我正在开发一个 Spring Boot 应用程序,使用 H2 作为嵌入式内存数据库。我在尝试访问 H2 控制台时遇到问题。每当我导航到 http://localhost:8080/h2-console 时,它都会提示我输入用户名和密码。
控制台输出:
2023-08-03T19:41:47.901+03:00 INFO 5176 --- [ main] c.e.a.AlbacamiereaApplication : Starting AlbacamiereaApplication using Java 17.0.5 with PID 5176 (C:\albacamierea\target\classes started by Robert in C:\albacamierea)
2023-08-03T19:41:47.916+03:00 INFO 5176 --- [ main] c.e.a.AlbacamiereaApplication : No active profile set, falling back to 1 default profile: "default"
2023-08-03T19:41:50.102+03:00 INFO 5176 --- [ main] .s.d.r.c.RepositoryConfigurationDelegate : Bootstrapping Spring Data JPA repositories in DEFAULT mode.
2023-08-03T19:41:50.167+03:00 INFO 5176 --- [ main] .s.d.r.c.RepositoryConfigurationDelegate : Finished Spring Data repository scanning in 38 ms. Found 0 JPA repository interfaces.
2023-08-03T19:41:51.805+03:00 INFO 5176 --- [ main] o.s.b.w.embedded.tomcat.TomcatWebServer : Tomcat initialized with port(s): 8080 (http)
2023-08-03T19:41:51.809+03:00 INFO 5176 --- [ main] o.a.catalina.core.AprLifecycleListener : Loaded Apache Tomcat Native library [2.0.3] using APR version [1.7.2].
2023-08-03T19:41:51.851+03:00 INFO 5176 --- [ main] o.a.catalina.core.AprLifecycleListener : OpenSSL successfully initialized [OpenSSL 3.0.8 7 Feb 2023]
2023-08-03T19:41:51.891+03:00 INFO 5176 --- [ main] o.apache.catalina.core.StandardService : Starting service [Tomcat]
2023-08-03T19:41:51.892+03:00 INFO 5176 --- [ main] o.apache.catalina.core.StandardEngine : Starting Servlet engine: [Apache Tomcat/10.1.11]
2023-08-03T19:41:52.247+03:00 INFO 5176 --- [ main] o.a.c.c.C.[Tomcat].[localhost].[/] : Initializing Spring embedded WebApplicationContext
2023-08-03T19:41:52.248+03:00 INFO 5176 --- [ main] w.s.c.ServletWebServerApplicationContext : Root WebApplicationContext: initialization completed in 4149 ms
2023-08-03T19:41:52.757+03:00 INFO 5176 --- [ main] com.zaxxer.hikari.HikariDataSource : HikariPool-1 - Starting...
2023-08-03T19:41:53.629+03:00 INFO 5176 --- [ main] com.zaxxer.hikari.pool.HikariPool : HikariPool-1 - Added connection conn0: url=jdbc:h2:mem:d48ab7e7-383a-4245-846e-d273ef5237bd user=SA
2023-08-03T19:41:53.637+03:00 INFO 5176 --- [ main] com.zaxxer.hikari.HikariDataSource : HikariPool-1 - Start completed.
2023-08-03T19:41:53.884+03:00 INFO 5176 --- [ main] o.hibernate.jpa.internal.util.LogHelper : HHH000204: Processing PersistenceUnitInfo [name: default]
2023-08-03T19:41:54.170+03:00 INFO 5176 --- [ main] org.hibernate.Version : HHH000412: Hibernate ORM core version 6.2.6.Final
2023-08-03T19:41:54.178+03:00 INFO 5176 --- [ main] org.hibernate.cfg.Environment : HHH000406: Using bytecode reflection optimizer
2023-08-03T19:41:54.854+03:00 INFO 5176 --- [ main] o.h.b.i.BytecodeProviderInitiator : HHH000021: Bytecode provider name : bytebuddy
2023-08-03T19:41:55.528+03:00 INFO 5176 --- [ main] o.s.o.j.p.SpringPersistenceUnitInfo : No LoadTimeWeaver setup: ignoring JPA class transformer
2023-08-03T19:41:56.089+03:00 INFO 5176 --- [ main] o.h.b.i.BytecodeProviderInitiator : HHH000021: Bytecode provider name : bytebuddy
2023-08-03T19:41:57.195+03:00 INFO 5176 --- [ main] o.h.e.t.j.p.i.JtaPlatformInitiator : HHH000490: Using JtaPlatform implementation: [org.hibernate.engine.transaction.jta.platform.internal.NoJtaPlatform]
2023-08-03T19:41:57.221+03:00 INFO 5176 --- [ main] j.LocalContainerEntityManagerFactoryBean : Initialized JPA EntityManagerFactory for persistence unit 'default'
2023-08-03T19:41:57.358+03:00 WARN 5176 --- [ main] JpaBaseConfiguration$JpaWebConfiguration : spring.jpa.open-in-view is enabled by default. Therefore, database queries may be performed during view rendering. Explicitly configure spring.jpa.open-in-view to disable this warning
2023-08-03T19:41:58.582+03:00 WARN 5176 --- [ main] .s.s.UserDetailsServiceAutoConfiguration :
Using generated security password: dab22a6d-fca6-4e5d-9796-8f4d30c2c9b5
我尝试过使用空白用户名和密码以及默认的“SA”用户名和无密码来访问 H2 控制台,但仍然不起作用。
您似乎启用了 Spring Security,但未明确允许 H2 端点的路径。
仅适用于 H2 的可能的 SecurityFilterChain 设置(应通过
@Order
注释放置在其他 FilterChain 的前面):
@Bean
@Order(5)
// @Profile("development")
public SecurityFilterChain h2FilterChain(
HttpSecurity http,
@Value("${spring.h2.console.path:/h2-console}") String h2ConsolePath) throws Exception {
return http
.securityMatchers(matchers -> matchers
/* https://github.com/spring-projects/spring-security/issues/12546#issuecomment-1382891839 */
.requestMatchers(AntPathRequestMatcher.antMatcher(h2ConsolePath + "/**")))
.authorizeHttpRequests(authorize -> authorize.anyRequest().permitAll())
/* The H2 console runs in a frameset. Thus, we need to set 'X-Frame-Options' from 'deny' to 'sameOrigin'. */
.headers(header -> header.frameOptions(HeadersConfigurer.FrameOptionsConfig::sameOrigin))
/* Otherwise login into H2 won't work. */
.csrf(CsrfConfigurer::disable)
.build()
}
确保正确设置属性中的 h2-console 值。