对用户域的自引用不允许用户在mongodb中使用spring安全性登录
我有一个用户域,它需要对其他用户(如父子关系)进行自我引用对用户域的自引用不允许用户在mongodb中使用spring安全性登录,mongodb,grails,spring-security,Mongodb,Grails,Spring Security,我有一个用户域,它需要对其他用户(如父子关系)进行自我引用 class User{ String username, password boolean enabled, accountExpired, accountLocked, passwordExpired static mapWith = "mongo" static constraints = { username blank: false, unique: true pa
class User{
String username, password
boolean enabled, accountExpired, accountLocked, passwordExpired
static mapWith = "mongo"
static constraints = {
username blank: false, unique: true
password blank: false
}
static belongsTo = [parentUser:User]
static hasMany = [childUser:User]
}
User parentUser = new User(username:paramList.username, password:paramList.password, enabled:true).save(flush:true);
User childUser = new User(username:paramList.username, password:paramList.password, enabled:true, parentUser:parentUser).save(flush:true);
User parentUser = new User(username:paramList.username, password:paramList.password, enabled:true).save(flush:true);
User childUser = new User(username:paramList.username, password:paramList.password, enabled:true, parentUser:parentUser).save(flush:true);
2014-04-29 14:06:30,978 [http-bio-8080-exec-6] DEBUG util.AntPathRequestMatcher - Request '/j_spring_security_check' matched by universal pattern '/**'
2014-04-29 14:06:30,978 [http-bio-8080-exec-6] DEBUG web.FilterChainProxy - /j_spring_security_check at position 1 of 9 in additional filter chain; firing Filter: 'SecurityContextPersistenceFilter'
2014-04-29 14:06:30,978 [http-bio-8080-exec-6] DEBUG context.HttpSessionSecurityContextRepository - HttpSession returned null object for SPRING_SECURITY_CONTEXT
2014-04-29 14:06:30,978 [http-bio-8080-exec-6] DEBUG context.HttpSessionSecurityContextRepository - No SecurityContext was available from the HttpSession: org.apache.catalina.session.StandardSessionFacade@3586d2aa. A new one will be created.
2014-04-29 14:06:30,978 [http-bio-8080-exec-6] DEBUG web.FilterChainProxy - /j_spring_security_check at position 2 of 9 in additional filter chain; firing Filter: 'MutableLogoutFilter'
2014-04-29 14:06:30,978 [http-bio-8080-exec-6] DEBUG web.FilterChainProxy - /j_spring_security_check at position 3 of 9 in additional filter chain; firing Filter: 'RequestHolderAuthenticationFilter'
2014-04-29 14:06:30,979 [http-bio-8080-exec-6] DEBUG authentication.ProviderManager - Authentication attempt using org.springframework.security.authentication.dao.DaoAuthenticationProvider
2014-04-29 14:06:31,766 [http-bio-8080-exec-6] DEBUG rememberme.TokenBasedRememberMeServices - Interactive login attempt was unsuccessful.
2014-04-29 14:06:31,767 [http-bio-8080-exec-6] DEBUG rememberme.TokenBasedRememberMeServices - Cancelling cookie
2014-04-29 14:06:31,767 [http-bio-8080-exec-6] DEBUG web.DefaultRedirectStrategy - Redirecting to '/login/authfail?login_error=1'
2014-04-29 14:06:31,767 [http-bio-8080-exec-6] DEBUG context.HttpSessionSecurityContextRepository - SecurityContext is empty or contents are anonymous - context will not be stored in HttpSession.
