using the spring security core plugin I am trying to catch event so I am using
grails.plugin.springsecurity.useSecurityEventListener = true
grails.plugin.springsecurity.onInteractiveAuthenticationSuccessEvent = { e, appCtx ->
def request = org.codehaus.groovy.grails.plugins.springsecurity.SecurityRequestHolder.getRequest()
def session = request.getSession(false)
session.myvar=2
}
but it give me :
2014-06-08 21:49:05,333 [http-bio-8080-exec-6] ERROR [/ammc].[default] - Servlet.service() for servlet [default] in context with path [/ammc] threw exception
Message: No signature of method: groovy.util.ConfigObject.getRequest() is applicable for argument types: () values: []
Line | Method
->> 158 | doCall in Config$_run_closure5
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
| 95 | call in grails.plugin.springsecurity.SecurityEventListener
| 72 | onApplicationEvent in ''
| 49 | doFilter in grails.plugin.springsecurity.web.authentication.RequestHolderAuthenticationFilter
| 82 | doFilter . . . . . in grails.plugin.springsecurity.web.authentication.logout.MutableLogoutFilter
| 1145 | runWorker in java.util.concurrent.ThreadPoolExecutor
| 615 | run . . . . . . . in java.util.concurrent.ThreadPoolExecutor$Worker
^ 745 | run in java.lang.Thread
notice that the line 158 in the config file is exactly the line
def request = org.codehaus.groovy.grails.plugins.springsecurity.SecurityRequestHolder.getRequest()
which is crazy because I am not invoking groovy.util.ConfigObject.getRequest() in this line
I already tried to clean and compile but nothing change.
and at the same time if I want to catch the failure login event, what event I must catch?
update
I am using grails 2.3.8 and spring-security-core:2.0-RC2
To answer the question
This may be late but...
I believe you mean
def request = grails.plugin.springsecurity.web.SecurityRequestHolder.getRequest()
(note the different package name)
This may not be of much help to #Bilel but it may be to anyone else who happens upon the question.
One a side note:
which is crazy because I am not invoking groovy.util.ConfigObject.getRequest() in this line
When you see weird things like groovy.util.ConfigObject I have come to notice that it usually means a variable in Config does not exist.
Also, on another note:
I don't know if doing it in Config.groovy is an absolute requirement but I believe this gets cleaner if you register a listener.
Here's what I would do:
import org.springframework.context.ApplicationListener
import org.springframework.security.authentication.event. InteractiveAuthenticationSuccessEvent
class MyLoginListener implements ApplicationListener<InteractiveAuthenticationSuccessEvent> {
void onApplicationEvent(InteractiveAuthenticationSuccessEvent event) {
def request = grails.plugin.springsecurity.web.SecurityRequestHolder.getRequest()
def session = request.getSession(false)
session.myvar=2
}
}
and then register it in resources.groovy
beans = {
myLoginListener(MyLoginListener)
}
You need the following line in Config.groovy, but you may already have it there anyway.
grails.plugin.springsecurity.useSecurityEventListener = true
Related
Below is my Pgtyp.groovy (domain class):
package marchmock2
class Pgtyp {
Date date_hour
String mv
String pagetype
Integer visits
Integer visits_ly
Integer visits_lw
String time_period
String platform
String device
String browser
static mapping = {
table "pgtyp"
version false
date_hour column: "date_hour"
mv column: "mv"
pagetype column: "pagetype"
visits column: "visits"
visits_ly column:"visits_ly"
visits_lw column:"visits_lw"
time_period column:"time_period"
platform column:"platform"
device column:"device"
browser column:"browser"
}
static constraints = {
}
}
This is how my controller looks like:
package marchmock2
import grails.converters.*
import groovy.sql.Sql
class PgtypController {
def ajaxGetMv = {
def pgtyp = Pgtyp.get(params.id)
render pgtyp as JSON
}
def index() {
}
}
And finally, this is my index.gsp:
<html>
<head>
<g:javascript src="jquery-1.10.2.min.js"/>
<g:javascript src="prototype.js"/>
</head>
<body>
<form>
<g:select from="['AFFILIATES', 'SEO', 'SEM','DISPLAYADS']" name="mv" onchange="${remoteFunction(
controller:'Pgtyp',
action:'ajaxGetMv',
params:'\'id=\' + escape(this.value)',
onSuccess: 'printpgtyp(data)')}"></g:select>
</form>
<g:javascript>
function printpgtyp(data) {
console.log(data)
}
</g:javascript>
</body>
</html>
When I run my app, I get a dropdown and on selecting any option from it I get an error saying:
POST http://localhost:8080/marchmock2/pgtyp/ajaxGetMv 500 (Internal Server Error)
What do I do with it? Is there any error in the way I'm writing it or have I misunderstood anything? Any help would be appreciated.
