java.lang.String无法在Spring Security ACL中

时间:2015-07-23 20:57:14

标签: grails spring-security acl

我使用Spring Security ACL plugin并且之前没有设置ACL。我想访问以下服务方法:

@PostFilter("hasPermission(filterObject, read) or hasPermission(filterObject, admin)")
List<Company> list(Map params = [:]) {
   return Company.list(params)
}

我允许公司的管理员用户。当我访问上述方法时,一切正常。当我停止服务器并执行grails clean时,会出现问题。当我重新启动并访问上述方法时,我收到以下错误。这很奇怪,因为它在grails清理之前第一次没有错误。

2015-08-08 14:57:02,509 [http-nio-8080-exec-5] ERROR errors.GrailsExceptionResolver  - ClassCastException occurred when processing request: [GET] /test2/home/list
java.lang.String cannot be cast to java.lang.Long. Stacktrace follows:
Message: java.lang.String cannot be cast to java.lang.Long
    Line | Method
->>  305 | doCall                 in org.grails.datastore.gorm.GormStaticApi$_withCriteria_closure11
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - 
|    302 | execute                in org.grails.datastore.mapping.core.DatastoreUtils
|     37 | execute . . . . . . .  in org.grails.datastore.gorm.AbstractDatastoreApi
|    304 | withCriteria           in org.grails.datastore.gorm.GormStaticApi
|    128 | lookupObjectIdentities in grails.plugin.springsecurity.acl.jdbc.GormAclLookupStrategy
|    106 | doCall                 in grails.plugin.springsecurity.acl.jdbc.GormAclLookupStrategy$_readAclsById_closure1
|     78 | readAclsById . . . . . in grails.plugin.springsecurity.acl.jdbc.GormAclLookupStrategy
|    288 | readAclsById           in grails.plugin.springsecurity.acl.AclService
|    127 | list . . . . . . . . . in test2.HomeController
|    198 | doFilter               in grails.plugin.cache.web.filter.PageFragmentCachingFilter
|     63 | doFilter . . . . . . . in grails.plugin.cache.web.filter.AbstractFilter
|     53 | doFilter               in grails.plugin.springsecurity.web.filter.GrailsAnonymousAuthenticationFilter
|     62 | doFilter . . . . . . . in grails.plugin.springsecurity.web.authentication.logout.MutableLogoutFilter
|   1142 | runWorker              in java.util.concurrent.ThreadPoolExecutor
|    617 | run . . . . . . . . .  in java.util.concurrent.ThreadPoolExecutor$Worker
^    745 | run                    in java.lang.Thread
Error |
2015-08-08 14:57:03,030 [http-nio-8080-exec-6] ERROR errors.GrailsExceptionResolver  - ClassCastException occurred when processing request: [GET] /test2/home/list
java.lang.String cannot be cast to java.lang.Long. Stacktrace follows:
Message: java.lang.String cannot be cast to java.lang.Long
    Line | Method
->>  305 | doCall                 in org.grails.datastore.gorm.GormStaticApi$_withCriteria_closure11
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - 
|    302 | execute                in org.grails.datastore.mapping.core.DatastoreUtils
|     37 | execute . . . . . . .  in org.grails.datastore.gorm.AbstractDatastoreApi
|    304 | withCriteria           in org.grails.datastore.gorm.GormStaticApi
|    128 | lookupObjectIdentities in grails.plugin.springsecurity.acl.jdbc.GormAclLookupStrategy
|    106 | doCall                 in grails.plugin.springsecurity.acl.jdbc.GormAclLookupStrategy$_readAclsById_closure1
|     78 | readAclsById . . . . . in grails.plugin.springsecurity.acl.jdbc.GormAclLookupStrategy
|    288 | readAclsById           in grails.plugin.springsecurity.acl.AclService
|    127 | list . . . . . . . . . in test2.HomeController
|    198 | doFilter               in grails.plugin.cache.web.filter.PageFragmentCachingFilter
|     63 | doFilter . . . . . . . in grails.plugin.cache.web.filter.AbstractFilter
|     53 | doFilter               in grails.plugin.springsecurity.web.filter.GrailsAnonymousAuthenticationFilter
|     62 | doFilter . . . . . . . in grails.plugin.springsecurity.web.authentication.logout.MutableLogoutFilter
|   1142 | runWorker              in java.util.concurrent.ThreadPoolExecutor
|    617 | run . . . . . . . . .  in java.util.concurrent.ThreadPoolExecutor$Worker
^    745 | run                    in java.lang.Thread

我在这里创建了一个演示项目:https://github.com/confile/Spring-Security-ACL-Bug

重现它:

编辑:我发现当我关闭我的mysql服务器并重新启动它时,错误就消失了。它可能属于一些缓存问题。

有没有办法捕获此错误,例如,如果之前未设置过ACL?

注意:此问题仍无法解答。

1 个答案:

答案 0 :(得分:1)

这个问题似乎与AclSid覆盖插件中的问题的方式有关。

当插件类以某种方式获胜时,您将看到grails package问题。

有一个简单的解决方法一般情况下你应该在执行grails clean之后运行package,还需要确保在你的ci服务器上运行import java.io.FileNotFoundException; import java.io.FileWriter; import java.io.IOException; import java.io.PrintWriter; import java.io.FileReader; import java.io.BufferedReader; public class Search { public static void main(String[] args) throws IOException { //main method boolean match = false; String creditNumber = null; BufferedReader reader1 = new BufferedReader(new FileReader("creditCards1.txt")); creditNumber = reader1.readLine(); while(match = false & creditNumber != null){ System.out.println(creditNumber); boolean confirm = false; confirm = searchTwo(creditNumber); if(confirm == true){ confirm = searchTwo(creditNumber); System.out.println(confirm); break; } reader1.close(); } } public static boolean searchTwo(String creditNumber) throws IOException { //method for searching the 2nd text file boolean match = false; String creditNumber2 = null; BufferedReader reader2 = new BufferedReader(new FileReader("creditCards2.txt")); creditNumber2 = reader2.readLine(); while(match = false & creditNumber != null){ boolean confirm = false; confirm = searchThree(creditNumber2); if(confirm == true & creditNumber2.equals(creditNumber)){ match = true; System.out.println(creditNumber2); } creditNumber2 = reader2.readLine(); } reader2.close(); if(match = true || creditNumber2 == null){ return match; } return match; } public static boolean searchThree(String creditNumber) throws IOException { //method for searching the 3rd text file boolean match = false; String creditNumber3 = null; BufferedReader reader3 = new BufferedReader(new FileReader("creditCards3.txt")); creditNumber3 = reader3.readLine(); while(match = false & creditNumber != null){ if(creditNumber3.equals(creditNumber)){ match = true; break; } creditNumber3 = reader3.readLine(); } reader3.close(); if(match = true || creditNumber3 == null){ return match; } return match; } } 步骤之前建立你的战争。

我已经看到了同样的问题,因为我们使用UUID并且必须使AclSid类也有sid的字符串。一旦我们开始正确运行包装步骤,我就没有生产或本地问题。