1. 首頁
  2. 問答
  3. Grails內聯插件和Spring安全

Grails內聯插件和Spring安全

2011-01-26 63 views
4

我通過使用插件將內嵌插件位置添加到BuildConfig.groovy中,將我的grails應用程序分解爲模塊。現在我有一個名爲'admin'的grails應用程序和一個名爲'common'的插件。Grails內聯插件和Spring安全

'common'插件包含我所有的共享域對象,並且還安裝了spring-security-core插件。據我瞭解,我還需要將'spring-security-core'插件安裝到'admin'中,所以我已經做到了。

我在'common'上運行了s2-quickstart,它包含Config.groovy中用戶和角色的域映射。當我運行該應用程序時,它會對安全內容進行適當的重定向(通過@Secured註釋)。但是,當我嘗試進行身份驗證時,它仍在嘗試查詢Person而不是User。

我添加了從'common'Config.groovy到'admin'的域映射,現在查詢可以工作,但是它找不到我添加到'common'中存在的用戶域的附加屬性,插入。

我失去了一些東西在這裏?我寧願不必將用戶和角色放入「管理」應用程序中,因爲我希望能夠在也使用「常用」插件的其他應用程序中重用用戶和角色。

更新:我意識到我有安裝衝突的彈簧安全核心插件(複製和粘貼問題)。我解決了這個問題,它試圖找到Person而不是User。然而,現在我得到以下堆棧跟蹤

java.lang.NullPointerException: Cannot get property 'clazz' on null object 

at org.codehaus.groovy.runtime.NullObject.getProperty(NullObject.java:56) 

at org.codehaus.groovy.runtime.InvokerHelper.getProperty(InvokerHelper.java:156) 

at org.codehaus.groovy.runtime.callsite.NullCallSite.getProperty(NullCallSite.java:44) 

at org.codehaus.groovy.runtime.callsite.AbstractCallSite.callGetProperty(AbstractCallSite.java:235) 

at org.codehaus.groovy.grails.plugins.springsecurity.GormUserDetailsService.loadUser(GormUserDetailsService.groovy:80) 

at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) 

at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39) 

at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25) 

at java.lang.reflect.Method.invoke(Method.java:597) 

at org.codehaus.groovy.runtime.callsite.PogoMetaMethodSite$PogoCachedMethodSiteNoUnwrapNoCoerce.invoke(PogoMetaMethodSite.java:266) 

at org.codehaus.groovy.runtime.callsite.PogoMetaMethodSite.callCurrent(PogoMetaMethodSite.java:51) 

at org.codehaus.groovy.runtime.callsite.AbstractCallSite.callCurrent(AbstractCallSite.java:153) 

at org.codehaus.groovy.grails.plugins.springsecurity.GormUserDetailsService.loadUserFromSession(GormUserDetailsService.groovy:72) 

at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) 

at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39) 

at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25) 

at java.lang.reflect.Method.invoke(Method.java:597) 

at org.codehaus.groovy.reflection.CachedMethod.invoke(CachedMethod.java:88) 

at groovy.lang.MetaMethod.doMethodInvoke(MetaMethod.java:233) 

at groovy.lang.MetaClassImpl.invokeMethod(MetaClassImpl.java:1058) 

at groovy.lang.ExpandoMetaClass.invokeMethod(ExpandoMetaClass.java:1070) 

at groovy.lang.MetaClassImpl.invokeMethod(MetaClassImpl.java:886) 

at groovy.lang.MetaClassImpl.invokeMethod(MetaClassImpl.java:1003) 

at groovy.lang.ExpandoMetaClass.invokeMethod(ExpandoMetaClass.java:1070) 

at groovy.lang.MetaClassImpl.invokeMethod(MetaClassImpl.java:886) 

at org.codehaus.groovy.runtime.callsite.PogoMetaClassSite.callCurrent(PogoMetaClassSite.java:66) 

at org.codehaus.groovy.runtime.callsite.AbstractCallSite.callCurrent(AbstractCallSite.java:157) 

at org.codehaus.groovy.grails.plugins.springsecurity.GormUserDetailsService$_loadUserByUsername_closure1.doCall(GormUserDetailsService.groovy:57) 

at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) 

at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39) 

at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25) 

at java.lang.reflect.Method.invoke(Method.java:597) 

at org.codehaus.groovy.reflection.CachedMethod.invoke(CachedMethod.java:88) 

at groovy.lang.MetaMethod.doMethodInvoke(MetaMethod.java:233) 

at groovy.lang.MetaClassImpl.invokeMethod(MetaClassImpl.java:1058) 

at groovy.lang.ExpandoMetaClass.invokeMethod(ExpandoMetaClass.java:1070) 

at groovy.lang.MetaClassImpl.invokeMethod(MetaClassImpl.java:886) 

at groovy.lang.Closure.call(Closure.java:276) 

at org.codehaus.groovy.runtime.ConvertedClosure.invokeCustom(ConvertedClosure.java:51) 

at org.codehaus.groovy.runtime.ConversionHandler.invoke(ConversionHandler.java:79) 

at $Proxy17.doInTransaction(Unknown Source) 

at org.springframework.transaction.support.TransactionTemplate.execute(TransactionTemplate.java:130) 

at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) 

at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39) 

at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25) 

at java.lang.reflect.Method.invoke(Method.java:597) 

at org.codehaus.groovy.runtime.callsite.PojoMetaMethodSite$PojoCachedMethodSite.invoke(PojoMetaMethodSite.java:188) 

