grails - 身份验证失败-Grails无法提供凭据

Question

我已经在Bootstrap.groovy中创建了用户和角色。

def user = new User(username:"name", password:"pass",email:"email@gmail.rr",enabled:true).save()

我已经直接在数据库中检查了每个用户名和密码。
为了测试目的，我什至删除了编码。
但是，尝试登录时会收到此消息(我添加了一些其他日志记录)

2014-01-27 22:49:04,480 [http-bio-8090-exec-3] DEBUG filter.GrailsAnonymousAuthenticationFilter - Populated SecurityContextHolder with anonymous token: '{0}' 2014-01-27 22:49:04,480 [http-bio-8090-exec-4] DEBUG filter.GrailsAnonymousAuthenticationFilter - Populated SecurityContextHolder with anonymous token: '{0}' 2014-01-27 23:06:19,654 [http-bio-8090-exec-7] DEBUG filter.GrailsAnonymousAuthenticationFilter - Populated SecurityContextHolder with anonymous token: '{0}' 2014-01-27 23:06:19,833 [http-bio-8090-exec-8] DEBUG filter.GrailsAnonymousAuthenticationFilter - Populated SecurityContextHolder with anonymous token: '{0}' authentication grails.plugin.springsecurity.authentication.GrailsAnonymousAuthenticationToken@dc4a600: Principal: org.springframework.security.core.userdetails.User@dc730200: Username: grails.anonymous.user; Password: [PROTECTED]; Enabled: false; AccountNonExpired: false; credentialsNonExpired: false; AccountNonLocked: false; Granted Authorities: ROLE_ANONYMOUS; Credentials: [PROTECTED]; Authenticated: true; Details: org.springframework.security.web.authentication.WebAuthenticationDetails@0: RemoteIpAddress: 127.0.0.1; SessionId: 951C58071D49B3E3AB6D55C158C46B43; Granted Authorities: ROLE_ANONYMOUS is NOT logged in 2014-01-27 23:06:29,147 [http-bio-8090-exec-9] DEBUG authentication.RequestHolderAuthenticationFilter - Request is to process authentication 2014-01-27 23:06:30,115 [http-bio-8090-exec-9] DEBUG authentication.RequestHolderAuthenticationFilter - Authentication request failed: org.springframework.security.authentication.BadCredentialsException: Bad credentials 2014-01-27 23:06:30,115 [http-bio-8090-exec-9] DEBUG authentication.RequestHolderAuthenticationFilter - Updated SecurityContextHolder to contain null Authentication 2014-01-27 23:06:30,115 [http-bio-8090-exec-9] DEBUG authentication.RequestHolderAuthenticationFilter - Delegating to authentication failure handler grails.plugin.springsecurity.web.authentication.AjaxAwareAuthenticationFailureHandler@df9533 2014-01-27 23:06:30,116 [http-bio-8090-exec-9] DEBUG authentication.AjaxAwareAuthenticationFailureHandler - Redirecting to /login/authfail?login_error=1 2014-01-27 23:06:30,165 [http-bio-8090-exec-10] DEBUG filter.GrailsAnonymousAuthenticationFilter - Populated SecurityContextHolder with anonymous token: '{0}' authentication failed!!!! 2014-01-27 23:06:30,235 [http-bio-8090-exec-10] DEBUG filter.GrailsAnonymousAuthenticationFilter - Populated SecurityContextHolder with anonymous token: '{0}' authentication grails.plugin.springsecurity.authentication.GrailsAnonymousAuthenticationToken@dc4a600: Principal: org.springframework.security.core.userdetails.User@dc730200: Username: grails.anonymous.user; Password: [PROTECTED]; Enabled: false; AccountNonExpired: false; credentialsNonExpired: false; AccountNonLocked: false; Granted Authorities: ROLE_ANONYMOUS; Credentials: [PROTECTED]; Authenticated: true; Details: org.springframework.security.web.authentication.WebAuthenticationDetails@0: RemoteIpAddress: 127.0.0.1; SessionId: 951C58071D49B3E3AB6D55C158C46B43; Granted Authorities: ROLE_ANONYMOUS is NOT logged in

您从此堆栈跟踪中了解什么？如果需要更多信息，我会毫不犹豫地提供:)

根据我在日志中看到的内容，当我尝试使用在数据库中创建并验证的管理员用户登录时，Spring Security尝试使用无法访问这些页面的匿名用户登录。
这是一些更多的spring安全配置

    grails.plugin.springsecurity.controllerAnnotations.staticRules = [
]
grails.plugin.springsecurity.interceptUrlMap = [
    '/candidate/*': ['ROLE_ADMIN'],

 ]

Answer 1

这里没什么要继续的:)只是说密码错误。

由于您没有提到这是从插件的1.2.x到2.x的升级，因此不应该存在配置问题。如果是这样，并且您未进行任何配置更改，则您将使用SHA-256哈希旧密码，但会将其与bcrypt哈希密码进行比较。另外，即使您将其配置为使用SHA-256，哈希迭代的次数也从1更改为10000，因此在Config.groovy中需要grails.plugin.springsecurity.password.hash.iterations = 1。

所以我猜你是在BootStrap.groovy中显式地对密码进行哈希处理，例如

def user = new User(username: 'me', enabled: true, password: springSecurityService.encodePassword('super_secret')).save()

但是生成的用户类会自动为您哈希，因此哈希两次。如果这样做，请将BootStrap代码更改为

def user = new User(username: 'me', enabled: true, password: 'super_secret').save()