1. 首页
  2. 问答
  3. Grails内联插件和Spring安全

Grails内联插件和Spring安全

2011-01-26 131 views
4

我通过使用插件将内嵌插件位置添加到BuildConfig.groovy中,将我的grails应用程序分解为模块。现在我有一个名为'admin'的grails应用程序和一个名为'common'的插件。Grails内联插件和Spring安全

'common'插件包含我所有的共享域对象,并且还安装了spring-security-core插件。据我了解,我还需要将'spring-security-core'插件安装到'admin'中,所以我已经做到了。

我在'common'上运行了s2-quickstart,它包含Config.groovy中用户和角色的域映射。当我运行该应用程序时,它会对安全内容进行适当的重定向(通过@Secured注释)。但是,当我尝试进行身份验证时,它仍在尝试查询Person而不是User。

我添加了从'common'Config.groovy到'admin'的域映射,现在查询可以工作,但是它找不到我添加到'common'中存在的用户域的附加属性,插入。

我失去了一些东西在这里?我宁愿不必将用户和角色放入“管理”应用程序中,因为我希望能够在也使用“常用”插件的其他应用程序中重用用户和角色。

更新:我意识到我有安装冲突的弹簧安全核心插件(复制和粘贴问题)。我解决了这个问题,它试图找到Person而不是User。然而,现在我得到以下堆栈跟踪

java.lang.NullPointerException: Cannot get property 'clazz' on null object 

at org.codehaus.groovy.runtime.NullObject.getProperty(NullObject.java:56) 

at org.codehaus.groovy.runtime.InvokerHelper.getProperty(InvokerHelper.java:156) 

at org.codehaus.groovy.runtime.callsite.NullCallSite.getProperty(NullCallSite.java:44) 

at org.codehaus.groovy.runtime.callsite.AbstractCallSite.callGetProperty(AbstractCallSite.java:235) 

at org.codehaus.groovy.grails.plugins.springsecurity.GormUserDetailsService.loadUser(GormUserDetailsService.groovy:80) 

at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) 

at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39) 

at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25) 

at java.lang.reflect.Method.invoke(Method.java:597) 

at org.codehaus.groovy.runtime.callsite.PogoMetaMethodSite$PogoCachedMethodSiteNoUnwrapNoCoerce.invoke(PogoMetaMethodSite.java:266) 

at org.codehaus.groovy.runtime.callsite.PogoMetaMethodSite.callCurrent(PogoMetaMethodSite.java:51) 

at org.codehaus.groovy.runtime.callsite.AbstractCallSite.callCurrent(AbstractCallSite.java:153) 

at org.codehaus.groovy.grails.plugins.springsecurity.GormUserDetailsService.loadUserFromSession(GormUserDetailsService.groovy:72) 

at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) 

at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39) 

at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25) 

at java.lang.reflect.Method.invoke(Method.java:597) 

at org.codehaus.groovy.reflection.CachedMethod.invoke(CachedMethod.java:88) 

at groovy.lang.MetaMethod.doMethodInvoke(MetaMethod.java:233) 

at groovy.lang.MetaClassImpl.invokeMethod(MetaClassImpl.java:1058) 

at groovy.lang.ExpandoMetaClass.invokeMethod(ExpandoMetaClass.java:1070) 

at groovy.lang.MetaClassImpl.invokeMethod(MetaClassImpl.java:886) 

at groovy.lang.MetaClassImpl.invokeMethod(MetaClassImpl.java:1003) 

at groovy.lang.ExpandoMetaClass.invokeMethod(ExpandoMetaClass.java:1070) 

at groovy.lang.MetaClassImpl.invokeMethod(MetaClassImpl.java:886) 

at org.codehaus.groovy.runtime.callsite.PogoMetaClassSite.callCurrent(PogoMetaClassSite.java:66) 

at org.codehaus.groovy.runtime.callsite.AbstractCallSite.callCurrent(AbstractCallSite.java:157) 

at org.codehaus.groovy.grails.plugins.springsecurity.GormUserDetailsService$_loadUserByUsername_closure1.doCall(GormUserDetailsService.groovy:57) 

at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) 

at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39) 

at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25) 

at java.lang.reflect.Method.invoke(Method.java:597) 

at org.codehaus.groovy.reflection.CachedMethod.invoke(CachedMethod.java:88) 

at groovy.lang.MetaMethod.doMethodInvoke(MetaMethod.java:233) 

at groovy.lang.MetaClassImpl.invokeMethod(MetaClassImpl.java:1058) 

at groovy.lang.ExpandoMetaClass.invokeMethod(ExpandoMetaClass.java:1070) 

at groovy.lang.MetaClassImpl.invokeMethod(MetaClassImpl.java:886) 

at groovy.lang.Closure.call(Closure.java:276) 

at org.codehaus.groovy.runtime.ConvertedClosure.invokeCustom(ConvertedClosure.java:51) 

at org.codehaus.groovy.runtime.ConversionHandler.invoke(ConversionHandler.java:79) 

at $Proxy17.doInTransaction(Unknown Source) 

at org.springframework.transaction.support.TransactionTemplate.execute(TransactionTemplate.java:130) 

at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) 

at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39) 

at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25) 

at java.lang.reflect.Method.invoke(Method.java:597) 

at org.codehaus.groovy.runtime.callsite.PojoMetaMethodSite$PojoCachedMethodSite.invoke(PojoMetaMethodSite.java:188) 

