0

我正在使用 Alvaro 的 greach2014 存储库来试验 Spring Security Rest 插件的行为。我可以登录应用程序并生成身份验证令牌。但是,当我尝试发送获取请求时,我被重定向到登录页面。这是我的 cURL 回复

curl -X GET -i -H "X-Auth-Token: Bearer 6mp70e1h702ig5lp5l4j2dlbdbh5aiip" -H "Accept: application/json" http://localhost:8080/restful-grails-springsecurity-greach2014/categories HTTP/1.1 302 Found Server: Apache-Coyote/1.1 Set-Cookie: JSESSIONID=7D36AB88B14828CDB7085BBB8722A35F; Path=/restful-grails-springsecurity-greach2014/; HttpOnly Location: http://localhost:8080/restful-grails-springsecurity-greach2014/login/auth Content-Length: 0 Date: Tue, 07 Jul 2015 05:59:16 GMT

我也尝试过使用 Bearer 标志,但结果是一样的

curl -X GET -i -H "X-Auth-Token: Bearer 6mp70e1h702ig5lp5l4j2dlbdbh5aiip" -H "Accept: application/json" http://localhost:8080/restful-grails-springsecurity-greach2014/categories

同样,我也尝试过 Authorization Bearer 标头,但它导致超时异常:

``` curl -X GET -i -H "授权:承载 6mp70e1h702ig5lp5l4j2dlbdbh5aiip" -H "接受:应用程序/json" http://localhost:8080/restful-grails-springsecurity-greach2014/categories HTTP/1.1 500 内部服务器错误服务器:Apache-Coyote/1.1 内容类型:text/html;charset=utf-8 内容语言:en 内容长度:4472 日期:星期二,2015 年 7 月 7 日 05:59:46 GMT 连接:关闭

Apache Tomcat/7.0.52 - 错误报告

HTTP 状态 500 - 等待值超时

类型异常报告

消息超时等待值

描述服务器遇到一个内部错误,阻止它完成这个请求。

例外 

net.spy.memcached.OperationTimeoutException:超时等待值
    net.spy.memcached.MemcachedClient.getAndTouch(MemcachedClient.java:1179)
    net.spy.memcached.MemcachedClient.getAndTouch(MemcachedClient.java:1196)
    grails.plugin.springsecurity.rest.token.storage.MemcachedTokenStorageService.findExistingUserDetails(MemcachedTokenStorageService.groovy:64)
    grails.plugin.springsecurity.rest.token.storage.MemcachedTokenStorageService.loadUserByToken(MemcachedTokenStorageService.groovy:37)
    grails.plugin.springsecurity.rest.RestAuthenticationProvider.authenticate(RestAuthenticationProvider.groovy:55)
    grails.plugin.springsecurity.rest.RestTokenValidationFilter.doFilter(RestTokenValidationFilter.groovy:75)
    grails.plugin.springsecurity.web.filter.GrailsAnonymousAuthenticationFilter.doFilter(GrailsAnonymousAuthenticationFilter.java:53)
    grails.plugin.springsecurity.rest.RestAuthenticationFilter.doFilter(RestAuthenticationFilter.groovy:139)
    grails.plugin.springsecurity.web.authentication.RequestHolderAuthenticationFilter.doFilter(RequestHolderAuthenticationFilter.java:53)
    grails.plugin.springsecurity.web.authentication.logout.MutableLogoutFilter.doFilter(MutableLogoutFilter.java:62)
    grails.plugin.springsecurity.rest.RestLogoutFilter.doFilter(RestLogoutFilter.groovy:80)
    com.brandseye.cors.CorsFilter.doFilter(CorsFilter.java:82)
    java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145)
    java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615)
    java.lang.Thread.run(Thread.java:745)

根本原因 

net.spy.memcached.internal.CheckedOperationTimeoutException:等待操作超时 - 失败节点:localhost/127.0.0.1:11211
    net.spy.memcached.internal.OperationFuture.get(OperationFuture.java:167)
    net.spy.memcached.MemcachedClient.getAndTouch(MemcachedClient.java:1168)
    net.spy.memcached.MemcachedClient.getAndTouch(MemcachedClient.java:1196)
    grails.plugin.springsecurity.rest.token.storage.MemcachedTokenStorageService.findExistingUserDetails(MemcachedTokenStorageService.groovy:64)
    grails.plugin.springsecurity.rest.token.storage.MemcachedTokenStorageService.loadUserByToken(MemcachedTokenStorageService.groovy:37)
    grails.plugin.springsecurity.rest.RestAuthenticationProvider.authenticate(RestAuthenticationProvider.groovy:55)
    grails.plugin.springsecurity.rest.RestTokenValidationFilter.doFilter(RestTokenValidationFilter.groovy:75)
    grails.plugin.springsecurity.web.filter.GrailsAnonymousAuthenticationFilter.doFilter(GrailsAnonymousAuthenticationFilter.java:53)
    grails.plugin.springsecurity.rest.RestAuthenticationFilter.doFilter(RestAuthenticationFilter.groovy:139)
    grails.plugin.springsecurity.web.authentication.RequestHolderAuthenticationFilter.doFilter(RequestHolderAuthenticationFilter.java:53)
    grails.plugin.springsecurity.web.authentication.logout.MutableLogoutFilter.doFilter(MutableLogoutFilter.java:62)
    grails.plugin.springsecurity.rest.RestLogoutFilter.doFilter(RestLogoutFilter.groovy:80)
    com.brandseye.cors.CorsFilter.doFilter(CorsFilter.java:82)
    java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145)
    java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615)
    java.lang.Thread.run(Thread.java:745)

note Apache Tomcat/7.0.52 日志中提供了根本原因的完整堆栈跟踪。

Apache Tomcat/7.0.52

4

1 回答 1

0

正确的方法是使用 curl -X GET -i -H "Authorization: Bearer 6mp70e1h702ig5lp5l4j2dlbdbh5aiip" -H "Accept: application/json" http://localhost:8080/restful-grails-springsecurity-greach2014/categories

抛出异常是因为我没有在本地运行 memcached。幸运的是,ubuntu 在它的代表中有一个,我只需要使用 apt-get install memcached 和 sudo service memcached start。一切正常。

于 2015-07-08T12:11:58.110 回答