1. 首頁
  2. 問答
  3. 春季安全其餘插件:身份驗證失敗,沒有找到的AuthenticationProvider

春季安全其餘插件:身份驗證失敗,沒有找到的AuthenticationProvider

2015-04-03 162 views
6

我試圖整合spring security rest plugin版本在我的Grails應用1.4.1,但面臨着一些問題,我做這樣的:春季安全其餘插件:身份驗證失敗,沒有找到的AuthenticationProvider

Config.groovy中的設置:

//login end point 
    grails.plugin.springsecurity.rest.login.active=true 
    grails.plugin.springsecurity.rest.login.endpointUrl='/api/login' 
    grails.plugin.springsecurity.rest.login.failureStatusCode='401' 

    //for memcached 
    grails.plugin.springsecurity.rest.token.storage.useMemcached=true 
    grails.plugin.springsecurity.rest.token.storage.memcached.hosts='localhost:11211' 
    grails.plugin.springsecurity.rest.token.storage.memcached.username='' 
    grails.plugin.springsecurity.rest.token.storage.memcached.password='' 
    grails.plugin.springsecurity.rest.token.storage.memcached.expiration=3600 

    //logout endpoint 
    grails.plugin.springsecurity.rest.logout.endpointUrl='/api/logout' 
    grails.plugin.springsecurity.rest.token.validation.headerName='X-Auth-Token' 

    //accept request params as map 
    grails.plugin.springsecurity.rest.login.useRequestParamsCredentials=true 
    grails.plugin.springsecurity.rest.login.usernamePropertyName='username' 
    grails.plugin.springsecurity.rest.login.passwordPropertyName='password' 


grails.plugin.springsecurity.filterChain.chainMap = [ 
     '/api/guest/**': 'anonymousAuthenticationFilter,restExceptionTranslationFilter,filterInvocationInterceptor', 
     '/api/**': 'JOINED_FILTERS,-exceptionTranslationFilter,-authenticationProcessingFilter,-securityContextPersistenceFilter,-rememberMeAuthenticationFilter', // Stateless chain 
     '/**': 'JOINED_FILTERS,-restTokenValidationFilter,-restExceptionTranslationFilter'                   // Traditional chain 
]

你可以從我使用Memcach設置見E對於令牌存儲,當我通過其他客戶端我401打網址api/login我能在這上面說身份驗證提供未發現

這裏的日誌是日誌:

2015-04-03 23:30:31,030 [http-bio-8080-exec-8] DEBUG matcher.AntPathRequestMatcher - Checking match of request : '/api/login'; against '/api/guest/**' 
2015-04-03 23:30:31,031 [http-bio-8080-exec-8] DEBUG matcher.AntPathRequestMatcher - Checking match of request : '/api/login'; against '/api/**' 
2015-04-03 23:30:31,031 [http-bio-8080-exec-8] DEBUG web.FilterChainProxy - /api/[email protected]&password=test456 at position 1 of 8 in additional filter chain; firing Filter: 'RestLogoutFilter' 
2015-04-03 23:30:31,031 [http-bio-8080-exec-8] DEBUG web.FilterChainProxy - /api/[email protected]&password=test456 at position 2 of 8 in additional filter chain; firing Filter: 'MutableLogoutFilter' 
2015-04-03 23:30:31,031 [http-bio-8080-exec-8] DEBUG web.FilterChainProxy - /api/[email protected]&password=test456 at position 3 of 8 in additional filter chain; firing Filter: 'RestAuthenticationFilter' 
2015-04-03 23:30:31,031 [http-bio-8080-exec-8] DEBUG rest.RestAuthenticationFilter - Actual URI is /api/login; endpoint URL is /api/login 
2015-04-03 23:30:31,031 [http-bio-8080-exec-8] DEBUG rest.RestAuthenticationFilter - Applying authentication filter to this request 
2015-04-03 23:30:31,031 [http-bio-8080-exec-8] DEBUG credentials.RequestParamsCredentialsExtractor - Extracted credentials from request params. Username: [email protected], password: [PROTECTED] 
2015-04-03 23:30:31,032 [http-bio-8080-exec-8] DEBUG credentials.RequestParamsCredentialsExtractor - pswrd: test456 
2015-04-03 23:30:31,032 [http-bio-8080-exec-8] DEBUG rest.RestAuthenticationFilter - Trying to authenticate the request: org.springframew[email protected]fdd5153a: Principal: [email protected]; Credentials: [PROTECTED]; Authenticated: false; Details: org.sprin[email protected]957e: RemoteIpAddress: 127.0.0.1; SessionId: null; Not granted any authorities 
2015-04-03 23:30:31,051 [http-bio-8080-exec-8] DEBUG rest.RestAuthenticationFilter - Authentication failed: No AuthenticationProvider found for org.springframework.security.authentication.UsernamePasswordAuthenticationToken 
2015-04-03 23:30:31,051 [http-bio-8080-exec-8] DEBUG rest.RestAuthenticationFailureHandler - Setting status code to 401 
2015-04-03 23:30:31,051 [http-bio-8080-exec-8] DEBUG rest.RestAuthenticationFilter - Not authenticated. Rest authentication token not generated.

我另一點是:如果我提出類似於localhost:8080/restspring/api/guest/controller/action的請求(對於未經過驗證的請求),是否需要在URL映射中爲此做一些輸入?我的應用程序使用自定義身份驗證提供程序。任何想法都會對我有所幫助,謝謝。

來源

2015-04-03 Abs

+0

什麼是你的Grails的版本? – Ramsharan 2015-04-06 02:13:19

+0

我正在使用grails版本2.4.3,如果您需要任何其他信息,請讓我知道,thanx。 – Abs 2015-04-06 05:57:12

+0

您是否在您的電腦上安裝了Memcached? http://alvarosanchez.github.io/grails-spring-security-rest/1.5.0.RC1/docs/guide/tokenStorage.html#memcached不要在401看你時,如果採取一些錯誤此代碼logIn(你在config中配置它)。最後一個,如果你錯過了這件事。 – Koloritnij 2015-04-07 12:38:59

回答

0

身份驗證提供未發現

的問題可以是你一直在支持返回false()身份驗證提供的方法。
參考:No AuthenticationProvider found for UsernamePasswordAuthenticationToken

如果我作出這樣 本地主機的請求:8080/restspring/API /客/控制器/動作( 非認證的要求)做我需要做的URL映射 一些入門爲了這?

是的,你需要在URL映射中做一些輸入。因爲默認URL映射爲:

"/$controller/$action?/$id?(.$format)?"{ 
      constraints { 
       // apply constraints here 
      } 
     }

這不能產生需要你的網址即localhost:8080/restspring/api/guest/controller/action

來源

2015-04-13 17:41:25 Ramsharan

 相關問題

  • 暫無相關問題^_^