UPDATE
|
2014-07-04 16:37:23,149 [http-bio-8080-exec-10] ERROR [/marchmock2].[gsp] - Servlet.service() for servlet [gsp] in context with path [/marchmock2] threw exception
Message: It looks like you are missing some calls to the r:layoutResources tag. After rendering your page the following have not been rendered: [defer]
Line | Method
->> 1145 | runWorker in java.util.concurrent.ThreadPoolExecutor
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
| 615 | run in java.util.concurrent.ThreadPoolExecutor$Worker
^ 744 | run . . . in java.lang.Thread
UPDATE2
Following an answer on stackoverflow, I changed to and the error mentioned in first UPDATE is gone. However, when I select 'SEO' from the dropdown, I get the following error
TypeMismatchException occurred when processing request: [POST] /marchmock2/pgtyp/ajaxGetMv - parameters:
id: SEO
Provided id of the wrong type for class marchmock2.Pgtyp. Expected: class java.lang.Long, got class java.lang.String. Stacktrace follows:
Message: Provided id of the wrong type for class marchmock2.Pgtyp. Expected: class java.lang.Long, got class java.lang.String
A confused Grails newbie here. I am currently going through the tutorials in
a book (Smith, Ledbrook, "Grails in Action", Manning Publications, 1st Ed)
and am stumped in the first chapter! When browsing to localhost, I get the
error messages further below. The tutorial leads me through creating a
Random Quote of the Day application. As you might suspect, browsing to the
webpage gives a random quote (which were saved in the "Quote" domain class)
with each refresh.
I have made the controller, view, layout, domain class, all of which are
pretty simple. I would imagine that I'd get these errors if there were no
test data, but using the grails console shows me that there are. Despite
this, refreshes of the browser echo the errors in an open terminal.
The code for the Quote domain class and the controller are below as well. I
wanted to change the config file for the development environment to make it
persistent, so that entry is also down there. Let me know if you need to see
anything else...
Any ideas? (Using Grails version 2.4.0 installed on Ubuntu 14.04. Book uses
code for Grails 1.1)
Error:
URI: /qotd/quote/random
Class:java.lang.IllegalStateException
Message: Method on class [qotd.Quote] was used outside of a Grails
application. If running in the context of a test using the mocking API or
bootstrap Grails correctly.
Around line 8 of grails-app/controllers/qotd/QuoteController.groovy
6:
7: def random = {
8: def allQuotes = Quote.list()
9: /*def randomQuote
10: if (allQuotes.size() > 0 )
11: {
Trace
Line | Method
->> 9 | doCall in QuoteController.groovy
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
| 198 | doFilter in PageFragmentCachingFilter.java
| 63 | doFilter in AbstractFilter.java
| 1145 | runWorker in java.util.concurrent.ThreadPoolExecutor
| 615 | run . . . in java.util.concurrent.ThreadPoolExecutor$Worker
^ 744 | run in java.lang.Thread
Controller
package qotd
class QuoteController {
def index = { }
def random = {
def allQuotes = Quote.list()
/*
def randomQuote
if (allQuotes.size() > 0 )
{
def randomIdx = new Random().nextInt(allQuotes.size())
randomQuote = allQuotes[randomIdx]
} else {
randomQuote = new Quote(author: "Anonymous",
content: "Real Programmers Don't eat Quiche")
}
[quote : randomQuote ]
*/
}
}
Quote domain class
package qotd
class Quote {
String content
String author
Date created = new Date()
static constraints = {
}
}
Development Environment from DataSource.groovy
development {
dataSource {
dbCreate = "update" // one of 'create', 'create-drop', 'update',
'validate', ''
url =
"jdbc:h2:file:~/h2db/quotedevdb;MVCC=TRUE;LOCK_TIMEOUT=10000;DB_CLOSE_ON_EXIT=FALSE"
}
}
Yep, as grantmcconnaughey comments, you don't want to declare your controller actions as closures with an '=' sign. It is now recommended to use methods. So you can do:
def random() {
def allQuotes = Quote.list()
}
or:
public random() {
def allQuotes = Quote.list()
}
See the online docs.