at org.codehaus.groovy.runtime.callsite.PojoMetaMethodSite.call(PojoMetaMethodSite.java:52) 

at org.codehaus.groovy.runtime.callsite.AbstractCallSite.call(AbstractCallSite.java:124) 

at org.codehaus.groovy.grails.plugins.springsecurity.GormUserDetailsService.loadUserByUsername(GormUserDetailsService.groovy:59) 

at org.codehaus.groovy.grails.plugins.springsecurity.GrailsUserDetailsService$loadUserByUsername.callCurrent(Unknown Source) 

at org.codehaus.groovy.grails.plugins.springsecurity.GormUserDetailsService.loadUserByUsername(GormUserDetailsService.groovy:68) 

at org.springframework.security.authentication.dao.DaoAuthenticationProvider.retrieveUser(DaoAuthenticationProvider.java:86) 

at org.springframework.security.authentication.dao.AbstractUserDetailsAuthenticationProvider.authenticate(AbstractUserDetailsAuthenticationProvider.java:129) 

at org.springframework.security.authentication.ProviderManager.doAuthentication(ProviderManager.java:130) 

at org.springframework.security.authentication.AbstractAuthenticationManager.authenticate(AbstractAuthenticationManager.java:48) 

at org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter.attemptAuthentication(UsernamePasswordAuthenticationFilter.java:97) 

at org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter.doFilter(AbstractAuthenticationProcessingFilter.java:199) 

at org.codehaus.groovy.grails.plugins.springsecurity.RequestHolderAuthenticationFilter.doFilter(RequestHolderAuthenticationFilter.java:40) 

at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:378) 

at org.codehaus.groovy.grails.plugins.springsecurity.MutableLogoutFilter.doFilter(MutableLogoutFilter.java:79) 

at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:378) 

at org.springframework.security.web.context.SecurityContextPersistenceFilter.doFilter(SecurityContextPersistenceFilter.java:79) 

at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:378) 

at org.springframework.security.web.FilterChainProxy.doFilter(FilterChainProxy.java:167) 

at org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:237) 

at org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:167) 

at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235) 

at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206) 

at org.codehaus.groovy.grails.web.servlet.filter.GrailsReloadServletFilter.doFilterInternal(GrailsReloadServletFilter.java:104) 

at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:76) 

at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235) 

at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206) 

at org.codehaus.groovy.grails.web.servlet.mvc.GrailsWebRequestFilter.doFilterInternal(GrailsWebRequestFilter.java:69) 

at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:76) 

at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235) 

at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206) 

at org.codehaus.groovy.grails.web.filters.HiddenHttpMethodFilter.doFilterInternal(HiddenHttpMethodFilter.java:65) 

at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:76) 

at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235) 

at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206) 

at org.springframework.web.filter.CharacterEncodingFilter.doFilterInternal(CharacterEncodingFilter.java:88) 

at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:76) 

at org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:237) 

at org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:167) 

at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235) 

at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206) 

at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:233) 

at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:191) 

at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:128) 

at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102) 

at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109) 

at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:293) 

at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:849) 

at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:583) 

at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:454) 

at java.lang.Thread.run(Thread.java:680)

來源

2011-01-26 Gregg

+0

將域映射添加到admin的Config.groovy解決了這個問題,但我不知道爲什麼我必須這樣做。 – Gregg 2011-01-26 20:03:46

+1

插件的Config.groovy用於其本地開發,測試等,但未導出,因此應用程序的Config.groovy必須包含其中的設置。你可以在'common'插件中配置doWithApplicationContext中的東西,因爲它會在任何認證嘗試發生之前運行。 – 2011-01-26 20:20:25

+0

謝謝伯特。我會看看這種方法。順便說一句,準備發佈關於UI性能插件的問題。所以,請保持睜大眼睛。 :) – Gregg 2011-01-26 20:40:22

回答

5

因此,採取伯特的建議,我說在我的CommonGrailsPlugin.groovy以下..

def doWithApplicationContext = { applicationContext -> 
    SpringSecurityUtils.securityConfig.userLookup.userDomainClassName = 'com.wbr.common.security.User' 
    SpringSecurityUtils.securityConfig.userLookup.authorityJoinClassName = 'com.wbr.common.security.UserRole' 
    SpringSecurityUtils.securityConfig.authority.className = 'com.wbr.common.security.Role' 
}

這讓我不必此配置複製到所有的依賴於這個插件的應用程序。而且由於這些應用程序不需要自定義此配置,所以它效果很好!謝謝Burt!

來源

2011-03-06 22:38:38 Gregg

0

這是發生了什麼事。 爲了靈活性,安全插件允許您在conf/Config.gs中定義您用於安全性的類。然後它通過執行動態加載該類

def User = AH.application.getDomainClass(SpringSecurityUtils.securityConfig.userLookup.userDomainClassName).clazz)

並使用User類。如果您更改了類名並且沒有更改配置,則會出現此錯誤。

來源

2011-02-17 18:57:22 Dror

1

只要確保以下幾行匹配您的包和域對象名稱conf/Config.groovy。更改包和對象名稱相應

// Added by the Spring Security Core plugin: 
grails.plugins.springsecurity.userLookup.userDomainClassName = 'THIS.IS.THE PACKAGE.Person' 
grails.plugins.springsecurity.userLookup.authorityJoinClassName = 'THIS.IS.THE.PACKAGE.PersonAuthority' 
grails.plugins.springsecurity.authority.className = 'THIS.IS.THE.PACKAGE.Authority'

來源

2011-03-06 04:26:28 Jon

相關問題

 相關問題