用...
评论
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值