Geek Answers Handbook

Spring basic security environment configured twice in the Grails Spring security kernel plugin

I am using Grails spring plugin for security kernel version 3.0.3.

Debug statements when setting the spring security kernel structure are printed twice, and the filter chain is also initialized twice

WARN grails.plugin.springsecurity.SpringSecurityCoreGrailsPlugin - Configuring Spring Security Core ... Configuring Spring Security Core ... WARN grails.plugin.springsecurity.SpringSecurityCoreGrailsPlugin - ... finished configuring Spring Security Core ... finished configuring Spring Security Core

Build a gradle file

 buildscript { ext { grailsVersion = project.grailsVersion } repositories { mavenLocal() maven { url "https://repo.grails.org/grails/core" } } dependencies { classpath "org.grails:grails-gradle-plugin:$grailsVersion" classpath "org.grails.plugins:hibernate:4.3.10.5" } } plugins { id "io.spring.dependency-management" version "0.5.2.RELEASE" } version "0.1" group "restservicesapp" apply plugin: "spring-boot" apply plugin: "war" apply plugin: 'eclipse' apply plugin: 'idea' apply plugin: "org.grails.grails-web" ext { grailsVersion = project.grailsVersion gradleWrapperVersion = project.gradleWrapperVersion } repositories { mavenLocal() maven { url "https://repo.grails.org/grails/core" } } dependencyManagement { imports { mavenBom "org.grails:grails-bom:$grailsVersion" } applyMavenExclusions false } dependencies { compile "org.springframework.boot:spring-boot-starter-logging" compile "org.springframework.boot:spring-boot-starter-actuator" compile "org.springframework.boot:spring-boot-autoconfigure" provided "org.springframework.boot:spring-boot-starter-tomcat" compile "org.grails.plugins:hibernate" compile "org.grails.plugins:cache" compile "org.hibernate:hibernate-ehcache" runtime "mysql:mysql-connector-java:5.1.38" compile 'org.grails.plugins:spring-security-core:3.0.3' compile ('org.grails.plugins:spring-security-rest-gorm:2.0.0.M2') { exclude group: 'org.grails.plugins', module: 'spring-security-core' } testCompile "org.grails:grails-plugin-testing" testCompile "org.grails.plugins:geb" //console "org.grails:grails-console" } task wrapper(type: Wrapper) { gradleVersion = gradleWrapperVersion }
+1
spring-security grails grails-plugin
source share
2 answers

Do you have org.grails.plugins:cxf in your build.gradle? Perhaps two contexts are being created. One for your main application and another for your /services/* . Move the cfx dependency in the gradle file above the spring security plugin, and then you will see that spring protection is configured only once. I struggled with this more than 2 weeks later. But that solved this issue for me. This was a problem for me, as spring security was configured the second time it provided my NPE from time to time. Look at this question only from yourself.

Update

My assessment turned out to be wrong. The real solution, add the snippet below to your build.gradle configurations.runtime { exclude module: "cxf" }

0
source share

I believe Spring Security is not configured twice. One line is logged, the other is println. Following is the code from grails.plugin.springsecurity.SpringSecurityCoreGrailsPlugin :

  Closure doWithSpring() {{ -> ReflectionUtils.application = SpringSecurityUtils.application = grailsApplication SpringSecurityUtils.resetSecurityConfig() def conf = SpringSecurityUtils.securityConfig boolean printStatusMessages = (conf.printStatusMessages instanceof Boolean) ? conf.printStatusMessages : true if (!conf || !conf.active) { if (printStatusMessages) { String message = '\n\nSpring Security is disabled, not loading\n\n' log.warn message println message } return } log.trace 'doWithSpring' if (printStatusMessages) { String message = '\nConfiguring Spring Security Core ...' log.warn message println message }
0
source share

More articles:


All Articles