Grails 1.3.6 的Tomcat6
我创建了一个生产ROOT.war。删除了默认的tomcat ROOT目录。部署了ROOT.war并启动了tomcat。该应用程序开始很好。但是,似乎弹簧安全过滤器未正确处理。对于初学者,我可以访问受保护的页面,但由于无法访问已登录的主体而引发错误。另一个问题是,在我提交登录信用后,服务器在http://host:8080/j_spring_security_check上返回NPE和HTTP状态代码500。
我应该注意到本地我在app.conperties中有app.context = /,本地的所有内容都可以在http://localhost:8080/上正常工作
这里有任何想法吗?
更新:无论出于何种原因,这次我为NPE获得了更多的堆栈跟踪,所以我在这里发布
java.lang.NullPointerException
at org.apache.tomcat.util.buf.ByteChunk.equalsIgnoreCase(ByteChunk.java:563)
at org.apache.tomcat.util.buf.MessageBytes.equalsIgnoreCase(MessageBytes.java:335)
at org.apache.tomcat.util.http.MimeHeaders.getValue(MimeHeaders.java:289)
at org.apache.tomcat.util.http.MimeHeaders.getHeader(MimeHeaders.java:318)
at org.apache.coyote.Request.getHeader(Request.java:330)
at org.apache.catalina.connector.Request.getHeader(Request.java:1877)
at org.apache.catalina.connector.RequestFacade.getHeader(RequestFacade.java:643)
at javax.servlet.http.HttpServletRequestWrapper.getHeader(HttpServletRequestWrapper.java:80)
at org.codehaus.groovy.grails.plugins.springsecurity.SpringSecurityUtils.isAjax(SpringSecurityUtils.java:299)
at org.codehaus.groovy.grails.plugins.springsecurity.AjaxAwareAuthenticationSuccessHandler.determineTargetUrl(AjaxAwareAuthenticationSuccessHandler.java:42)
at org.springframework.security.web.authentication.AbstractAuthenticationTargetUrlRequestHandler.handle(AbstractAuthenticationTargetUrlRequestHandler.java:67)
at org.springframework.security.web.authentication.SimpleUrlAuthenticationSuccessHandler.onAuthenticationSuccess(SimpleUrlAuthenticationSuccessHandler.java:42)
at org.springframework.security.web.authentication.SavedRequestAwareAuthenticationSuccessHandler.onAuthenticationSuccess(SavedRequestAwareAuthenticationSuccessHandler.java:63)
at org.codehaus.groovy.grails.plugins.springsecurity.AjaxAwareAuthenticationSuccessHandler.onAuthenticationSuccess(AjaxAwareAuthenticationSuccessHandler.java:65)
at org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter.successfulAuthentication(AbstractAuthenticationProcessingFilter.java:301)
at org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter.doFilter(AbstractAuthenticationProcessingFilter.java:218)
at org.codehaus.groovy.grails.plugins.springsecurity.RequestHolderAuthenticationFilter.doFilter(RequestHolderAuthenticationFilter.java:40)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:378)
at org.codehaus.groovy.grails.plugins.springsecurity.MutableLogoutFilter.doFilter(MutableLogoutFilter.java:79)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:378)
at org.springframework.security.web.context.SecurityContextPersistenceFilter.doFilter(SecurityContextPersistenceFilter.java:79)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:378)
at org.springframework.security.web.FilterChainProxy.doFilter(FilterChainProxy.java:167)
at org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:237)
at org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:167)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
at org.codehaus.groovy.grails.web.servlet.mvc.GrailsWebRequestFilter.doFilterInternal(GrailsWebRequestFilter.java:69)
at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:76)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
at org.codehaus.groovy.grails.web.filters.HiddenHttpMethodFilter.doFilterInternal(HiddenHttpMethodFilter.java:65)
at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:76)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
at org.springframework.web.filter.CharacterEncodingFilter.doFilterInternal(CharacterEncodingFilter.java:88)
at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:76)
at org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:237)
at org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:167)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:233)
at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:191)
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:127)
at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102)
at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109)
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:298)
at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:859)
at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:588)
at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:489)
at java.lang.Thread.run(Thread.java:636)
答案 0 :(得分:0)
看起来应用程序正在执行request.getHeader(ajaxHeaderName),其中name是:
String ajaxHeaderName = (String)ReflectionUtils.getConfigProperty("ajaxHeader");
(请参阅isAjax()第294行here)
ajaxHeader的默认值为'X-Requested-With'(here)。
您是否明确将配置值设置为prod中的其他内容?
这不是一个非常明确的答案,但也许它会让你找到正确的调试路径。
答案 1 :(得分:0)
好吧,长话短说,它与Spring Security无直接关系。我仍然把它拼凑在一起,但它与我们正在维护的插件组合(更像项目模块),内联插件配置,插件依赖和生产战争有关。