Question

我在尝试将Spring Integration Plugin设置到我的Grails应用程序（2.3.4。版本）时有点困难。

BuildConfig.groovy

compile ":spring-security-core:2.0-RC2"

启动s2-quickstart脚本后，我生成了BOUser，BORole，BOUserRole和BORequestMap类。

Config.groovy中

grails.plugin.springsecurity.userLookup.userDomainClassName = 'com.my.example.BOUser'
grails.plugin.springsecurity.userLookup.authorityJoinClassName = 'com.my.example.BOUserRole'
grails.plugin.springsecurity.authority.className = 'com.my.example..BORole'
grails.plugin.springsecurity.requestMap.className = 'com.my.example.BORequestMap'
grails.plugins.springsecurity.portMapper.httpPort = '8080'
grails.plugins.springsecurity.portMapper.httpsPort = '8443'
grails.plugins.springsecurity.rejectIfNoRule = true
grails.plugin.springsecurity.securityConfigType = 'Requestmap'
grails.plugin.springsecurity.roleHierarchy = '''
                                           ROLE_SUPER_ADMIN > ROLE_ADMIN
                                           ROLE_ADMIN > ROLE_USER
                                          '''

BootStrap.groovy中

def customer = new Customer(name: "myCustomer", web:"www.myCustomer.com").save()

def superAdminUser = new BOUser(username:"superAdmin", password:"1234", customer: customer)
def adminUser = new BOUser(username:"admin", password:"1234", customer: customer)
def user = new BOUser(username:"user", password:"1234", customer: customer)

def roleSuperAdminUser = new BORole(authority:"ROLE_SUPER_ADMIN")
def roleAdminUser = new BORole(authority:"ROLE_ADMIN")
def roleUser = new BORole(authority:"ROLE_USER")

superAdminUser.save();
adminUser.save();
user.save();

roleSuperAdminUser.save()
roleAdminUser.save()
roleUser.save()

def superAdminRole = new BOUserRole(BOUser: superAdminUser, BORole:roleSuperAdminUser)
def adminRole = new BOUserRole(BOUser: adminUser, BORole:roleAdminUser)
def userRole = new BOUserRole(BOUser: user, BORole:roleUser)

superAdminRole.save();
adminRole.save();
userRole.save();

for (String url in [
    '/', 
    '/index', 
    '/index.gsp', 
    '/**/favicon.ico',
    '/**/js/**', 
    '/**/css/**', 
    '/**/images/**',
    '/login', 
    '/login.*', 
    '/login/*',
    '/logout', 
    '/logout.*', 
    '/logout/*']) 
{
    new BORequestMap(url: url, configAttribute: 'permitAll').save()
}

我运行应用程序并显示登录页面，但我无法向任何用户进行身份验证，始终显示相同的消息：“抱歉，我们无法找到具有该用户名和密码的用户。”

我的数据库正在使用网址映射，用户，角色和用户角色关系正确填充

LOG

|Loading Grails 2.3.4
|Configuring classpath
.
|Environment set to development
.................................
|Packaging Grails application
................................................
|Running Grails application
Configuring Spring Security Core ...
... finished configuring Spring Security Core
2014-02-07 17:58:56,816 [localhost-startStop-1] DEBUG hierarchicalroles.RoleHierarchyImpl  - setHierarchy() - The following role hierarchy was set: 
                                           ROLE_SUPER_ADMIN > ROLE_ADMIN
                                           ROLE_ADMIN > ROLE_USER

