Grails Spring Security REST 插件 - 令牌存储失败
Posted
技术标签:
【中文标题】Grails Spring Security REST 插件 - 令牌存储失败【英文标题】:Grails Spring Security REST Plugin - Token Storage Failure 【发布时间】:2014-10-02 22:24:37 【问题描述】:我正在使用 Spring Security REST 插件设置 Grails 项目,但遇到了一些问题。当我使用有效的用户名和密码向/api/login 发出以下请求时
Accept: application/json
Content-Type: application/json
"username": "validuser",
"password": "validpassword"
我得到以下异常
Error 2014-08-09 11:30:04,839 [http-bio-8080-exec-6] ERROR [/myphotoid-api].[default] - Servlet.service() for servlet [default] in context with path [/myphotoid-api] threw exception
Message: java.lang.Class cannot be cast to java.lang.String
Line | Method
->> 38 | storeToken in com.odobo.grails.plugin.springsecurity.rest.token.storage.GormTokenStorageService
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
| 97 | doFilter in com.odobo.grails.plugin.springsecurity.rest.RestAuthenticationFilter
| 82 | doFilter . in grails.plugin.springsecurity.web.authentication.logout.MutableLogoutFilter
| 63 | doFilter in com.odobo.grails.plugin.springsecurity.rest.RestLogoutFilter
| 82 | doFilter . in com.brandseye.cors.CorsFilter
| 1145 | runWorker in java.util.concurrent.ThreadPoolExecutor
| 615 | run . . . in java.util.concurrent.ThreadPoolExecutor$Worker
^ 745 | run in java.lang.Thread
然后我的客户收到一个 302 到 /login/auth,这是常规的有状态登录页面。 :(
但是,如果我使用无效的用户名和密码向 /api/login 发出以下请求
Accept: application/json
Content-Type: application/json
"username": "validuser",
"password": "badpassword"
我得到一个 401,我想这是我应该期待的。
这是我的Config.groovy 中的有效部分
// Added by the Spring Security Core plugin:
grails.plugin.springsecurity.userLookup.userDomainClassName = 'com.campuscardtools.myphotoid.Person'
grails.plugin.springsecurity.userLookup.authorityJoinClassName = 'com.campuscardtools.myphotoid.PersonRole'
grails.plugin.springsecurity.authority.className = 'com.campuscardtools.myphotoid.Role'
grails.plugin.springsecurity.controllerAnnotations.staticRules = [
'/api/login': ['permitAll'],
'/': ['permitAll'],
'/index': ['permitAll'],
'/index.gsp': ['permitAll'],
'/assets/**': ['permitAll']
]
grails.plugin.springsecurity.rest.token.storage.useGorm = true
grails.plugin.springsecurity.rest.token.storage.gorm.tokenDomainClassName = com.campuscardtools.myphotoid.AuthenticationToken
grails.plugin.springsecurity.filterChain.chainMap = [
'/api/**': 'JOINED_FILTERS,-exceptionTranslationFilter,-authenticationProcessingFilter,-securityContextPersistenceFilter', // Stateless chain
'/**': 'JOINED_FILTERS,-restTokenValidationFilter,-restExceptionTranslationFilter' // Traditional chain
]
提前感谢您的帮助!
【问题讨论】:
看起来您的tokenDomainClassName 需要用引号括起来
【参考方案1】:
@kau 感谢您的有用评论。
看来您的 tokenDomainClassName 需要用引号括起来 - kau 8 月 22 日 14:01
所以我改变了这个
grails.plugin.springsecurity.rest.token.storage.gorm.tokenDomainClassName = com.campuscardtools.myphotoid.AuthenticationToken
到这里
grails.plugin.springsecurity.rest.token.storage.gorm.tokenDomainClassName = 'com.campuscardtools.myphotoid.AuthenticationToken'
【讨论】:
【参考方案2】:检查文档中的插件配置部分:http://alvarosanchez.github.io/grails-spring-security-rest/docs/guide/configuration.html
您必须在 grails.plugin.springsecurity.filterChain.chainMap 中正确配置链:
grails.plugin.springsecurity.filterChain.chainMap = [
'/api/**': 'JOINED_FILTERS,-exceptionTranslationFilter,-authenticationProcessingFilter,-securityContextPersistenceFilter', // Stateless chain
'/**': 'JOINED_FILTERS,-restTokenValidationFilter,-restExceptionTranslationFilter' // Traditional chain
]
【讨论】:
以上是关于Grails Spring Security REST 插件 - 令牌存储失败的主要内容,如果未能解决你的问题,请参考以下文章
Grails - grails-spring-security-rest - 无法从 application.yml 加载 jwt 机密
grails-spring-security-rest 插件和悲观锁定
Grails + spring-security-core:用户登录后如何分配角色?