rest - Grails Spring Security REST 插件 - token 存储失败

Question

我正在使用 Spring Security REST 插件设置 Grails 项目，但遇到了一些麻烦。当我使用有效的用户名和密码向 /api/login 发出以下请求时

Accept: application/json
Content-Type: application/json

{
    "username": "validuser",
    "password": "validpassword"
}

我遇到以下异常

Error 2014-08-09 11:30:04,839 [http-bio-8080-exec-6] ERROR [/myphotoid-api].[default]  - Servlet.service() for servlet [default] in context with path [/myphotoid-api] threw exception
Message: java.lang.Class cannot be cast to java.lang.String
Line | Method
->>   38 | storeToken in com.odobo.grails.plugin.springsecurity.rest.token.storage.GormTokenStorageService
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - 
|     97 | doFilter   in com.odobo.grails.plugin.springsecurity.rest.RestAuthenticationFilter
|     82 | doFilter . in grails.plugin.springsecurity.web.authentication.logout.MutableLogoutFilter
|     63 | doFilter   in com.odobo.grails.plugin.springsecurity.rest.RestLogoutFilter
|     82 | doFilter . in com.brandseye.cors.CorsFilter
|   1145 | runWorker  in java.util.concurrent.ThreadPoolExecutor
|    615 | run . . .  in java.util.concurrent.ThreadPoolExecutor$Worker
^    745 | run        in java.lang.Thread

然后我的客户端收到一个 302 到 /login/auth，这是常规的有状态登录页面。 :(

但是，如果我使用无效的用户名和密码向 /api/login 发出以下请求

Accept: application/json
Content-Type: application/json

{
    "username": "validuser",
    "password": "badpassword"
}

我得到了 401，我想这正是我所期望的。

这是我的 Config.groovy 中的有效部分

// Added by the Spring Security Core plugin:
grails.plugin.springsecurity.userLookup.userDomainClassName = 'com.campuscardtools.myphotoid.Person'
grails.plugin.springsecurity.userLookup.authorityJoinClassName = 'com.campuscardtools.myphotoid.PersonRole'
grails.plugin.springsecurity.authority.className = 'com.campuscardtools.myphotoid.Role'
grails.plugin.springsecurity.controllerAnnotations.staticRules = [
    '/api/login':                     ['permitAll'],
    '/':                              ['permitAll'],
    '/index':                         ['permitAll'],
    '/index.gsp':                     ['permitAll'],
    '/assets/**':                     ['permitAll']
]

grails.plugin.springsecurity.rest.token.storage.useGorm = true
grails.plugin.springsecurity.rest.token.storage.gorm.tokenDomainClassName = com.campuscardtools.myphotoid.AuthenticationToken
grails.plugin.springsecurity.filterChain.chainMap = [
    '/api/**': 'JOINED_FILTERS,-exceptionTranslationFilter,-authenticationProcessingFilter,-securityContextPersistenceFilter',  // Stateless chain
    '/**': 'JOINED_FILTERS,-restTokenValidationFilter,-restExceptionTranslationFilter'                                          // Traditional chain
]

预先感谢您的帮助!

Answer 1

@kau 感谢您的有用评论。

Looks like your tokenDomainClassName needs to be enclosed within quotes – kau Aug 22 at 14:01

所以我改变了这个

grails.plugin.springsecurity.rest.token.storage.gorm.tokenDomainClassName = com.campuscardtools.myphotoid.AuthenticationToken

到此

grails.plugin.springsecurity.rest.token.storage.gorm.tokenDomainClassName = 'com.campuscardtools.myphotoid.AuthenticationToken'