使用 Grails Spring 安全 REST 插件进行身份验证
Authentication using Grails Spring Security REST Plugin
我看到了 Alvaro 在 Greach 2014 的演讲。我从 GitHub 下载了示例并启动了它。
当我尝试使用
进行身份验证时
curl -i -H "Content-Type: application/json" -X POST -d '{"username":"jimi","password":"jimispassword"}' http://localhost:8080/restful-grails-springsecurity-greach2014/api/login
我在卷曲方面得到这个。
HTTP/1.1 400 Bad Request
Server: Apache-Coyote/1.1
Content-Length: 0
Date: Mon, 18 May 2015 14:57:07 GMT
Connection: close
在服务器端我看到了。
|Server running. Browse to http://localhost:8080/restful-grails-springsecurity-greach2014
....2015-05-18 16:57:07,840 [http-bio-8080-exec-4] DEBUG util.AntPathRequestMatcher - Request '/api/login' matched by universal pattern '/**'
2015-05-18 16:57:07,841 [http-bio-8080-exec-4] DEBUG web.FilterChainProxy - /api/login at position 1 of 11 in additional filter chain; firing Filter: 'SecurityContextPersistenceFilter'
2015-05-18 16:57:07,842 [http-bio-8080-exec-4] DEBUG context.HttpSessionSecurityContextRepository - No HttpSession currently exists
2015-05-18 16:57:07,842 [http-bio-8080-exec-4] DEBUG context.HttpSessionSecurityContextRepository - No SecurityContext was available from the HttpSession: null. A new one will be created.
2015-05-18 16:57:07,844 [http-bio-8080-exec-4] DEBUG web.FilterChainProxy - /api/login at position 2 of 11 in additional filter chain; firing Filter: 'MutableLogoutFilter'
2015-05-18 16:57:07,844 [http-bio-8080-exec-4] DEBUG web.FilterChainProxy - /api/login at position 3 of 11 in additional filter chain; firing Filter: 'RequestHolderAuthenticationFilter'
2015-05-18 16:57:07,846 [http-bio-8080-exec-4] DEBUG web.FilterChainProxy - /api/login at position 4 of 11 in additional filter chain; firing Filter: 'RestAuthenticationFilter'
2015-05-18 16:57:07,878 [http-bio-8080-exec-4] DEBUG rest.RestAuthenticationFilter - Actual URI is /api/login; endpoint URL is /api/login
2015-05-18 16:57:07,878 [http-bio-8080-exec-4] DEBUG rest.RestAuthenticationFilter - Applying authentication filter to this request
2015-05-18 16:57:07,919 [http-bio-8080-exec-4] DEBUG credentials.DefaultJsonPayloadCredentialsExtractor - No JSON body sent in the request
2015-05-18 16:57:07,919 [http-bio-8080-exec-4] DEBUG rest.RestAuthenticationFilter - Username and/or password parameters are missing.
2015-05-18 16:57:07,920 [http-bio-8080-exec-4] DEBUG rest.RestAuthenticationFilter - Setting status to 400
2015-05-18 16:57:07,921 [http-bio-8080-exec-4] DEBUG context.HttpSessionSecurityContextRepository - SecurityContext is empty or contents are anonymous - context will not be stored in HttpSession.
2015-05-18 16:57:07,922 [http-bio-8080-exec-4] DEBUG context.SecurityContextPersistenceFilter - SecurityContextHolder now cleared, as request processing completed
请求中未发送 JSON 正文。我必须如何使用 cURL 发送此文件?
