These are chat archives for alvarosanchez/spring-security-rest

Feb 2015
Siim Talvik
Feb 22 2015 11:26

Hi, i'm having a problem getting my requests authenticated, I get a 401 every time. The credentials can be checked and a token is received. the relevant config.groovy

// Added by the Spring Security Core plugin:
grails.plugin.springsecurity.userLookup.userDomainClassName = 'com.saas.user.User'
grails.plugin.springsecurity.userLookup.authorityJoinClassName = 'com.saas.user.UserRole'
grails.plugin.springsecurity.authority.className = 'com.saas.user.Role'
grails.plugin.springsecurity.controllerAnnotations.staticRules = [
        '/':               ['permitAll'],
        '/index':          ['permitAll'],
        '/index.gsp':      ['permitAll'],
        '/assets/**':      ['permitAll'],
        '/**/js/**':       ['permitAll'],
        '/**/css/**':      ['permitAll'],
        '/**/images/**':   ['permitAll'],
        '/**/favicon.ico': ['permitAll']
grails.plugin.springsecurity.filterChain.chainMap = [
        '/api/**': 'JOINED_FILTERS,-exceptionTranslationFilter,-authenticationProcessingFilter,-securityContextPersistenceFilter,-rememberMeAuthenticationFilter',  // Stateless chain
        '/**': 'JOINED_FILTERS,-restTokenValidationFilter,-restExceptionTranslationFilter'                                                                          // Traditional chain

//spring security rest configuration = true = 'com.saas.user.SaasToken' = 'tokenValue' = 'email' = true = 'email' = 'password'   = true = 'X-Auth-Token'  = '/api/validate'

request to localhost:8080/rest_api/api/validate. the token exists in the DB so that should be OK. tried it with and without 'Bearer', Tried changing the headerName configuration, nothing...
and the request header i'm using is, :

X-Auth-Token:Bearer i64fli2k08kifvf7d771uib45dsrbdfd
not really sure what's gone wrong, thought i'd drop by and ask for a bit of help
Siim Talvik
Feb 22 2015 12:04
Looks like i got it working by using "Authorization:Bearer tokenValue", knew it was something simple :)