我正在使用带有 spring-security-rest 插件的 Grails 3.1.4。通常一切正常,但是当我们的一个测试用户尝试从控制器获取任何数据时,服务器的 cpu 使用率会攀升至 100%,然后是java.lang.outofmemory error.
我不明白为什么该请求适用于除他之外的其他用户帐户。也许是关于他的名字,其中包含一个á字符。
更新 8.4.16
它不是特定于用户帐户的!但是我们注意到这个错误只发生在我们在 iOS 9.3 及更高版本上的客户端应用程序上。
调试这个错误有点烦人,我不知道如何解决这个问题。
有没有人可以提供提示?
2016-03-26 20:42:20,476 ERROR http-bio-8443-exec-120 org.springframework.boot.context.web.ErrorPageFilter - Forwarding to error page from request [/users/2] due to exception [GC overhead limit exceeded]
java.lang.OutOfMemoryError: GC overhead limit exceeded
at grails.views.ResolvableGroovyTemplateEngine.resolveTemplate(ResolvableGroovyTemplateEngine.groovy:297)
at grails.views.mvc.GenericGroovyTemplateView.renderMergedOutputModel(GenericGroovyTemplateView.groovy:52)
at org.springframework.web.servlet.view.AbstractView.render(AbstractView.java:303)
at org.springframework.web.servlet.DispatcherServlet.render(DispatcherServlet.java:1243)
at org.springframework.web.servlet.DispatcherServlet.processDispatchResult(DispatcherServlet.java:1027)
at org.springframework.web.servlet.DispatcherServlet.doDispatch(DispatcherServlet.java:971)
at org.springframework.web.servlet.DispatcherServlet.doService(DispatcherServlet.java:893)
at org.springframework.web.servlet.FrameworkServlet.processRequest(FrameworkServlet.java:969)
at org.springframework.web.servlet.FrameworkServlet.doGet(FrameworkServlet.java:860)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:622)
at org.springframework.web.servlet.FrameworkServlet.service(FrameworkServlet.java:845)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:729)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:291)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
at org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:52)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:239)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
at org.springframework.security.web.access.ExceptionTranslationFilter.doFilter(ExceptionTranslationFilter.java:114)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:239)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
at javax.servlet.FilterChain$doFilter.call(Unknown Source)
at org.codehaus.groovy.runtime.callsite.CallSiteArray.defaultCall(CallSiteArray.java:48)
at javax.servlet.FilterChain$doFilter$0.call(Unknown Source)
at grails.plugin.springsecurity.rest.RestAuthenticationFilter.doFilter(RestAuthenticationFilter.groovy:143)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:239)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
at javax.servlet.FilterChain$doFilter.call(Unknown Source)
at grails.plugin.springsecurity.rest.RestLogoutFilter.doFilter(RestLogoutFilter.groovy:80)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:239)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
at javax.servlet.FilterChain$doFilter.call(Unknown Source)
at org.codehaus.groovy.runtime.callsite.CallSiteArray.defaultCall(CallSiteArray.java:48)
用户控制器.groovy
@Secured('ROLE_ADMIN')
class UserController extends RestfulController {
static responseFormats = ['json', 'xml']
UserController() {
super(User)
}
SpringSecurityService springSecurityService
@Secured('ROLE_USER')
def show() {
def authenticatedUser = springSecurityService.currentUser
User user = User.findById(params.long('id'))
if (user == null) {
render(message: 'User not found', status: 404)
} else if (user != authenticatedUser){
render(message: 'not authorized', status: 401)
} else if (user == authenticatedUser){
respond user
} else {
render status: 404
}
}
}
构建.gradle
dependencies {
...
compile "org.grails.plugins:spring-security-rest:2.0.0.M2"
...
}
应用程序.groovy
grails.plugin.springsecurity.filterChain.chainMap = [
//Stateless chain
[
pattern: '/**',
filters: 'JOINED_FILTERS,-anonymousAuthenticationFilter,-exceptionTranslationFilter,-authenticationProcessingFilter,-securityContextPersistenceFilter,-rememberMeAuthenticationFilter'
],
//Traditional, stateful chain
[
pattern: '/stateful/**',
filters: 'JOINED_FILTERS,-restTokenValidationFilter,-restExceptionTranslationFilter'
]
]
// Added by the Spring Security Core plugin:
grails.plugin.springsecurity.userLookup.userDomainClassName = 'net.connactivities.api.User'
grails.plugin.springsecurity.userLookup.authorityJoinClassName = 'net.connactivities.api.UserRole'
grails.plugin.springsecurity.authority.className = 'net.connactivities.api.Role'
grails.plugin.springsecurity.controllerAnnotations.staticRules = [
[pattern: '/', access: ['permitAll']],
[pattern: '/error', access: ['permitAll']],
[pattern: '/index', access: ['permitAll']],
[pattern: '/index.gsp', access: ['permitAll']],
[pattern: '/shutdown', access: ['permitAll']],
[pattern: '/assets/**', access: ['permitAll']],
[pattern: '/**/js/**', access: ['permitAll']],
[pattern: '/**/css/**', access: ['permitAll']],
[pattern: '/**/images/**', access: ['permitAll']],
[pattern: '/**/favicon.ico', access: ['permitAll']]
]
grails.plugin.springsecurity.filterChain.chainMap = [
[pattern: '/assets/**', filters: 'none'],
[pattern: '/**/js/**', filters: 'none'],
[pattern: '/**/css/**', filters: 'none'],
[pattern: '/**/images/**', filters: 'none'],
[pattern: '/**/favicon.ico', filters: 'none'],
[pattern: '/**', filters: 'JOINED_FILTERS']
]
RequestHandler.swift
...
let session = NSURLSession()
func performHTTPRequest(url: String, method: String, withParameters params: [String:AnyObject]?, useAuth: Bool = true, andCompletionBlock completionBlock: (success:Bool, data: NSData?)-> ()) {
let myURL = NSURL(string: url)
let request = NSMutableURLRequest(URL:myURL!)
// HTTP Method
request.HTTPMethod = method
// Include Header options
request.addValue("application/json", forHTTPHeaderField: "Content-Type")
request.addValue("application/json", forHTTPHeaderField: "Accept")
do {
if params != nil {
let body = try NSJSONSerialization.dataWithJSONObject(params!, options: .PrettyPrinted)
request.HTTPBody = body
}
} catch _ {
// Error handling
return
}
if useAuth {
if let auth = authorization() {
request.setValue("Bearer " + auth, forHTTPHeaderField: "Authorization")
}
}
let task = session.dataTaskWithRequest(request) {
data, response, error in
if error != nil {
// Error handling
return
}
let statusCode = (response as! NSHTTPURLResponse).statusCode
if statusCode.isNotAcceptedHTTPCode() {
// HTTP Error
}
else {
if data?.length != 0 {
// OK
}
else {
// Empty data
}
}
}
task.resume()
}
...