2014-02-07 17:58:56,818 [localhost-startStop-1] DEBUG hierarchicalroles.RoleHierarchyImpl  - buildRolesReachableInOneStepMap() - From role ROLE_SUPER_ADMIN one can reach role ROLE_ADMIN in one step.
2014-02-07 17:58:56,818 [localhost-startStop-1] DEBUG hierarchicalroles.RoleHierarchyImpl  - buildRolesReachableInOneStepMap() - From role ROLE_ADMIN one can reach role ROLE_USER in one step.
2014-02-07 17:58:56,818 [localhost-startStop-1] DEBUG hierarchicalroles.RoleHierarchyImpl  - buildRolesReachableInOneOrMoreStepsMap() - From role ROLE_ADMIN one can reach [ROLE_USER] in one or more steps.
2014-02-07 17:58:56,818 [localhost-startStop-1] DEBUG hierarchicalroles.RoleHierarchyImpl  - buildRolesReachableInOneOrMoreStepsMap() - From role ROLE_SUPER_ADMIN one can reach [ROLE_ADMIN, ROLE_USER] in one or more steps.
2014-02-07 17:58:57,060 [localhost-startStop-1] DEBUG intercept.FilterSecurityInterceptor  - Validated configuration attributes
2014-02-07 17:59:00,491 [localhost-startStop-1] INFO  web.DefaultSecurityFilterChain  - Creating filter chain: Ant [pattern='/**'], [org.springframework.security.web.context.SecurityContextPersistenceFilter@17f73aeb, grails.plugin.springsecurity.web.authentication.logout.MutableLogoutFilter@683d2697, grails.plugin.springsecurity.web.authentication.RequestHolderAuthenticationFilter@6b0b8f8, org.springframework.security.web.servletapi.SecurityContextHolderAwareRequestFilter@3c3fa536, grails.plugin.springsecurity.web.filter.GrailsRememberMeAuthenticationFilter@76779b20, grails.plugin.springsecurity.web.filter.GrailsAnonymousAuthenticationFilter@26698ea3, org.springframework.security.web.access.ExceptionTranslationFilter@5c138308, org.springframework.security.web.access.intercept.FilterSecurityInterceptor@4ffb172]
|Server running. Browse to http://localhost:8080/playtheguru_bo
....2014-02-07 17:59:05,054 [http-bio-8080-exec-4] DEBUG util.AntPathRequestMatcher  - Request '/j_spring_security_check' matched by universal pattern '/**'
2014-02-07 17:59:05,055 [http-bio-8080-exec-4] DEBUG web.FilterChainProxy  - /j_spring_security_check at position 1 of 8 in additional filter chain; firing Filter: 'SecurityContextPersistenceFilter'
2014-02-07 17:59:05,056 [http-bio-8080-exec-4] DEBUG context.HttpSessionSecurityContextRepository  - No HttpSession currently exists
2014-02-07 17:59:05,056 [http-bio-8080-exec-4] DEBUG context.HttpSessionSecurityContextRepository  - No SecurityContext was available from the HttpSession: null. A new one will be created.
2014-02-07 17:59:05,057 [http-bio-8080-exec-4] DEBUG web.FilterChainProxy  - /j_spring_security_check at position 2 of 8 in additional filter chain; firing Filter: 'MutableLogoutFilter'
2014-02-07 17:59:05,058 [http-bio-8080-exec-4] DEBUG web.FilterChainProxy  - /j_spring_security_check at position 3 of 8 in additional filter chain; firing Filter: 'RequestHolderAuthenticationFilter'
2014-02-07 17:59:05,059 [http-bio-8080-exec-4] DEBUG authentication.ProviderManager  - Authentication attempt using org.springframework.security.authentication.dao.DaoAuthenticationProvider
2014-02-07 17:59:05,170 [http-bio-8080-exec-4] DEBUG rememberme.TokenBasedRememberMeServices  - Interactive login attempt was unsuccessful.
2014-02-07 17:59:05,170 [http-bio-8080-exec-4] DEBUG rememberme.TokenBasedRememberMeServices  - Cancelling cookie
2014-02-07 17:59:05,175 [http-bio-8080-exec-4] DEBUG web.DefaultRedirectStrategy  - Redirecting to '/playtheguru_bo/login/authfail?login_error=1'
2014-02-07 17:59:05,175 [http-bio-8080-exec-4] DEBUG context.HttpSessionSecurityContextRepository  - SecurityContext is empty or contents are anonymous - context will not be stored in HttpSession.
2014-02-07 17:59:05,175 [http-bio-8080-exec-4] DEBUG context.SecurityContextPersistenceFilter  - SecurityContextHolder now cleared, as request processing completed
2014-02-07 17:59:05,179 [http-bio-8080-exec-5] DEBUG util.AntPathRequestMatcher  - Request '/login/authfail' matched by universal pattern '/**'
2014-02-07 17:59:05,179 [http-bio-8080-exec-5] DEBUG web.FilterChainProxy  - /login/authfail?login_error=1 at position 1 of 8 in additional filter chain; firing Filter: 'SecurityContextPersistenceFilter'
