自从从acegi切换到springsecurity插件后,我无法再上传文件。
有一个请求地图是' / coreAdminUpload / **',' ROLE_CORE'
当我提交上传表单时,springsecurity说我需要进行身份验证吗?但我是。
如果我删除了encType =' multipart / form-data'从表格上看,我至少可以采取正确的行动。如果我有multipart / form-data集,我从springsecurity debug
获得以下内容2014-09-08 12:39:08,401 [http-bio-8080-exec-9] DEBUG matcher.AntPathRequestMatcher - Request '/coreadminupload/saveusers' matched by universal pattern '/**'
2014-09-08 12:39:08,401 [http-bio-8080-exec-9] DEBUG web.FilterChainProxy - /coreAdminUpload/saveUsers at position 1 of 8 in additional filter chain; firing Filter: 'SecurityContextPersistenceFilter'
2014-09-08 12:39:08,401 [http-bio-8080-exec-9] DEBUG context.HttpSessionSecurityContextRepository - Obtained a valid SecurityContext from SPRING_SECURITY_CONTEXT: 'org.springframework.security.core.context.SecurityContextImpl@69160037: Authentication: org.springframework.security.authentication.UsernamePasswordAuthenticationToken@69160037: Principal: grails.plugin.springsecurity.userdetails.GrailsUser@a53ea21: Username: admin@adminDemo; Password: [PROTECTED]; Enabled: true; AccountNonExpired: true; credentialsNonExpired: true; AccountNonLocked: true; Granted Authorities: ROLE_CORE; Credentials: [PROTECTED]; Authenticated: true; Details: org.springframework.security.web.authentication.WebAuthenticationDetails@fffc7f0c: RemoteIpAddress: 0:0:0:0:0:0:0:1; SessionId: 41FDC51C1D2E746ED1DD77AFE864D39F; Granted Authorities: ROLE_CORE'
2014-09-08 12:39:08,401 [http-bio-8080-exec-9] DEBUG web.FilterChainProxy - /coreAdminUpload/saveUsers at position 2 of 8 in additional filter chain; firing Filter: 'MutableLogoutFilter'
2014-09-08 12:39:08,401 [http-bio-8080-exec-9] DEBUG web.FilterChainProxy - /coreAdminUpload/saveUsers at position 3 of 8 in additional filter chain; firing Filter: 'RequestHolderAuthenticationFilter'
2014-09-08 12:39:08,401 [http-bio-8080-exec-9] DEBUG web.FilterChainProxy - /coreAdminUpload/saveUsers at position 4 of 8 in additional filter chain; firing Filter: 'SecurityContextHolderAwareRequestFilter'
2014-09-08 12:39:08,401 [http-bio-8080-exec-9] DEBUG web.FilterChainProxy - /coreAdminUpload/saveUsers at position 5 of 8 in additional filter chain; firing Filter: 'GrailsRememberMeAuthenticationFilter'
2014-09-08 12:39:08,401 [http-bio-8080-exec-9] DEBUG web.FilterChainProxy - /coreAdminUpload/saveUsers at position 6 of 8 in additional filter chain; firing Filter: 'GrailsAnonymousAuthenticationFilter'
2014-09-08 12:39:08,401 [http-bio-8080-exec-9] DEBUG web.FilterChainProxy - /coreAdminUpload/saveUsers at position 7 of 8 in additional filter chain; firing Filter: 'ExceptionTranslationFilter'
2014-09-08 12:39:08,401 [http-bio-8080-exec-9] DEBUG web.FilterChainProxy - /coreAdminUpload/saveUsers at position 8 of 8 in additional filter chain; firing Filter: 'FilterSecurityInterceptor'
2014-09-08 12:39:08,401 [http-bio-8080-exec-9] DEBUG intercept.FilterSecurityInterceptor - Secure object: FilterInvocation: URL: /coreAdminUpload/saveUsers; Attributes: [ROLE_CORE]
2014-09-08 12:39:08,401 [http-bio-8080-exec-9] DEBUG intercept.FilterSecurityInterceptor - Previously Authenticated: org.springframework.security.authentication.UsernamePasswordAuthenticationToken@69160037: Principal: grails.plugin.springsecurity.userdetails.GrailsUser@a53ea21: Username: admin@adminDemo; Password: [PROTECTED]; Enabled: true; AccountNonExpired: true; credentialsNonExpired: true; AccountNonLocked: true; Granted Authorities: ROLE_CORE; Credentials: [PROTECTED]; Authenticated: true; Details: org.springframework.security.web.authentication.WebAuthenticationDetails@fffc7f0c: RemoteIpAddress: 0:0:0:0:0:0:0:1; SessionId: 41FDC51C1D2E746ED1DD77AFE864D39F; Granted Authorities: ROLE_CORE
2014-09-08 12:39:08,401 [http-bio-8080-exec-9] DEBUG hierarchicalroles.RoleHierarchyImpl - getReachableGrantedAuthorities() - From the roles [ROLE_CORE] one can reach [ROLE_CORE] in zero or more steps.
