在Grails中使用Spring Security和Requestmap失败

时间:2015-01-22 07:39:34

标签: grails spring-security

我是Grails的新手。我从头开始了一个新项目,并添加了Spring Security Core作为身份验证和授权(我使用GGTS作为工具)。我的问题是,如果我开始使用Requestmap,它根本不起作用,即使我使用的是我在网络上找到的指令。这是我的配置。


Buildconfig.groovy:

compile ':spring-security-core:2.0-RC4'

我用来创建默认对象的命令

s2-quickstart com.company.foobar User Privilege Requestmap

Config.groovy中

grails.plugin.springsecurity.rejectIfNoRule = true
grails.plugin.springsecurity.fii.rejectPublicInvocations = false

grails.plugin.springsecurity.logout.postOnly = false

// Added by the Spring Security Core plugin:
grails.plugin.springsecurity.userLookup.userDomainClassName = 'com.company.foobar.User'
grails.plugin.springsecurity.userLookup.authorityJoinClassName = 'com.company.foobar.UserPrivilege'
grails.plugin.springsecurity.authority.className = 'com.company.foobar.Privilege'
grails.plugin.springsecurity.requestMap.className = 'com.company.foobar.Requestmap'
grails.plugin.springsecurity.securityConfigType = grails.plugin.springsecurity.SecurityConfigType.Requestmap

//**** I have tried both above and below (below is default one).

grails.plugin.springsecurity.securityConfigType = 'Requestmap'

BootStrap.groovy中

for (String url in [
    '/', '/index', '/index.gsp', '/**/favicon.ico',
'/assets/**', '/**/js/**', '/**/css/**', '/**/images/**',
    '/login', '/login.*', '/login/**',
    '/logout', '/logout.*', '/logout/**']) {
    new Requestmap(url: url, configAttribute: 'ROLE_ANONYMOUS').save()
}

// I have tried both these (above and below)
// I have tried configuration attribute as
// IS_AUTHENTICATED_ANONYMOUSLY, permitAll
// and ROLE_ANONYMOUS (and few others too)

new Requestmap(url: '/**', configAttribute: 'IS_AUTHENTICATED_ANONYMOUSLY').save();
new Requestmap(url: '/logout/**', configAttribute: 'ROLE_ANONYMOUS').save();
new Requestmap(url: '/login/**', configAttribute: 'ROLE_ANONYMOUS').save()
new Requestmap(url: '/index/**', configAttribute: 'ROLE_ANONYMOUS').save();

注意:数据库填充正确。


事情是DB正确填充,但我收到了这些错误:

