1. 首页
  2. 问答
  3. Grails中的IllegalArgumentException,未能评估表达式'ADMIN'

Grails中的IllegalArgumentException,未能评估表达式'ADMIN'

2017-09-15 59 views
0

我在AdminController中的每个请求上都收到此错误。其他角色也会发生同样的情况。我正在使用Grails 3.2.9。如果需要更多细节,请在下面评论。下面是角色类:Grails中的IllegalArgumentException,未能评估表达式'ADMIN'

@EqualsAndHashCode(includes='authority') 
@ToString(includes='authority', includeNames=true, includePackage=false) 
class Role implements Serializable { 

    private static final long serialVersionUID = 1 

    public static final String ROLE_SUPER_ADMIN = "SUPER_ADMIN" 
    public static final String ROLE_ADMIN = "ADMIN" 
    public static final String ROLE_COMPANY = "COMPANY" 
    public static final String ROLE_PILOT = "PILOT" 
    public static final String ROLE_MEMBER = "MEMBER" 

    String authority 

    Role(String authority) { 
     this() 
     this.authority = authority 
    } 

    static constraints = { 
     authority blank: false, unique: true 
    } 

    static mapping = { 
     cache true 
    } 
}

这里是堆栈

2017年9月15日09:02:。59.701 ERROR --- [NIO-8080-EXEC-3] .accC [[[ [grailsDispatcherServlet]:Servlet.service()进行的servlet [grailsDispatcherServlet]与路径方面[]抛出异常

java.lang.IllegalArgumentException: Failed to evaluate expression 'ADMIN' 
at org.springframework.security.access.expression.ExpressionUtils.evaluateAsBoolean(ExpressionUtils.java:30) 
at grails.plugin.springsecurity.web.access.expression.WebExpressionVoter.vote(WebExpressionVoter.groovy:57) 
at grails.plugin.springsecurity.web.access.expression.WebExpressionVoter.vote(WebExpressionVoter.groovy) 
at grails.plugin.springsecurity.access.vote.AuthenticatedVetoableDecisionManager.checkOtherVoters(AuthenticatedVetoableDecisionManager.groovy:90) 
at 
grails.plugin.springsecurity.web.filter.GrailsAnonymousAuthenticationFilter.doFilter(GrailsAnonymousAuthenticationFilter.groovy:53) 
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:331) 
at org.springframework.security.web.authentication.rememberme.RememberMeAuthenticationFilter.doFilter(RememberMeAuthenticationFilter.java:150) 
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:331) 
at org.springframework.security.web.servletapi.SecurityContextHolderAwareRequestFilter.doFilter(SecurityContextHolderAwareRequestFilter.java:169) 
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:331) 
at org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter.doFilter(AbstractAuthenticationProcessingFilter.java:200) 
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:331) 
at grails.plugin.springsecurity.web.authentication.logout.MutableLogoutFilter.doFilter(MutableLogoutFilter.groovy:62) 
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:331) 
at org.springframework.security.web.context.SecurityContextPersistenceFilter.doFilter(SecurityContextPersistenceFilter.java:105) 
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:331) 
at grails.plugin.springsecurity.web.SecurityRequestHolderFilter.doFilter(SecurityRequestHolderFilter.groovy:58) 
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:331) 
at org.springframework.security.web.FilterChainProxy.doFilterInternal(FilterChainProxy.java:214) 
at org.springframework.security.web.FilterChainProxy.doFilter(FilterChainProxy.java:177) 
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:192) 
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:165) 
Caused by: org.springframework.expression.spel.SpelEvaluationException: EL1008E: Property or field 'ADMIN' cannot be found on object of type 'org.springframework.security.web.access.expression.WebSecurityExpressionRoot' - maybe not public? 
at org.springframework.expression.spel.ast.PropertyOrFieldReference.readProperty(PropertyOrFieldReference.java:224) 
at org.springframework.expression.spel.ast.PropertyOrFieldReference.getValueInternal(PropertyOrFieldReference.java:94) 
at org.springframework.expression.spel.ast.PropertyOrFieldReference.getValueInternal(PropertyOrFieldReference.java:81) 
at org.springframework.expression.spel.ast.SpelNodeImpl.getTypedValue(SpelNodeImpl.java:131) 
at org.springframework.expression.spel.standard.SpelExpression.getValue(SpelExpression.java:299) 
at org.springframework.security.access.expression.ExpressionUtils.evaluateAsBoolean(ExpressionUtils.java:26) 
... 64 common frames omitted

来源

2017-09-15 Kyle Luke

+0

我认为角色必须以ROLE_开头 – Kloker

回答

1

最近发布撞到Spring Security的罐子的版本4.0.x的这改变了方式角色名称前缀被覆盖。您的角色名称不以“ROLE_”开头,因此不会将其检测为角色。因此,他们被假定为SpEL表达式,并且您看到未将'ADMIN'作为表达式进行评估。

直接的解决方法是重命名所有角色名称,使它们以“ROLE_”开头,直到插件再次与Spring Security同步。

来源

2017-09-15 08:25:36

相关问题

 相关问题