或者为什么它不接收我的
-X POST -d '{"username":"jimi","password":"jimispassword"}'
我认为我的问题与 cURL 语法相关,而不是与 grails 相关。我用 Firefox RestClient 测试过,它工作正常。
将您的 cURL 请求更改为:
curl -i -H "Content-Type: application/json" -X POST -data '{"username":"jimi","password":"jimispassword"}' http://localhost:8080/restful-grails-springsecurity-greach2014/api/login
请注意,我已将“-d”更改为“--data”
我看到了 Alvaro 在 Greach 2014 的演讲。我从 GitHub 下载了示例并启动了它。
当我尝试使用
进行身份验证时curl -i -H "Content-Type: application/json" -X POST -d '{"username":"jimi","password":"jimispassword"}' http://localhost:8080/restful-grails-springsecurity-greach2014/api/login
我在卷曲方面得到这个。
HTTP/1.1 400 Bad Request
Server: Apache-Coyote/1.1
Content-Length: 0
Date: Mon, 18 May 2015 14:57:07 GMT
Connection: close
在服务器端我看到了。
|Server running. Browse to http://localhost:8080/restful-grails-springsecurity-greach2014
....2015-05-18 16:57:07,840 [http-bio-8080-exec-4] DEBUG util.AntPathRequestMatcher - Request '/api/login' matched by universal pattern '/**'
2015-05-18 16:57:07,841 [http-bio-8080-exec-4] DEBUG web.FilterChainProxy - /api/login at position 1 of 11 in additional filter chain; firing Filter: 'SecurityContextPersistenceFilter'
2015-05-18 16:57:07,842 [http-bio-8080-exec-4] DEBUG context.HttpSessionSecurityContextRepository - No HttpSession currently exists
2015-05-18 16:57:07,842 [http-bio-8080-exec-4] DEBUG context.HttpSessionSecurityContextRepository - No SecurityContext was available from the HttpSession: null. A new one will be created.
2015-05-18 16:57:07,844 [http-bio-8080-exec-4] DEBUG web.FilterChainProxy - /api/login at position 2 of 11 in additional filter chain; firing Filter: 'MutableLogoutFilter'
2015-05-18 16:57:07,844 [http-bio-8080-exec-4] DEBUG web.FilterChainProxy - /api/login at position 3 of 11 in additional filter chain; firing Filter: 'RequestHolderAuthenticationFilter'
2015-05-18 16:57:07,846 [http-bio-8080-exec-4] DEBUG web.FilterChainProxy - /api/login at position 4 of 11 in additional filter chain; firing Filter: 'RestAuthenticationFilter'
2015-05-18 16:57:07,878 [http-bio-8080-exec-4] DEBUG rest.RestAuthenticationFilter - Actual URI is /api/login; endpoint URL is /api/login
2015-05-18 16:57:07,878 [http-bio-8080-exec-4] DEBUG rest.RestAuthenticationFilter - Applying authentication filter to this request
2015-05-18 16:57:07,919 [http-bio-8080-exec-4] DEBUG credentials.DefaultJsonPayloadCredentialsExtractor - No JSON body sent in the request
2015-05-18 16:57:07,919 [http-bio-8080-exec-4] DEBUG rest.RestAuthenticationFilter - Username and/or password parameters are missing.
2015-05-18 16:57:07,920 [http-bio-8080-exec-4] DEBUG rest.RestAuthenticationFilter - Setting status to 400
2015-05-18 16:57:07,921 [http-bio-8080-exec-4] DEBUG context.HttpSessionSecurityContextRepository - SecurityContext is empty or contents are anonymous - context will not be stored in HttpSession.
2015-05-18 16:57:07,922 [http-bio-8080-exec-4] DEBUG context.SecurityContextPersistenceFilter - SecurityContextHolder now cleared, as request processing completed
请求中未发送 JSON 正文。我必须如何使用 cURL 发送此文件?
或者为什么它不接收我的
-X POST -d '{"username":"jimi","password":"jimispassword"}'
我认为我的问题与 cURL 语法相关,而不是与 grails 相关。我用 Firefox RestClient 测试过,它工作正常。
将您的 cURL 请求更改为:
curl -i -H "Content-Type: application/json" -X POST -data '{"username":"jimi","password":"jimispassword"}' http://localhost:8080/restful-grails-springsecurity-greach2014/api/login
请注意,我已将“-d”更改为“--data”