Warning: file_get_contents(/data/phpspider/zhask/data//catemap/8/python-3.x/17.json): failed to open stream: No such file or directory in /data/phpspider/zhask/libs/function.php on line 167

Warning: Invalid argument supplied for foreach() in /data/phpspider/zhask/libs/tag.function.php on line 1116

Notice: Undefined index: in /data/phpspider/zhask/libs/function.php on line 180

Warning: array_chunk() expects parameter 1 to be array, null given in /data/phpspider/zhask/libs/function.php on line 181
Grails3:SpringSecurityREST返回登录页面_Grails_Spring Security_Bearer Token_Grails3 - Fatal编程技术网
Fatal编程技术网
  • grails/
  • Grails3:SpringSecurityREST返回登录页面

Grails3:SpringSecurityREST返回登录页面

grails spring-security

Grails3:SpringSecurityREST返回登录页面,grails,spring-security,bearer-token,grails3,Grails,Spring Security,Bearer Token,Grails3,我使用的是一个Grails3.1.9应用程序,无法通过传递承载令牌来访问我的安全方法。少了什么 问题: 登录请求(路径:): 登录响应: { "username": "adm", "roles": [ "ROLE_ADM" ], "token_type": "Bearer", "access_token": "enjUSkoPnOhTFg ...", "expires_in": 4600000, "refresh_token

我使用的是一个Grails3.1.9应用程序,无法通过传递承载令牌来访问我的安全方法。少了什么

问题: 登录请求(路径:):

登录响应:

{
    "username": "adm",
    "roles": [
        "ROLE_ADM"
    ],
    "token_type": "Bearer",
    "access_token": "enjUSkoPnOhTFg ...",
    "expires_in": 4600000,
    "refresh_token": "eyhaFthjvTgf ..." 
}
然后我将访问令牌发送到路径::

但服务器返回登录页面html内容。

OBS:Controller方法具有anotation
@Secured('ROLE\u ADM')
,当我使用
@Secured('permitAll')

配置:
我发现了问题。我必须从“/auth/**”路径中删除传统的spring安全过滤器

这就解决了问题:

grails.plugin.springsecurity.filterChain.chainMap = [
    '/api/**': 'JOINED_FILTERS,-exceptionTranslationFilter,-authenticationProcessingFilter,-securityContextPersistenceFilter',
    '/**': 'JOINED_FILTERS,-restTokenValidationFilter,-restExceptionTranslationFilter',
    // add this line:            
    '/auth/**': 'JOINED_FILTERS,-exceptionTranslationFilter,-authenticationProcessingFilter,-securityContextPersistenceFilter,-rememberMeAuthenticationFilter'
]

{
    "Authorization": "Bearer enjUSkoPnOhTFg ..."
}

// Added by the Spring Security Core plugin:
grails.plugin.springsecurity.userLookup.userDomainClassName = 'com.test.domain.User'
grails.plugin.springsecurity.userLookup.authorityJoinClassName = 'com.test.domain.UserRole'
grails.plugin.springsecurity.authority.className = 'com.test.domain.Role'
grails.plugin.springsecurity.controllerAnnotations.staticRules = [
    '/':                ['permitAll'],
    '/index':           ['permitAll'],
    '/index.gsp':       ['permitAll'],
    '/assets/**':       ['permitAll'],
    '/**/js/**':        ['permitAll'],
    '/**/css/**':       ['permitAll'],
    '/**/images/**':    ['permitAll'],
    '/**/favicon.ico':  ['permitAll']
]

grails.plugin.springsecurity.filterChain.chainMap = [
    '/api/**': 'JOINED_FILTERS,-exceptionTranslationFilter,-authenticationProcessingFilter,-securityContextPersistenceFilter',
    '/**': 'JOINED_FILTERS,-restTokenValidationFilter,-restExceptionTranslationFilter'
]

grails.plugin.springsecurity.filterChain.chainMap = [
    '/api/**': 'JOINED_FILTERS,-exceptionTranslationFilter,-authenticationProcessingFilter,-securityContextPersistenceFilter',
    '/**': 'JOINED_FILTERS,-restTokenValidationFilter,-restExceptionTranslationFilter',
    // add this line:            
    '/auth/**': 'JOINED_FILTERS,-exceptionTranslationFilter,-authenticationProcessingFilter,-securityContextPersistenceFilter,-rememberMeAuthenticationFilter'
]