2014-09-08 12:39:08,401 [http-bio-8080-exec-9] DEBUG intercept.FilterSecurityInterceptor - Authorization successful
2014-09-08 12:39:08,401 [http-bio-8080-exec-9] DEBUG intercept.FilterSecurityInterceptor - RunAsManager did not change Authentication object
2014-09-08 12:39:08,401 [http-bio-8080-exec-9] DEBUG web.FilterChainProxy - /coreAdminUpload/saveUsers reached end of additional filter chain; proceeding with original chain
2014-09-08 12:39:08,406 [http-bio-8080-exec-9] DEBUG access.ExceptionTranslationFilter - Chain processed normally
2014-09-08 12:39:08,406 [http-bio-8080-exec-9] DEBUG context.SecurityContextPersistenceFilter - SecurityContextHolder now cleared, as request processing completed
2014-09-08 12:39:08,408 [http-bio-8080-exec-9] DEBUG matcher.AntPathRequestMatcher - Request '/login/auth' matched by universal pattern '/**'
2014-09-08 12:39:08,408 [http-bio-8080-exec-9] DEBUG web.FilterChainProxy - /login/auth at position 1 of 8 in additional filter chain; firing Filter: 'SecurityContextPersistenceFilter'
2014-09-08 12:39:08,408 [http-bio-8080-exec-9] DEBUG context.HttpSessionSecurityContextRepository - Obtained a valid SecurityContext from SPRING_SECURITY_CONTEXT: 'org.springframework.security.core.context.SecurityContextImpl@69160037: Authentication: org.springframework.security.authentication.UsernamePasswordAuthenticationToken@69160037: Principal: grails.plugin.springsecurity.userdetails.GrailsUser@a53ea21: Username: admin@adminDemo; Password: [PROTECTED]; Enabled: true; AccountNonExpired: true; credentialsNonExpired: true; AccountNonLocked: true; Granted Authorities: ROLE_CORE; Credentials: [PROTECTED]; Authenticated: true; Details: org.springframework.security.web.authentication.WebAuthenticationDetails@fffc7f0c: RemoteIpAddress: 0:0:0:0:0:0:0:1; SessionId: 41FDC51C1D2E746ED1DD77AFE864D39F; Granted Authorities: ROLE_CORE'
2014-09-08 12:39:08,409 [http-bio-8080-exec-9] DEBUG web.FilterChainProxy - /login/auth at position 2 of 8 in additional filter chain; firing Filter: 'MutableLogoutFilter'
2014-09-08 12:39:08,409 [http-bio-8080-exec-9] DEBUG web.FilterChainProxy - /login/auth at position 3 of 8 in additional filter chain; firing Filter: 'RequestHolderAuthenticationFilter'
2014-09-08 12:39:08,409 [http-bio-8080-exec-9] DEBUG web.FilterChainProxy - /login/auth at position 4 of 8 in additional filter chain; firing Filter: 'SecurityContextHolderAwareRequestFilter'
2014-09-08 12:39:08,409 [http-bio-8080-exec-9] DEBUG web.FilterChainProxy - /login/auth at position 5 of 8 in additional filter chain; firing Filter: 'GrailsRememberMeAuthenticationFilter'
2014-09-08 12:39:08,409 [http-bio-8080-exec-9] DEBUG web.FilterChainProxy - /login/auth at position 6 of 8 in additional filter chain; firing Filter: 'GrailsAnonymousAuthenticationFilter'
2014-09-08 12:39:08,409 [http-bio-8080-exec-9] DEBUG web.FilterChainProxy - /login/auth at position 7 of 8 in additional filter chain; firing Filter: 'ExceptionTranslationFilter'
2014-09-08 12:39:08,409 [http-bio-8080-exec-9] DEBUG web.FilterChainProxy - /login/auth at position 8 of 8 in additional filter chain; firing Filter: 'FilterSecurityInterceptor'