2014-04-29 14:06:31,767 [http-bio-8080-exec-6] DEBUG context.SecurityContextPersistenceFilter - SecurityContextHolder now cleared, as request processing completed
2014-04-29 14:06:31,784 [http-bio-8080-exec-12] DEBUG util.AntPathRequestMatcher - Request '/login/authfail' matched by universal pattern '/**'
2014-04-29 14:06:31,784 [http-bio-8080-exec-12] DEBUG web.FilterChainProxy - /login/authfail?login_error=1 at position 1 of 9 in additional filter chain; firing Filter: 'SecurityContextPersistenceFilter'
2014-04-29 14:06:31,784 [http-bio-8080-exec-12] DEBUG context.HttpSessionSecurityContextRepository - HttpSession returned null object for SPRING_SECURITY_CONTEXT
2014-04-29 14:06:31,784 [http-bio-8080-exec-12] DEBUG context.HttpSessionSecurityContextRepository - No SecurityContext was available from the HttpSession: org.apache.catalina.session.StandardSessionFacade@3586d2aa. A new one will be created.
2014-04-29 14:06:31,784 [http-bio-8080-exec-12] DEBUG web.FilterChainProxy - /login/authfail?login_error=1 at position 2 of 9 in additional filter chain; firing Filter: 'MutableLogoutFilter'
2014-04-29 14:06:31,784 [http-bio-8080-exec-12] DEBUG web.FilterChainProxy - /login/authfail?login_error=1 at position 3 of 9 in additional filter chain; firing Filter: 'RequestHolderAuthenticationFilter'
2014-04-29 14:06:31,784 [http-bio-8080-exec-12] DEBUG web.FilterChainProxy - /login/authfail?login_error=1 at position 4 of 9 in additional filter chain; firing Filter: 'SecurityContextHolderAwareRequestFilter'
2014-04-29 14:06:31,784 [http-bio-8080-exec-12] DEBUG web.FilterChainProxy - /login/authfail?login_error=1 at position 5 of 9 in additional filter chain; firing Filter: 'GrailsRememberMeAuthenticationFilter'
2014-04-29 14:06:31,784 [http-bio-8080-exec-12] DEBUG web.FilterChainProxy - /login/authfail?login_error=1 at position 6 of 9 in additional filter chain; firing Filter: 'GrailsAnonymousAuthenticationFilter'
2014-04-29 14:06:31,784 [http-bio-8080-exec-12] DEBUG web.FilterChainProxy - /login/authfail?login_error=1 at position 7 of 9 in additional filter chain; firing Filter: 'ExceptionTranslationFilter'
2014-04-29 14:06:31,784 [http-bio-8080-exec-12] DEBUG web.FilterChainProxy - /login/authfail?login_error=1 at position 8 of 9 in additional filter chain; firing Filter: 'FilterSecurityInterceptor'
2014-04-29 14:06:31,787 [http-bio-8080-exec-12] DEBUG intercept.FilterSecurityInterceptor - Secure object: FilterInvocation: URL: /login/authfail?login_error=1; Attributes: [permitAll]
2014-04-29 14:06:31,788 [http-bio-8080-exec-12] DEBUG intercept.FilterSecurityInterceptor - Previously Authenticated: grails.plugin.springsecurity.authentication.GrailsAnonymousAuthenticationToken@f23a7304: Principal: org.springframework.security.core.userdetails.User@dc730200: Username: __grails.anonymous.user__; Password: [PROTECTED]; Enabled: false; AccountNonExpired: false; credentialsNonExpired: false; AccountNonLocked: false; Granted Authorities: ROLE_ANONYMOUS; Credentials: [PROTECTED]; Authenticated: true; Details: org.springframework.security.web.authentication.WebAuthenticationDetails@fffed504: RemoteIpAddress: 127.0.0.1; SessionId: E1A2091E27738124B8C0C27AE339EBB6; Granted Authorities: ROLE_ANONYMOUS
2014-04-29 14:06:31,788 [http-bio-8080-exec-12] DEBUG hierarchicalroles.RoleHierarchyImpl - getReachableGrantedAuthorities() - From the roles [ROLE_ANONYMOUS] one can reach [ROLE_ANONYMOUS] in zero or more steps.
