我正在使用 Alvaro 的 greach2014 存储库来试验 Spring Security Rest 插件的行为。我可以登录应用程序并生成身份验证令牌。但是,当我尝试发送获取请求时,我被重定向到登录页面。这是我的 cURL 回复
curl -X GET -i -H "X-Auth-Token: Bearer 6mp70e1h702ig5lp5l4j2dlbdbh5aiip" -H "Accept: application/json" http://localhost:8080/restful-grails-springsecurity-greach2014/categories
HTTP/1.1 302 Found
Server: Apache-Coyote/1.1
Set-Cookie: JSESSIONID=7D36AB88B14828CDB7085BBB8722A35F; Path=/restful-grails-springsecurity-greach2014/; HttpOnly
Location: http://localhost:8080/restful-grails-springsecurity-greach2014/login/auth
Content-Length: 0
Date: Tue, 07 Jul 2015 05:59:16 GMT
我也尝试过使用 Bearer 标志,但结果是一样的
curl -X GET -i -H "X-Auth-Token: Bearer 6mp70e1h702ig5lp5l4j2dlbdbh5aiip" -H "Accept: application/json" http://localhost:8080/restful-grails-springsecurity-greach2014/categories
同样,我也尝试过 Authorization Bearer 标头,但它导致超时异常:
``` curl -X GET -i -H "授权:承载 6mp70e1h702ig5lp5l4j2dlbdbh5aiip" -H "接受:应用程序/json" http://localhost:8080/restful-grails-springsecurity-greach2014/categories HTTP/1.1 500 内部服务器错误服务器:Apache-Coyote/1.1 内容类型:text/html;charset=utf-8 内容语言:en 内容长度:4472 日期:星期二,2015 年 7 月 7 日 05:59:46 GMT 连接:关闭
Apache Tomcat/7.0.52 - 错误报告
HTTP 状态 500 - 等待值超时
类型异常报告
消息超时等待值
描述服务器遇到一个内部错误,阻止它完成这个请求。
例外
net.spy.memcached.OperationTimeoutException:超时等待值 net.spy.memcached.MemcachedClient.getAndTouch(MemcachedClient.java:1179) net.spy.memcached.MemcachedClient.getAndTouch(MemcachedClient.java:1196) grails.plugin.springsecurity.rest.token.storage.MemcachedTokenStorageService.findExistingUserDetails(MemcachedTokenStorageService.groovy:64) grails.plugin.springsecurity.rest.token.storage.MemcachedTokenStorageService.loadUserByToken(MemcachedTokenStorageService.groovy:37) grails.plugin.springsecurity.rest.RestAuthenticationProvider.authenticate(RestAuthenticationProvider.groovy:55) grails.plugin.springsecurity.rest.RestTokenValidationFilter.doFilter(RestTokenValidationFilter.groovy:75) grails.plugin.springsecurity.web.filter.GrailsAnonymousAuthenticationFilter.doFilter(GrailsAnonymousAuthenticationFilter.java:53) grails.plugin.springsecurity.rest.RestAuthenticationFilter.doFilter(RestAuthenticationFilter.groovy:139) grails.plugin.springsecurity.web.authentication.RequestHolderAuthenticationFilter.doFilter(RequestHolderAuthenticationFilter.java:53) grails.plugin.springsecurity.web.authentication.logout.MutableLogoutFilter.doFilter(MutableLogoutFilter.java:62) grails.plugin.springsecurity.rest.RestLogoutFilter.doFilter(RestLogoutFilter.groovy:80) com.brandseye.cors.CorsFilter.doFilter(CorsFilter.java:82) java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145) java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615) java.lang.Thread.run(Thread.java:745)
根本原因
net.spy.memcached.internal.CheckedOperationTimeoutException:等待操作超时 - 失败节点:localhost/127.0.0.1:11211 net.spy.memcached.internal.OperationFuture.get(OperationFuture.java:167) net.spy.memcached.MemcachedClient.getAndTouch(MemcachedClient.java:1168) net.spy.memcached.MemcachedClient.getAndTouch(MemcachedClient.java:1196) grails.plugin.springsecurity.rest.token.storage.MemcachedTokenStorageService.findExistingUserDetails(MemcachedTokenStorageService.groovy:64) grails.plugin.springsecurity.rest.token.storage.MemcachedTokenStorageService.loadUserByToken(MemcachedTokenStorageService.groovy:37) grails.plugin.springsecurity.rest.RestAuthenticationProvider.authenticate(RestAuthenticationProvider.groovy:55) grails.plugin.springsecurity.rest.RestTokenValidationFilter.doFilter(RestTokenValidationFilter.groovy:75) grails.plugin.springsecurity.web.filter.GrailsAnonymousAuthenticationFilter.doFilter(GrailsAnonymousAuthenticationFilter.java:53) grails.plugin.springsecurity.rest.RestAuthenticationFilter.doFilter(RestAuthenticationFilter.groovy:139) grails.plugin.springsecurity.web.authentication.RequestHolderAuthenticationFilter.doFilter(RequestHolderAuthenticationFilter.java:53) grails.plugin.springsecurity.web.authentication.logout.MutableLogoutFilter.doFilter(MutableLogoutFilter.java:62) grails.plugin.springsecurity.rest.RestLogoutFilter.doFilter(RestLogoutFilter.groovy:80) com.brandseye.cors.CorsFilter.doFilter(CorsFilter.java:82) java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145) java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615) java.lang.Thread.run(Thread.java:745)
note Apache Tomcat/7.0.52 日志中提供了根本原因的完整堆栈跟踪。