Grails 3:Spring Security Rest返回登錄頁面
[英]Grails 3: Spring Security Rest returns Login Page
問題描述
我正在使用一個Grails 3.1.9應用程序,並且無法通過傳遞承載令牌來訪問我的安全方法。 缺少什么?
問題:
登錄請求(路徑: http:// localhost:8080 / api / login ):
{
"username": "adm",
"password": "123"
}
登錄響應:
{
"username": "adm",
"roles": [
"ROLE_ADM"
],
"token_type": "Bearer",
"access_token": "enjUSkoPnOhTFg ...",
"expires_in": 4600000,
"refresh_token": "eyhaFthjvTgf ..."
}
然后,我將access_token發送到路徑: http:// localhost:8080 / api / test :
{
"Authorization": "Bearer enjUSkoPnOhTFg ..."
}
!!!!! 但是服務器返回登錄頁面的html內容。 !!!!!
OBS:Controller方法的注釋為@Secured('ROLE_ADM') ,當我使用@Secured('permitAll')時可以使用
組態:
// Added by the Spring Security Core plugin:
grails.plugin.springsecurity.userLookup.userDomainClassName = 'com.test.domain.User'
grails.plugin.springsecurity.userLookup.authorityJoinClassName = 'com.test.domain.UserRole'
grails.plugin.springsecurity.authority.className = 'com.test.domain.Role'
grails.plugin.springsecurity.controllerAnnotations.staticRules = [
'/': ['permitAll'],
'/index': ['permitAll'],
'/index.gsp': ['permitAll'],
'/assets/**': ['permitAll'],
'/**/js/**': ['permitAll'],
'/**/css/**': ['permitAll'],
'/**/images/**': ['permitAll'],
'/**/favicon.ico': ['permitAll']
]
grails.plugin.springsecurity.filterChain.chainMap = [
'/api/**': 'JOINED_FILTERS,-exceptionTranslationFilter,-authenticationProcessingFilter,-securityContextPersistenceFilter',
'/**': 'JOINED_FILTERS,-restTokenValidationFilter,-restExceptionTranslationFilter'
]
1 個解決方案
解決方案1
0 已采納 2019-09-18 14:32:49
我發現了問題。 我不得不從“ / auth / **”路徑中刪除傳統的spring安全過濾器。
所以這解決了問題:
grails.plugin.springsecurity.filterChain.chainMap = [
'/api/**': 'JOINED_FILTERS,-exceptionTranslationFilter,-authenticationProcessingFilter,-securityContextPersistenceFilter',
'/**': 'JOINED_FILTERS,-restTokenValidationFilter,-restExceptionTranslationFilter',
// add this line:
'/auth/**': 'JOINED_FILTERS,-exceptionTranslationFilter,-authenticationProcessingFilter,-securityContextPersistenceFilter,-rememberMeAuthenticationFilter'
]
用Grails中的Spring-Security-Rest插件攔截登錄呼叫
[英]Intercepting login calls with Spring-Security-Rest plugin in Grails
Grails 3-迅速地記錄Spring Security Rest的登錄API
[英]Grails 3 - documenting spring security rest's login api in swagger
如何自定義Grails Spring Security REST登錄響應HTTP代碼
[英]How to customize Grails Spring Security REST login response HTTP code
聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.
相關問題
Grails + Spring Security Rest +如何登錄
Grails 3,登錄后的Spring Security Rest用戶名
更改grails中spring security plugin的登錄頁面
Grails中的Spring Security重定向到HTTP登錄頁面
HTML登錄頁面在Grails Spring安全性中
grails spring安全性登錄頁面顯示
用Grails中的Spring-Security-Rest插件攔截登錄呼叫
Grails 3-迅速地記錄Spring Security Rest的登錄API
grails spring安全性休息/ api / login 401未經授權
如何自定義Grails Spring Security REST登錄響應HTTP代碼
相關標簽