2014-04-29 14:06:31,788 [http-bio-8080-exec-12] DEBUG intercept.FilterSecurityInterceptor - Authorization successful
2014-04-29 14:06:31,788 [http-bio-8080-exec-12] DEBUG intercept.FilterSecurityInterceptor - RunAsManager did not change Authentication object
2014-04-29 14:06:31,788 [http-bio-8080-exec-12] DEBUG web.FilterChainProxy - /login/authfail?login_error=1 at position 9 of 9 in additional filter chain; firing Filter: 'SwitchUserFilter'
2014-04-29 14:06:31,789 [http-bio-8080-exec-12] DEBUG web.FilterChainProxy - /login/authfail?login_error=1 reached end of additional filter chain; proceeding with original chain
2014-04-29 14:06:31,793 [http-bio-8080-exec-12] DEBUG access.ExceptionTranslationFilter - Chain processed normally
2014-04-29 14:06:31,795 [http-bio-8080-exec-12] DEBUG context.HttpSessionSecurityContextRepository - SecurityContext is empty or contents are anonymous - context will not be stored in HttpSession.
2014-04-29 14:06:31,796 [http-bio-8080-exec-12] DEBUG context.SecurityContextPersistenceFilter - SecurityContextHolder now cleared, as request processing completed
2014-04-29 14:06:31,806 [http-bio-8080-exec-12] DEBUG util.AntPathRequestMatcher - Request '/login/auth' matched by universal pattern '/**'
2014-04-29 14:06:31,806 [http-bio-8080-exec-12] DEBUG web.FilterChainProxy - /login/auth?login_error=1&format= at position 1 of 9 in additional filter chain; firing Filter: 'SecurityContextPersistenceFilter'
2014-04-29 14:06:31,807 [http-bio-8080-exec-12] DEBUG context.HttpSessionSecurityContextRepository - HttpSession returned null object for SPRING_SECURITY_CONTEXT
2014-04-29 14:06:31,807 [http-bio-8080-exec-12] DEBUG context.HttpSessionSecurityContextRepository - No SecurityContext was available from the HttpSession: org.apache.catalina.session.StandardSessionFacade@3586d2aa. A new one will be created.
2014-04-29 14:06:31,807 [http-bio-8080-exec-12] DEBUG web.FilterChainProxy - /login/auth?login_error=1&format= at position 2 of 9 in additional filter chain; firing Filter: 'MutableLogoutFilter'
2014-04-29 14:06:31,808 [http-bio-8080-exec-12] DEBUG web.FilterChainProxy - /login/auth?login_error=1&format= at position 3 of 9 in additional filter chain; firing Filter: 'RequestHolderAuthenticationFilter'
2014-04-29 14:06:31,808 [http-bio-8080-exec-12] DEBUG web.FilterChainProxy - /login/auth?login_error=1&format= at position 4 of 9 in additional filter chain; firing Filter: 'SecurityContextHolderAwareRequestFilter'
2014-04-29 14:06:31,808 [http-bio-8080-exec-12] DEBUG web.FilterChainProxy - /login/auth?login_error=1&format= at position 5 of 9 in additional filter chain; firing Filter: 'GrailsRememberMeAuthenticationFilter'
2014-04-29 14:06:31,809 [http-bio-8080-exec-12] DEBUG web.FilterChainProxy - /login/auth?login_error=1&format= at position 6 of 9 in additional filter chain; firing Filter: 'GrailsAnonymousAuthenticationFilter'
2014-04-29 14:06:31,809 [http-bio-8080-exec-12] DEBUG web.FilterChainProxy - /login/auth?login_error=1&format= at position 7 of 9 in additional filter chain; firing Filter: 'ExceptionTranslationFilter'
2014-04-29 14:06:31,809 [http-bio-8080-exec-12] DEBUG web.FilterChainProxy - /login/auth?login_error=1&format= at position 8 of 9 in additional filter chain; firing Filter: 'FilterSecurityInterceptor'
2014-04-29 14:06:31,810 [http-bio-8080-exec-12] DEBUG intercept.FilterSecurityInterceptor - Secure object: FilterInvocation: URL: /login/auth?login_error=1&format=; Attributes: [permitAll]
2014-04-29 14:06:31,811 [http-bio-8080-exec-12] DEBUG intercept.FilterSecurityInterceptor - Previously Authenticated: grails.plugin.springsecurity.authentication.GrailsAnonymousAuthenticationToken@f23a7304: Principal: org.springframework.security.core.userdetails.User@dc730200: Username: __grails.anonymous.user__; Password: [PROTECTED]; Enabled: false; AccountNonExpired: false; credentialsNonExpired: false; AccountNonLocked: false; Granted Authorities: ROLE_ANONYMOUS; Credentials: [PROTECTED]; Authenticated: true; Details: org.springframework.security.web.authentication.WebAuthenticationDetails@fffed504: RemoteIpAddress: 127.0.0.1; SessionId: E1A2091E27738124B8C0C27AE339EBB6; Granted Authorities: ROLE_ANONYMOUS
2014-04-29 14:06:31,811 [http-bio-8080-exec-12] DEBUG hierarchicalroles.RoleHierarchyImpl - getReachableGrantedAuthorities() - From the roles [ROLE_ANONYMOUS] one can reach [ROLE_ANONYMOUS] in zero or more steps.
