我们有grails / groovy应用程序,我们正在使用spring security。在调用我们的signin api并获取身份验证令牌后,我们调用另一个api - 详细信息,我们收到以下错误。我们从Android应用程序调用这些api。当我们从邮递员那里测试apis时,我们不会遇到这个问题。
2014-10-14 10:49:23,650 [qtp1955156240-20] DEBUG rest.RestAuthenticationFilter - Actual URI is /api/details; endpoint URL is /api/login
2014-10-14 10:49:23,650 [qtp1955156240-20] DEBUG web.FilterChainProxy - /api/v1/details at position 4 of 8 in additional filter chain; firing Filter: 'SecurityContextHolderAwareRequestFilter'
2014-10-14 10:49:23,650 [qtp1955156240-20] DEBUG web.FilterChainProxy - /api/v1/details at position 5 of 8 in additional filter chain; firing Filter: 'GrailsRememberMeAuthenticationFilter'
2014-10-14 10:49:23,650 [qtp1955156240-20] DEBUG web.FilterChainProxy - /api/v1/details at position 6 of 8 in additional filter chain; firing Filter: 'RestTokenValidationFilter'
2014-10-14 10:49:23,650 [qtp1955156240-20] DEBUG rest.RestTokenValidationFilter - Token found: 76ijdnfmjvvj8g56615dnj6kikj2rgnb
2014-10-14 10:49:23,650 [qtp1955156240-20] DEBUG rest.RestTokenValidationFilter - Trying to authenticate the token
2014-10-14 10:49:23,651 [qtp1955156240-20] DEBUG rest.RestAuthenticationProvider - Trying to validate token 76ijdnfmjvvj8g56615dnj6kikj2rgnb
2014-10-14 10:49:23,654 [qtp1955156240-20] DEBUG rest.RestTokenValidationFilter - Authentication failed: User not found
2014-10-14 10:49:23,654 [qtp1955156240-20] DEBUG rest.RestAuthenticationFailureHandler - Setting status code to 401
我们正在使用spring security rest插件。
答案 0 :(得分:0)
spring security rest插件使用了用户名作为身份验证令牌的密钥。我们正在登录后通过api调用修改用户名。但不是在spring security rest插件用于身份验证的域中。一旦我们注意更新spring security使用的身份验证域中的用户名,详细信息api调用就可以了。