at org.codehaus.groovy.runtime.callsite.PojoMetaMethodSite.call(PojoMetaMethodSite.java:52) 

at org.codehaus.groovy.runtime.callsite.AbstractCallSite.call(AbstractCallSite.java:124) 

at org.codehaus.groovy.grails.plugins.springsecurity.GormUserDetailsService.loadUserByUsername(GormUserDetailsService.groovy:59) 

at org.codehaus.groovy.grails.plugins.springsecurity.GrailsUserDetailsService$loadUserByUsername.callCurrent(Unknown Source) 

at org.codehaus.groovy.grails.plugins.springsecurity.GormUserDetailsService.loadUserByUsername(GormUserDetailsService.groovy:68) 

at org.springframework.security.authentication.dao.DaoAuthenticationProvider.retrieveUser(DaoAuthenticationProvider.java:86) 

at org.springframework.security.authentication.dao.AbstractUserDetailsAuthenticationProvider.authenticate(AbstractUserDetailsAuthenticationProvider.java:129) 

at org.springframework.security.authentication.ProviderManager.doAuthentication(ProviderManager.java:130) 

at org.springframework.security.authentication.AbstractAuthenticationManager.authenticate(AbstractAuthenticationManager.java:48) 

at org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter.attemptAuthentication(UsernamePasswordAuthenticationFilter.java:97) 

at org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter.doFilter(AbstractAuthenticationProcessingFilter.java:199) 

at org.codehaus.groovy.grails.plugins.springsecurity.RequestHolderAuthenticationFilter.doFilter(RequestHolderAuthenticationFilter.java:40) 

at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:378) 

at org.codehaus.groovy.grails.plugins.springsecurity.MutableLogoutFilter.doFilter(MutableLogoutFilter.java:79) 

at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:378) 

at org.springframework.security.web.context.SecurityContextPersistenceFilter.doFilter(SecurityContextPersistenceFilter.java:79) 

at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:378) 

at org.springframework.security.web.FilterChainProxy.doFilter(FilterChainProxy.java:167) 

at org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:237) 

at org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:167) 

at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235) 

at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206) 

at org.codehaus.groovy.grails.web.servlet.filter.GrailsReloadServletFilter.doFilterInternal(GrailsReloadServletFilter.java:104) 

at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:76) 

at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235) 

at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206) 

at org.codehaus.groovy.grails.web.servlet.mvc.GrailsWebRequestFilter.doFilterInternal(GrailsWebRequestFilter.java:69) 

at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:76) 

at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235) 

at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206) 

at org.codehaus.groovy.grails.web.filters.HiddenHttpMethodFilter.doFilterInternal(HiddenHttpMethodFilter.java:65) 

at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:76) 

at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235) 

at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206) 

at org.springframework.web.filter.CharacterEncodingFilter.doFilterInternal(CharacterEncodingFilter.java:88) 

at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:76) 

at org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:237) 

at org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:167) 

at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235) 

at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206) 

at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:233) 

at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:191) 

at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:128) 

at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102) 

at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109) 

at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:293) 

at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:849) 

at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:583) 

at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:454) 

at java.lang.Thread.run(Thread.java:680)

来源

2011-01-26 Gregg

+0

将域映射添加到admin的Config.groovy解决了这个问题,但我不知道为什么我必须这样做。 – Gregg 2011-01-26 20:03:46

+1

插件的Config.groovy用于其本地开发,测试等,但未导出,因此应用程序的Config.groovy必须包含其中的设置。你可以在'common'插件中配置doWithApplicationContext中的东西,因为它会在任何认证尝试发生之前运行。 – 2011-01-26 20:20:25

+0

谢谢伯特。我会看看这种方法。顺便说一句,准备发布关于UI性能插件的问题。所以,请保持睁大眼睛。 :) – Gregg 2011-01-26 20:40:22

回答

5

因此,采取伯特的建议,我说在我的CommonGrailsPlugin.groovy以下..

def doWithApplicationContext = { applicationContext -> 
    SpringSecurityUtils.securityConfig.userLookup.userDomainClassName = 'com.wbr.common.security.User' 
    SpringSecurityUtils.securityConfig.userLookup.authorityJoinClassName = 'com.wbr.common.security.UserRole' 
    SpringSecurityUtils.securityConfig.authority.className = 'com.wbr.common.security.Role' 
}

这让我不必此配置复制到所有的依赖于这个插件的应用程序。而且由于这些应用程序不需要自定义此配置,所以它效果很好!谢谢Burt!

来源

2011-03-06 22:38:38 Gregg

0

这是发生了什么事。 为了灵活性,安全插件允许您在conf/Config.gs中定义您用于安全性的类。然后它通过执行动态加载该类

def User = AH.application.getDomainClass(SpringSecurityUtils.securityConfig.userLookup.userDomainClassName).clazz)

并使用User类。如果您更改了类名并且没有更改配置,则会出现此错误。

来源

2011-02-17 18:57:22 Dror

1

只要确保以下几行匹配您的包和域对象名称conf/Config.groovy。更改包和对象名称相应

// Added by the Spring Security Core plugin: 
grails.plugins.springsecurity.userLookup.userDomainClassName = 'THIS.IS.THE PACKAGE.Person' 
grails.plugins.springsecurity.userLookup.authorityJoinClassName = 'THIS.IS.THE.PACKAGE.PersonAuthority' 
grails.plugins.springsecurity.authority.className = 'THIS.IS.THE.PACKAGE.Authority'

来源

2011-03-06 04:26:28 Jon

相关问题

 相关问题