1
我有一個使用spring安全的標準grails web應用程序,我想使用spring-security-rest插件(版本1.5.1)將它的一小部分作爲REST API公開。一切似乎都設置正確,但我所做的任何請求都會返回403錯誤,提示「insufficient_scope」。這在任何文檔中都沒有,所以我希望有人可以幫忙。這裏是我的設置使用Grails 2.4.4:使用Grails彈簧安全休息插件的insufficient_scope錯誤
Config.groovy中:
grails.plugin.springsecurity.filterChain.chainMap = [
'/api/**': 'JOINED_FILTERS,-exceptionTranslationFilter,-authenticationProcessingFilter,-securityContextPersistenceFilter,-rememberMeAuthenticationFilter', // Stateless chain
'/**': 'JOINED_FILTERS,-restTokenValidationFilter,-restExceptionTranslationFilter' // Traditional chain
]
grails.plugin.springsecurity.ui.register.defaultRoleNames = ['ROLE_USER']
grails.plugin.springsecurity.logout.postOnly = false
grails.plugin.springsecurity.userLookup.userDomainClassName = 'com.luncho.UserLuncho'
grails.plugin.springsecurity.userLookup.authorityJoinClassName = 'com.luncho.UserLunchoRole'
grails.plugin.springsecurity.authority.className = 'com.luncho.Role'
grails.plugin.springsecurity.controllerAnnotations.staticRules = [
'/': ['ROLE_USER'],
'/user/create': ['ROLE_ADMIN'],
'/register/*': ['permitAll'],
'/login/*': ['permitAll'],
'/logout/*': ['permitAll'],
'/index.gsp': ['permitAll'],
'/plugins/**': ['permitAll'],
'/assets/**': ['permitAll'],
'/**/js/**': ['permitAll'],
'/**/css/**': ['permitAll'],
'/**/images/**': ['permitAll'],
'/**/favicon.ico': ['permitAll'],
'/restaurant/**': ['ROLE_USER']
]
我可以驗證就好了,我也得到一個承載令牌。但是,下面的curl命令(以代替「my_token」真正的令牌)總是發送回一個insufficient_scope錯誤:
捲曲-i http://localhost:8080/lunchoweb/api/restaurant -H「授權:承載my_token」
另外值得一提的是,控制器方法包含在名爲RestaurantAPIController的Sperate控制器中。現在它是非常簡單的:
class RestaurantAPIController {
def getAllRestaurants() {
render Restaurant.findAll() as JSON
}
}
與URL映射:
// REST end points
"/api/restaurant" {
controller="restaurantAPI"
action = "getAllRestaurants"
}
是怎麼回事?
沒有看到日誌,我的選擇是什麼拉茲說。有關插件的更多問題,請確保您也發佈了調試輸出:http://alvarosanchez.github.io/grails-spring-security-rest/latest/docs/guide/debugging.html –
Ack!我知道它必須是那樣的簡單。謝謝您的幫助。 – user817851