I have a Grails application with spring-security-ldap plugin installed and configured with Active Directory specific options.
Grails version: 2.1.1.
spring-security-core plugin version: 2.0-RC2
spring-security-ldap plugin version: 2.0-RC2
Everything works fine: users log in to the application validating against the Active Directory and their groups are retrieved in order to control the access to the different pages.
My problem: "remember me" option doesn't work. I have configured the application in order to use "remember me" option and I have run the s2-create-persistent-token command. I have also activated the specific traces.
Everything works fine: the user successfully logs in to the application with the "remember me" option checked, the token is created and the cookie is sent to the client. The user closes the browser and then reopens it. At this point, the application successfully validates that the user in the cookie matches with the user in the persistent token.
Then I can see this in the log
userdetails.LdapUserDetailsManager - Loading user 'sAMAccountName' with DN 'cn=sAMAccountName,dc=company,dc=country'
rememberme.PersistentTokenBasedRememberMeServices - Remember-me login was valid but corresponding user not found.
Message: User sAMAccountName not found
Line | Method
->> 49 | doFilter in grails.plugin.springsecurity.web.authentication.RequestHolderAuthenticationFilter
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
| 82 | doFilter in grails.plugin.springsecurity.web.authentication.logout.MutableLogoutFilter
| 886 | runTask in java.util.concurrent.ThreadPoolExecutor$Worker
| 908 | run in ''
^ 619 | run . . in java.lang.Thread
Caused by NameNotFoundException: [LDAP: error code 32 - 0000208D: NameErr: DSID-031001CD, problem 2001 (NO_OBJECT), data 0, best match of:
'DC=company,DC=country'
The first log line shows a not valid DN for the user. The DN for the user is something like this
cn=name,ou=a group,ou=a super group,dc=company,dc=country
Could be that the problem? How can I solve it?
My configuration
// Spring Security
grails.plugin.springsecurity.logout.postOnly = false
// Spring Security LDAP
grails.plugin.springsecurity.ldap.context.managerDn = 'CN="a user",OU="a group",DC="company",DC="country"'
grails.plugin.springsecurity.ldap.context.managerPassword = '"password"'
grails.plugin.springsecurity.ldap.context.server = 'ldap://"server":389'
grails.plugin.springsecurity.ldap.authorities.ignorePartialResultException = true
grails.plugin.springsecurity.ldap.search.base = 'dc="company",dc="country"'
grails.plugin.springsecurity.ldap.search.filter="sAMAccountName={0}"
grails.plugin.springsecurity.ldap.search.searchSubtree = true
grails.plugin.springsecurity.ldap.auth.hideUserNotFoundExceptions = false
grails.plugin.springsecurity.ldap.search.attributesToReturn = ['dn', 'cn', 'ou', 'givenName', 'sn', 'department']
grails.plugin.springsecurity.ldap.authenticator.attributesToReturn = ['dn', 'cn', 'ou', 'givenName', 'sn', 'department']
grails.plugin.springsecurity.providerNames = ['ldapAuthProvider','anonymousAuthenticationProvider', 'rememberMeAuthenticationProvider']
// role-specific LDAP config
grails.plugin.springsecurity.ldap.authorities.retrieveGroupRoles = true
grails.plugin.springsecurity.ldap.authorities.groupSearchBase = 'dc="company",dc="country"'
grails.plugin.springsecurity.ldap.authorities.groupSearchFilter = '(member:1.2.840.113556.1.4.1941:={0})' // Active Directory specific
grails.plugin.springsecurity.successHandler.defaultTargetUrl = '/home'
grails.plugin.springsecurity.rememberMe.persistent = true
grails.plugin.springsecurity.rememberMe.persistentToken.domainClassName = 'censo.auth.PersistentLogin'
grails.plugin.springsecurity.ldap.useRememberMe = true
grails.plugin.springsecurity.ldap.rememberMe.detailsManager.groupMemberAttributeName = 'member'
grails.plugin.springsecurity.ldap.rememberMe.detailsManager.groupRoleAttribute = 'CN'
grails.plugin.springsecurity.ldap.rememberMe.detailsManager.groupSearchBase = 'OU="another group",dc="company",dc="country"'
grails.plugin.springsecurity.ldap.rememberMe.detailsManager.passwordAttributeName = 'userPassword'
grails.plugin.springsecurity.ldap.rememberMe.usernameMapper.userDnBase = 'dc="company",dc="country"'
grails.plugin.springsecurity.ldap.rememberMe.usernameMapper.usernameAttribute = 'cn'
grails.plugin.springsecurity.ldap.rememberMe.detailsManager.attributesToRetrieve = null
Thank you in advance
Im trying to upload a file, and store it in a file. This is the code in the GSP:
<g:form method="post" enctype="multipart/form-data" action="update">
<input type="file" name="cv" id="cv"/>
<g:actionSubmit action="upload" name="upload" value="Upload" />
</g:form>
In the Controller:
def upload(){
def f = request.getFile('cv')
InputStream file = f.inputStream
byte[] bytes = file.bytes
println('bytes: '+bytes)
}
As I say in the title, i got an exception here. Any help? Thanks.