2014-04-29 14:06:31,811 [http-bio-8080-exec-12] DEBUG intercept.FilterSecurityInterceptor - Authorization successful
2014-04-29 14:06:31,812 [http-bio-8080-exec-12] DEBUG intercept.FilterSecurityInterceptor - RunAsManager did not change Authentication object
2014-04-29 14:06:31,812 [http-bio-8080-exec-12] DEBUG web.FilterChainProxy - /login/auth?login_error=1&format= at position 9 of 9 in additional filter chain; firing Filter: 'SwitchUserFilter'
2014-04-29 14:06:31,812 [http-bio-8080-exec-12] DEBUG web.FilterChainProxy - /login/auth?login_error=1&format= reached end of additional filter chain; proceeding with original chain
2014-04-29 14:06:32,002 [http-bio-8080-exec-12] DEBUG context.HttpSessionSecurityContextRepository - SecurityContext is empty or contents are anonymous - context will not be stored in HttpSession.
2014-04-29 14:06:32,003 [http-bio-8080-exec-12] DEBUG access.ExceptionTranslationFilter - Chain processed normally
2014-04-29 14:06:32,003 [http-bio-8080-exec-12] DEBUG context.SecurityContextPersistenceFilter - SecurityContextHolder now cleared, as request processing completed
2014-04-29 14:06:32,032 [http-bio-8080-exec-11] DEBUG util.AntPathRequestMatcher - Request '/user/current.json' matched by universal pattern '/**'
2014-04-29 14:06:32,032 [http-bio-8080-exec-11] DEBUG web.FilterChainProxy - /user/current.json at position 1 of 9 in additional filter chain; firing Filter: 'SecurityContextPersistenceFilter'
2014-04-29 14:06:32,032 [http-bio-8080-exec-11] DEBUG context.HttpSessionSecurityContextRepository - HttpSession returned null object for SPRING_SECURITY_CONTEXT
2014-04-29 14:06:32,032 [http-bio-8080-exec-11] DEBUG context.HttpSessionSecurityContextRepository - No SecurityContext was available from the HttpSession: org.apache.catalina.session.StandardSessionFacade@3586d2aa. A new one will be created.