hierarchicalroles.RoleHierarchyImpl setHierarchy() - The following role hierarchy was set: 
intercept.FilterSecurityInterceptor Validated configuration attributes
web.DefaultSecurityFilterChain Creating filter chain: Ant [pattern='/**'], [org.springframework.security.web.context.SecurityContextPersistenceFilter@7f4446e0, grails.plugin.springsecurity.web.authentication.logout.MutableLogoutFilter@5b895d66, grails.plugin.springsecurity.web.authentication.RequestHolderAuthenticationFilter@1753027d, org.springframework.security.web.servletapi.SecurityContextHolderAwareRequestFilter@4ac86881, grails.plugin.springsecurity.web.filter.GrailsRememberMeAuthenticationFilter@2b451382, grails.plugin.springsecurity.web.filter.GrailsAnonymousAuthenticationFilter@4403d1ff, org.springframework.security.web.access.ExceptionTranslationFilter@56cfdf3b, org.springframework.security.web.access.intercept.FilterSecurityInterceptor@6948c703]
|Server running. Browse to http://localhost:8080/foobar
....matcher.AntPathRequestMatcher Request '/index.gsp' matched by universal pattern '/**'
web.FilterChainProxy /index.gsp at position 1 of 8 in additional filter chain; firing Filter: 'SecurityContextPersistenceFilter'
context.HttpSessionSecurityContextRepository No HttpSession currently exists
context.HttpSessionSecurityContextRepository No SecurityContext was available from the HttpSession: null. A new one will be created.
web.FilterChainProxy /index.gsp at position 2 of 8 in additional filter chain; firing Filter: 'MutableLogoutFilter'
web.FilterChainProxy /index.gsp at position 3 of 8 in additional filter chain; firing Filter: 'RequestHolderAuthenticationFilter'
web.FilterChainProxy /index.gsp at position 4 of 8 in additional filter chain; firing Filter: 'SecurityContextHolderAwareRequestFilter'
web.FilterChainProxy /index.gsp at position 5 of 8 in additional filter chain; firing Filter: 'GrailsRememberMeAuthenticationFilter'
web.FilterChainProxy /index.gsp at position 6 of 8 in additional filter chain; firing Filter: 'GrailsAnonymousAuthenticationFilter'
web.FilterChainProxy /index.gsp at position 7 of 8 in additional filter chain; firing Filter: 'ExceptionTranslationFilter'
web.FilterChainProxy /index.gsp at position 8 of 8 in additional filter chain; firing Filter: 'FilterSecurityInterceptor'
intercept.FilterSecurityInterceptor Secure object: FilterInvocation: URL: /index.gsp; Attributes: [_DENY_]
intercept.FilterSecurityInterceptor Previously Authenticated: grails.plugin.springsecurity.authentication.GrailsAnonymousAuthenticationToken@dc4337e: Principal: org.springframework.security.core.userdetails.User@dc730200: Username: __grails.anonymous.user__; Password: [PROTECTED]; Enabled: false; AccountNonExpired: false; credentialsNonExpired: false; AccountNonLocked: false; Granted Authorities: ROLE_ANONYMOUS; Credentials: [PROTECTED]; Authenticated: true; Details: org.springframework.security.web.authentication.WebAuthenticationDetails@957e: RemoteIpAddress: 127.0.0.1; SessionId: null; Granted Authorities: ROLE_ANONYMOUS
hierarchicalroles.RoleHierarchyImpl getReachableGrantedAuthorities() - From the roles [ROLE_ANONYMOUS] one can reach [ROLE_ANONYMOUS] in zero or more steps.
access.ExceptionTranslationFilter Access is denied (user is anonymous); redirecting to authentication entry point
org.springframework.security.access.AccessDeniedException: Access is denied
    at grails.plugin.springsecurity.access.vote.AuthenticatedVetoableDecisionManager.decide(AuthenticatedVetoableDecisionManager.java:47)
    at grails.plugin.springsecurity.web.filter.GrailsAnonymousAuthenticationFilter.doFilter(GrailsAnonymousAuthenticationFilter.java:53)
    at grails.plugin.springsecurity.web.authentication.RequestHolderAuthenticationFilter.doFilter(RequestHolderAuthenticationFilter.java:49)
    at grails.plugin.springsecurity.web.authentication.logout.MutableLogoutFilter.doFilter(MutableLogoutFilter.java:82)
    at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145)
    at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615)
    at java.lang.Thread.run(Thread.java:745)
savedrequest.HttpSessionRequestCache DefaultSavedRequest added to Session: DefaultSavedRequest[http://localhost:8080/foobar/]
access.ExceptionTranslationFilter Calling Authentication entry point.
web.DefaultRedirectStrategy Redirecting to 'http://localhost:8080/foobar/login/auth'

在此之后我从浏览器得到循环错误(它尝试并尝试登录/ auth页面始终获得相同的答案)。我已经在stackoverflow中检查了答案,但是我的配置就像在那些答案中,并且仍然没有帮助。

我已经解决了这个问题,它没有帮助我,Grails spring security fails to present the login page due to a redirect loop(我的配置与上面的答案相似)。

什么有效

如果我取出请求地图并在Config.groovy中使用静态定义,一切都像魅力一样,但我需要使用数据库进行配置(从那里开始)。

1 个答案:

答案 0 :(得分:2)

似乎是与[hibernate4插件] [2] *相关的​​[问题] [1]。

使用Grails 2.5默认安装的hibernate-plugin(BuildConfig.groovy)是:

runtime ":hibernate4:4.3.8.1" // or ":hibernate:3.6.10.18"

这显然不适用于securityConfigType =' Requestmap'
所以我试过......

  • 4.3.8.2-SNAPSHOT:同样的问题。
  • 4.3.6.1:同样的问题。
  • 4.3.5.4:似乎运作良好

可能是您可以选择降级hibernate4插件:

runtime ":hibernate4:4.3.5.4"