EDIT (Full Stacktrace, by request):
Error 500: Internal Server Error
URI
/com.publidirecta.azafatas/azafataCertificada/index
Class
groovy.lang.MissingMethodException
Message
No signature of method:org.springframework.security.web.servletapi.SecurityContextHolderAwareRequestWrapper.getFile() is applicable for argument types: (java.lang.String) values: [cv] Possible solutions: getXML(), getPart(java.lang.String), getAt(java.lang.String), getAt(java.lang.String), getLocale(), getJSON()
Around line 1158 of grails-app/controllers/com/publidirecta/AzafataCertificadaController.groovy
1155: def upload(){
1156: println("Acción upload. Params: "+params)
1157: Azafata aza=Azafata.findByUsername(params.user)
1158: def f = request.getFile('cv')
1159: InputStream file = f.inputStream
1160: byte[] bytes = file.bytes
1161: }
Trace
Line | Method
->> 1158 | upload in AzafataCertificadaController.groovy
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
| 886 | runTask in java.util.concurrent.ThreadPoolExecutor$Worker
| 908 | run . . in ''
^ 680 | run in java.lang.Thread
The problem is that your request is not treated as a MultiPartRequest. Do something like this:
MultipartRequest multipartRequest = request as MultipartRequest
if(multipartRequest){
MultipartFile attachmentFile = multipartRequest.getFile("attachment_file".toString())
if (attachmentFile) {
-- copy it ---
}
}
i'm a bit new on the groovy grails technology and i'm having a problem with this one
i looked at this could not initialize proxy - no Session but the application don't get stale too long
I am trying to access the session object on my SecurityFilter placed on the config subfolder. I just wanted to do a check for every request on the controllers to verify if a user has the rights to do such actions.
class SecurityFilters {
def filters = {
userFilterList(controller:"user", action:"list") {
before = {
if (!session.user.accountType.equals("Admin")) {
redirect(uri: "/")
}
}
}
userFilterShow(controller:"user", action:"show") {
before = {
if (!session.user.accountType.equals("Admin")) {
redirect(uri: "/")
}
}
}
userFilterEdit(controller:"user", action:"edit") {
before = {
if (!session.user.accountType.equals("Admin")) {
redirect(uri: "/")
}
}
}
}
}
but I get this error
Message: could not initialize proxy - no Session
Line | Method
->> 6 | doCall in SecurityFilters$_closure1_closure2_closure5
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
| 186 | doFilter in grails.plugin.cache.web.filter.PageFragmentCachingFilter
| 63 | doFilter in grails.plugin.cache.web.filter.AbstractFilter
| 1110 | runWorker in java.util.concurrent.ThreadPoolExecutor
| 603 | run . . . in java.util.concurrent.ThreadPoolExecutor$Worker
^ 636 | run in java.lang.Thread
before I get to this point I placed the user object on the session object right after doing the login instructions but I am not sure what happened that the session object became not available
some of the properties of the user object were not retrieved, so in the login when I put the user object in the on the session, I also had to manually transfer the property that I needed so I could retrieve again for later use
session.user = user //not enough
session.user.accountType = user.accountType
now I was able to retrieve the user object from the session object and get the property that I wanted to get