1. 首頁
  2. 問答
  3. Grails中的IllegalArgumentException,未能評估表達式'ADMIN'

Grails中的IllegalArgumentException,未能評估表達式'ADMIN'

2017-09-15 17 views
0

我在AdminController中的每個請求上都收到此錯誤。其他角色也會發生同樣的情況。我正在使用Grails 3.2.9。如果需要更多細節,請在下面評論。下面是角色類:Grails中的IllegalArgumentException,未能評估表達式'ADMIN'

@EqualsAndHashCode(includes='authority') 
@ToString(includes='authority', includeNames=true, includePackage=false) 
class Role implements Serializable { 

    private static final long serialVersionUID = 1 

    public static final String ROLE_SUPER_ADMIN = "SUPER_ADMIN" 
    public static final String ROLE_ADMIN = "ADMIN" 
    public static final String ROLE_COMPANY = "COMPANY" 
    public static final String ROLE_PILOT = "PILOT" 
    public static final String ROLE_MEMBER = "MEMBER" 

    String authority 

    Role(String authority) { 
     this() 
     this.authority = authority 
    } 

    static constraints = { 
     authority blank: false, unique: true 
    } 

    static mapping = { 
     cache true 
    } 
}

這裏是堆棧

2017年9月15日09:02:。59.701 ERROR --- [NIO-8080-EXEC-3] .accC [[[ [grailsDispatcherServlet]:Servlet.service()進行的servlet [grailsDispatcherServlet]與路徑方面[]拋出異常

java.lang.IllegalArgumentException: Failed to evaluate expression 'ADMIN' 
at org.springframework.security.access.expression.ExpressionUtils.evaluateAsBoolean(ExpressionUtils.java:30) 
at grails.plugin.springsecurity.web.access.expression.WebExpressionVoter.vote(WebExpressionVoter.groovy:57) 
at grails.plugin.springsecurity.web.access.expression.WebExpressionVoter.vote(WebExpressionVoter.groovy) 
at grails.plugin.springsecurity.access.vote.AuthenticatedVetoableDecisionManager.checkOtherVoters(AuthenticatedVetoableDecisionManager.groovy:90) 
at 
grails.plugin.springsecurity.web.filter.GrailsAnonymousAuthenticationFilter.doFilter(GrailsAnonymousAuthenticationFilter.groovy:53) 
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:331) 
at org.springframework.security.web.authentication.rememberme.RememberMeAuthenticationFilter.doFilter(RememberMeAuthenticationFilter.java:150) 
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:331) 
at org.springframework.security.web.servletapi.SecurityContextHolderAwareRequestFilter.doFilter(SecurityContextHolderAwareRequestFilter.java:169) 
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:331) 
at org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter.doFilter(AbstractAuthenticationProcessingFilter.java:200) 
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:331) 
at grails.plugin.springsecurity.web.authentication.logout.MutableLogoutFilter.doFilter(MutableLogoutFilter.groovy:62) 
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:331) 
at org.springframework.security.web.context.SecurityContextPersistenceFilter.doFilter(SecurityContextPersistenceFilter.java:105) 
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:331) 
at grails.plugin.springsecurity.web.SecurityRequestHolderFilter.doFilter(SecurityRequestHolderFilter.groovy:58) 
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:331) 
at org.springframework.security.web.FilterChainProxy.doFilterInternal(FilterChainProxy.java:214) 
at org.springframework.security.web.FilterChainProxy.doFilter(FilterChainProxy.java:177) 
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:192) 
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:165) 
Caused by: org.springframework.expression.spel.SpelEvaluationException: EL1008E: Property or field 'ADMIN' cannot be found on object of type 'org.springframework.security.web.access.expression.WebSecurityExpressionRoot' - maybe not public? 
at org.springframework.expression.spel.ast.PropertyOrFieldReference.readProperty(PropertyOrFieldReference.java:224) 
at org.springframework.expression.spel.ast.PropertyOrFieldReference.getValueInternal(PropertyOrFieldReference.java:94) 
at org.springframework.expression.spel.ast.PropertyOrFieldReference.getValueInternal(PropertyOrFieldReference.java:81) 
at org.springframework.expression.spel.ast.SpelNodeImpl.getTypedValue(SpelNodeImpl.java:131) 
at org.springframework.expression.spel.standard.SpelExpression.getValue(SpelExpression.java:299) 
at org.springframework.security.access.expression.ExpressionUtils.evaluateAsBoolean(ExpressionUtils.java:26) 
... 64 common frames omitted

來源

2017-09-15 Kyle Luke

+0

我認爲角色必須以ROLE_開頭 – Kloker

回答

1

最近發佈撞到Spring Security的罐子的版本4.0.x的這改變了方式角色名稱前綴被覆蓋。您的角色名稱不以「ROLE_」開頭,因此不會將其檢測爲角色。因此,他們被假定爲SpEL表達式,並且您看到未將'ADMIN'作爲表達式進行評估。

直接的解決方法是重命名所有角色名稱,使它們以「ROLE_」開頭,直到插件再次與Spring Security同步。

來源

2017-09-15 08:25:36

相關問題

 相關問題