2014-02-07 17:59:05,180 [http-bio-8080-exec-5] DEBUG context.HttpSessionSecurityContextRepository  - HttpSession returned null object for SPRING_SECURITY_CONTEXT
2014-02-07 17:59:05,180 [http-bio-8080-exec-5] DEBUG context.HttpSessionSecurityContextRepository  - No SecurityContext was available from the HttpSession: org.apache.catalina.session.StandardSessionFacade@3253d487. A new one will be created.
2014-02-07 17:59:05,180 [http-bio-8080-exec-5] DEBUG web.FilterChainProxy  - /login/authfail?login_error=1 at position 2 of 8 in additional filter chain; firing Filter: 'MutableLogoutFilter'
2014-02-07 17:59:05,180 [http-bio-8080-exec-5] DEBUG web.FilterChainProxy  - /login/authfail?login_error=1 at position 3 of 8 in additional filter chain; firing Filter: 'RequestHolderAuthenticationFilter'
2014-02-07 17:59:05,180 [http-bio-8080-exec-5] DEBUG web.FilterChainProxy  - /login/authfail?login_error=1 at position 4 of 8 in additional filter chain; firing Filter: 'SecurityContextHolderAwareRequestFilter'
2014-02-07 17:59:05,181 [http-bio-8080-exec-5] DEBUG web.FilterChainProxy  - /login/authfail?login_error=1 at position 5 of 8 in additional filter chain; firing Filter: 'GrailsRememberMeAuthenticationFilter'
2014-02-07 17:59:05,182 [http-bio-8080-exec-5] DEBUG web.FilterChainProxy  - /login/authfail?login_error=1 at position 6 of 8 in additional filter chain; firing Filter: 'GrailsAnonymousAuthenticationFilter'
2014-02-07 17:59:05,183 [http-bio-8080-exec-5] DEBUG web.FilterChainProxy  - /login/authfail?login_error=1 at position 7 of 8 in additional filter chain; firing Filter: 'ExceptionTranslationFilter'
2014-02-07 17:59:05,183 [http-bio-8080-exec-5] DEBUG web.FilterChainProxy  - /login/authfail?login_error=1 at position 8 of 8 in additional filter chain; firing Filter: 'FilterSecurityInterceptor'
2014-02-07 17:59:06,483 [http-bio-8080-exec-5] DEBUG intercept.FilterSecurityInterceptor  - Secure object: FilterInvocation: URL: /login/authfail?login_error=1; Attributes: [permitAll]
2014-02-07 17:59:06,483 [http-bio-8080-exec-5] DEBUG intercept.FilterSecurityInterceptor  - Previously Authenticated: grails.plugin.springsecurity.authentication.GrailsAnonymousAuthenticationToken@f23f6da8: Principal: org.springframework.security.core.userdetails.User@dc730200: Username: __grails.anonymous.user__; Password: [PROTECTED]; Enabled: false; AccountNonExpired: false; credentialsNonExpired: false; AccountNonLocked: false; Granted Authorities: ROLE_ANONYMOUS; Credentials: [PROTECTED]; Authenticated: true; Details: org.springframework.security.web.authentication.WebAuthenticationDetails@fffbcba8: RemoteIpAddress: 0:0:0:0:0:0:0:1; SessionId: 97E07CDE56C15DC3639B2E0E76F7C41E; Granted Authorities: ROLE_ANONYMOUS
2014-02-07 17:59:06,484 [http-bio-8080-exec-5] DEBUG hierarchicalroles.RoleHierarchyImpl  - getReachableGrantedAuthorities() - From the roles [ROLE_ANONYMOUS] one can reach [ROLE_ANONYMOUS] in zero or more steps.
2014-02-07 17:59:06,491 [http-bio-8080-exec-5] DEBUG intercept.FilterSecurityInterceptor  - Authorization successful
2014-02-07 17:59:06,491 [http-bio-8080-exec-5] DEBUG intercept.FilterSecurityInterceptor  - RunAsManager did not change Authentication object
2014-02-07 17:59:06,492 [http-bio-8080-exec-5] DEBUG web.FilterChainProxy  - /login/authfail?login_error=1 reached end of additional filter chain; proceeding with original chain
2014-02-07 17:59:06,646 [http-bio-8080-exec-5] DEBUG access.ExceptionTranslationFilter  - Chain processed normally
2014-02-07 17:59:06,647 [http-bio-8080-exec-5] DEBUG context.HttpSessionSecurityContextRepository  - SecurityContext is empty or contents are anonymous - context will not be stored in HttpSession.
2014-02-07 17:59:06,647 [http-bio-8080-exec-5] DEBUG context.SecurityContextPersistenceFilter  - SecurityContextHolder now cleared, as request processing completed
2014-02-07 17:59:06,652 [http-bio-8080-exec-6] DEBUG util.AntPathRequestMatcher  - Request '/login/auth' matched by universal pattern '/**'
2014-02-07 17:59:06,652 [http-bio-8080-exec-6] DEBUG web.FilterChainProxy  - /login/auth?login_error=1&format= at position 1 of 8 in additional filter chain; firing Filter: 'SecurityContextPersistenceFilter'