2014-04-29 14:06:32,032 [http-bio-8080-exec-11] DEBUG web.FilterChainProxy - /user/current.json at position 2 of 9 in additional filter chain; firing Filter: 'MutableLogoutFilter'
2014-04-29 14:06:32,032 [http-bio-8080-exec-11] DEBUG web.FilterChainProxy - /user/current.json at position 3 of 9 in additional filter chain; firing Filter: 'RequestHolderAuthenticationFilter'
2014-04-29 14:06:32,032 [http-bio-8080-exec-11] DEBUG web.FilterChainProxy - /user/current.json at position 4 of 9 in additional filter chain; firing Filter: 'SecurityContextHolderAwareRequestFilter'
2014-04-29 14:06:32,032 [http-bio-8080-exec-11] DEBUG web.FilterChainProxy - /user/current.json at position 5 of 9 in additional filter chain; firing Filter: 'GrailsRememberMeAuthenticationFilter'
2014-04-29 14:06:32,032 [http-bio-8080-exec-11] DEBUG web.FilterChainProxy - /user/current.json at position 6 of 9 in additional filter chain; firing Filter: 'GrailsAnonymousAuthenticationFilter'
2014-04-29 14:06:32,032 [http-bio-8080-exec-11] DEBUG web.FilterChainProxy - /user/current.json at position 7 of 9 in additional filter chain; firing Filter: 'ExceptionTranslationFilter'
2014-04-29 14:06:32,032 [http-bio-8080-exec-11] DEBUG web.FilterChainProxy - /user/current.json at position 8 of 9 in additional filter chain; firing Filter: 'FilterSecurityInterceptor'
2014-04-29 14:06:32,034 [http-bio-8080-exec-11] DEBUG intercept.FilterSecurityInterceptor - Secure object: FilterInvocation: URL: /user/current.json; Attributes: [permitAll]
2014-04-29 14:06:32,034 [http-bio-8080-exec-11] DEBUG intercept.FilterSecurityInterceptor - Previously Authenticated: grails.plugin.springsecurity.authentication.GrailsAnonymousAuthenticationToken@f23a7304: Principal: org.springframework.security.core.userdetails.User@dc730200: Username: __grails.anonymous.user__; Password: [PROTECTED]; Enabled: false; AccountNonExpired: false; credentialsNonExpired: false; AccountNonLocked: false; Granted Authorities: ROLE_ANONYMOUS; Credentials: [PROTECTED]; Authenticated: true; Details: org.springframework.security.web.authentication.WebAuthenticationDetails@fffed504: RemoteIpAddress: 127.0.0.1; SessionId: E1A2091E27738124B8C0C27AE339EBB6; Granted Authorities: ROLE_ANONYMOUS
2014-04-29 14:06:32,034 [http-bio-8080-exec-11] DEBUG hierarchicalroles.RoleHierarchyImpl - getReachableGrantedAuthorities() - From the roles [ROLE_ANONYMOUS] one can reach [ROLE_ANONYMOUS] in zero or more steps.
2014-04-29 14:06:32,034 [http-bio-8080-exec-11] DEBUG intercept.FilterSecurityInterceptor - Authorization successful
2014-04-29 14:06:32,035 [http-bio-8080-exec-11] DEBUG intercept.FilterSecurityInterceptor - RunAsManager did not change Authentication object
2014-04-29 14:06:32,035 [http-bio-8080-exec-11] DEBUG web.FilterChainProxy - /user/current.json at position 9 of 9 in additional filter chain; firing Filter: 'SwitchUserFilter'
2014-04-29 14:06:32,035 [http-bio-8080-exec-11] DEBUG web.FilterChainProxy - /user/current.json reached end of additional filter chain; proceeding with original chain
2014-04-29 14:06:32,036 [http-bio-8080-exec-11] DEBUG manage.UserController - params for getUser : [id:current, action:[POST:updateUser, GET:getUser, PUT:enableDisableUser, DELETE:deleteUser], controller:user, format:json]
2014-04-29 14:06:32,055 [http-bio-8080-exec-11] DEBUG context.HttpSessionSecurityContextRepository - SecurityContext is empty or contents are anonymous - context will not be stored in HttpSession.
2014-04-29 14:06:32,057 [http-bio-8080-exec-11] DEBUG access.ExceptionTranslationFilter - Chain processed normally
2014-04-29 14:06:32,057 [http-bio-8080-exec-11] DEBUG context.SecurityContextPersistenceFilter - SecurityContextHolder now cleared, as request processing completed
当您与子用户一起登录时,您是否有任何堆栈跟踪信息?LalitAgarwal无法在注释中添加堆栈跟踪信息,因此我已编辑了该问题。