All geek questions in one place

Spring security plugin: authentication failed, no authentication Provider found

I am trying to integrate the spring plugin for security version 1.4.1 in my grails application, but when faced with some kind of problem, I do this:

Config.groovy setup:

//login end point grails.plugin.springsecurity.rest.login.active=true grails.plugin.springsecurity.rest.login.endpointUrl='/api/login' grails.plugin.springsecurity.rest.login.failureStatusCode='401' //for memcached grails.plugin.springsecurity.rest.token.storage.useMemcached=true grails.plugin.springsecurity.rest.token.storage.memcached.hosts='localhost:11211' grails.plugin.springsecurity.rest.token.storage.memcached.username='' grails.plugin.springsecurity.rest.token.storage.memcached.password='' grails.plugin.springsecurity.rest.token.storage.memcached.expiration=3600 //logout endpoint grails.plugin.springsecurity.rest.logout.endpointUrl='/api/logout' grails.plugin.springsecurity.rest.token.validation.headerName='X-Auth-Token' //accept request params as map grails.plugin.springsecurity.rest.login.useRequestParamsCredentials=true grails.plugin.springsecurity.rest.login.usernamePropertyName='username' grails.plugin.springsecurity.rest.login.passwordPropertyName='password'

and

 grails.plugin.springsecurity.filterChain.chainMap = [ '/api/guest/**': 'anonymousAuthenticationFilter,restExceptionTranslationFilter,filterInvocationInterceptor', '/api/**': 'JOINED_FILTERS,-exceptionTranslationFilter,-authenticationProcessingFilter,-securityContextPersistenceFilter,-rememberMeAuthenticationFilter', // Stateless chain '/**': 'JOINED_FILTERS,-restTokenValidationFilter,-restExceptionTranslationFilter' // Traditional chain ]

As you can see from the setup, I use Memcache to store tokens, when I click the api/login url through the rest client, I got 401, I turned on logs that say that the authentication provider was not found

Here are the logs:

 2015-04-03 23:30:31,030 [http-bio-8080-exec-8] DEBUG matcher.AntPathRequestMatcher - Checking match of request : '/api/login'; against '/api/guest/**' 2015-04-03 23:30:31,031 [http-bio-8080-exec-8] DEBUG matcher.AntPathRequestMatcher - Checking match of request : '/api/login'; against '/api/**' 2015-04-03 23:30:31,031 [http-bio-8080-exec-8] DEBUG web.FilterChainProxy - /api/ login?username=abu.srs@gmail &password=test456 at position 1 of 8 in additional filter chain; firing Filter: 'RestLogoutFilter' 2015-04-03 23:30:31,031 [http-bio-8080-exec-8] DEBUG web.FilterChainProxy - /api/ login?username=abu.srs@gmail &password=test456 at position 2 of 8 in additional filter chain; firing Filter: 'MutableLogoutFilter' 2015-04-03 23:30:31,031 [http-bio-8080-exec-8] DEBUG web.FilterChainProxy - /api/ login?username=abu.srs@gmail &password=test456 at position 3 of 8 in additional filter chain; firing Filter: 'RestAuthenticationFilter' 2015-04-03 23:30:31,031 [http-bio-8080-exec-8] DEBUG rest.RestAuthenticationFilter - Actual URI is /api/login; endpoint URL is /api/login 2015-04-03 23:30:31,031 [http-bio-8080-exec-8] DEBUG rest.RestAuthenticationFilter - Applying authentication filter to this request 2015-04-03 23:30:31,031 [http-bio-8080-exec-8] DEBUG credentials.RequestParamsCredentialsExtractor - Extracted credentials from request params. Username: abu.srs@gmail , password: [PROTECTED] 2015-04-03 23:30:31,032 [http-bio-8080-exec-8] DEBUG credentials.RequestParamsCredentialsExtractor - pswrd: test456 2015-04-03 23:30:31,032 [http-bio-8080-exec-8] DEBUG rest.RestAuthenticationFilter - Trying to authenticate the request: org.springframew ork.security.authentication.UsernamePasswordAuthenticationToken@ fdd5153a: Principal: abu.srs@gmail ; Credentials: [PROTECTED]; Authenticated: false; Details: org.sprin gframework.security.web.authentication.WebAuthenticationDetails@ 957e: RemoteIpAddress: 127.0.0.1; SessionId: null; Not granted any authorities 2015-04-03 23:30:31,051 [http-bio-8080-exec-8] DEBUG rest.RestAuthenticationFilter - Authentication failed: No AuthenticationProvider found for org.springframework.security.authentication.UsernamePasswordAuthenticationToken 2015-04-03 23:30:31,051 [http-bio-8080-exec-8] DEBUG rest.RestAuthenticationFailureHandler - Setting status code to 401 2015-04-03 23:30:31,051 [http-bio-8080-exec-8] DEBUG rest.RestAuthenticationFilter - Not authenticated. Rest authentication token not generated.

My other thing is that: if I make a request like localhost:8080/restspring/api/guest/controller/action (for an unauthenticated request), do I need to make some entry in the URL mapping for this? My application uses its own authentication provider. Any idea would be helpful to me, thanks.

+6
source share
1 answer

Authentication Provider Not Found

The problem may be that you always return false in the support () method of your authentication provider.
Link: No Authentication Provider for UsernamePasswordAuthenticationToken

If I make a request like localhost: 8080 / restspring / api / guest / controller / action (for an unauthenticated request) do I need to make some entry in the URL mapping for this?

Yes, you need to make some entry in URL mapping. Since the default url mapping:

 "/$controller/$action?/$id?(.$format)?"{ constraints { // apply constraints here } }

This cannot create the url you need, i.e. localhost:8080/restspring/api/guest/controller/action

0
source

Source: https://habr.com/ru/post/984663/

More articles:


All Articles