2014-02-07 17:59:06,652 [http-bio-8080-exec-6] DEBUG context.HttpSessionSecurityContextRepository  - HttpSession returned null object for SPRING_SECURITY_CONTEXT
2014-02-07 17:59:06,652 [http-bio-8080-exec-6] DEBUG context.HttpSessionSecurityContextRepository  - No SecurityContext was available from the HttpSession: org.apache.catalina.session.StandardSessionFacade@3253d487. A new one will be created.
2014-02-07 17:59:06,652 [http-bio-8080-exec-6] DEBUG web.FilterChainProxy  - /login/auth?login_error=1&format= at position 2 of 8 in additional filter chain; firing Filter: 'MutableLogoutFilter'
2014-02-07 17:59:06,652 [http-bio-8080-exec-6] DEBUG web.FilterChainProxy  - /login/auth?login_error=1&format= at position 3 of 8 in additional filter chain; firing Filter: 'RequestHolderAuthenticationFilter'
2014-02-07 17:59:06,653 [http-bio-8080-exec-6] DEBUG web.FilterChainProxy  - /login/auth?login_error=1&format= at position 4 of 8 in additional filter chain; firing Filter: 'SecurityContextHolderAwareRequestFilter'
2014-02-07 17:59:06,653 [http-bio-8080-exec-6] DEBUG web.FilterChainProxy  - /login/auth?login_error=1&format= at position 5 of 8 in additional filter chain; firing Filter: 'GrailsRememberMeAuthenticationFilter'
2014-02-07 17:59:06,653 [http-bio-8080-exec-6] DEBUG web.FilterChainProxy  - /login/auth?login_error=1&format= at position 6 of 8 in additional filter chain; firing Filter: 'GrailsAnonymousAuthenticationFilter'
2014-02-07 17:59:06,653 [http-bio-8080-exec-6] DEBUG web.FilterChainProxy  - /login/auth?login_error=1&format= at position 7 of 8 in additional filter chain; firing Filter: 'ExceptionTranslationFilter'
2014-02-07 17:59:06,653 [http-bio-8080-exec-6] DEBUG web.FilterChainProxy  - /login/auth?login_error=1&format= at position 8 of 8 in additional filter chain; firing Filter: 'FilterSecurityInterceptor'
2014-02-07 17:59:06,653 [http-bio-8080-exec-6] DEBUG intercept.FilterSecurityInterceptor  - Secure object: FilterInvocation: URL: /login/auth?login_error=1&format=; Attributes: [permitAll]
2014-02-07 17:59:06,653 [http-bio-8080-exec-6] DEBUG intercept.FilterSecurityInterceptor  - Previously Authenticated: grails.plugin.springsecurity.authentication.GrailsAnonymousAuthenticationToken@f23f6da8: Principal: org.springframework.security.core.userdetails.User@dc730200: Username: __grails.anonymous.user__; Password: [PROTECTED]; Enabled: false; AccountNonExpired: false; credentialsNonExpired: false; AccountNonLocked: false; Granted Authorities: ROLE_ANONYMOUS; Credentials: [PROTECTED]; Authenticated: true; Details: org.springframework.security.web.authentication.WebAuthenticationDetails@fffbcba8: RemoteIpAddress: 0:0:0:0:0:0:0:1; SessionId: 97E07CDE56C15DC3639B2E0E76F7C41E; Granted Authorities: ROLE_ANONYMOUS
2014-02-07 17:59:06,654 [http-bio-8080-exec-6] DEBUG hierarchicalroles.RoleHierarchyImpl  - getReachableGrantedAuthorities() - From the roles [ROLE_ANONYMOUS] one can reach [ROLE_ANONYMOUS] in zero or more steps.
2014-02-07 17:59:06,654 [http-bio-8080-exec-6] DEBUG intercept.FilterSecurityInterceptor  - Authorization successful
2014-02-07 17:59:06,654 [http-bio-8080-exec-6] DEBUG intercept.FilterSecurityInterceptor  - RunAsManager did not change Authentication object
2014-02-07 17:59:06,655 [http-bio-8080-exec-6] DEBUG web.FilterChainProxy  - /login/auth?login_error=1&format= reached end of additional filter chain; proceeding with original chain
2014-02-07 17:59:07,940 [http-bio-8080-exec-6] DEBUG context.HttpSessionSecurityContextRepository  - SecurityContext is empty or contents are anonymous - context will not be stored in HttpSession.
2014-02-07 17:59:07,941 [http-bio-8080-exec-6] DEBUG access.ExceptionTranslationFilter  - Chain processed normally
2014-02-07 17:59:07,941 [http-bio-8080-exec-6] DEBUG context.SecurityContextPersistenceFilter  - SecurityContextHolder now cleared, as request processing completed

任何人都可以提供帮助吗？

谢谢！

Answer 1

我猜你的对象会保存到DB，因为你没有设置所有必需的属性。

在Bootstrap上如果你做任何保存总是使用

save(failOnError: true, flush:true)

当您尝试保存具有任何域对象（在您的情况下，它以静默方式失败）时，设置failOnError:true将抛出异常。 flush:true将确保对象立即保存到DB。

在Grails中设置Spring Security时出现问题

1 个答案: