Custom Authentication Provider

[ghost]

Hello, First of all I would like to thank You for this great plugin. It works fine normally but when i am trying to put my custom AuthenticationProvider I am receiving 403 status.

My goal is to insert my custom provider which will connect with our DB and Run API (It i simple ORACLE API which check if login username/password are correct).

At the beggining I would like to create just dump provider which will allow every username/password and later insert there some logic. Could please tell me what I am doing wrong and navigate me to correct solution?

This is code of my non-working provider:

class MyAuthenticationProvider implements AuthenticationProvider {
    Authentication authenticate(Authentication authentication) throws AuthenticationException {

        RestAuthenticationToken authenticationRequest = authentication
        String name = "test"
        String password = "test123"
        String token = "a8b3h5j2a8b3h5j2a8b3h5j2a8b3h5j2"
        List<GrantedAuthority> grantedAuths = new ArrayList<>();
        grantedAuths.add(new SimpleGrantedAuthority("ROLE_USER"));
        Authentication auth = new RestAuthenticationToken(name,password,grantedAuths,token)
        return auth
    }
    boolean supports(Class<?> authentication) {
        return true
    }
}

This is code of my resources.groovy:

beans = {
    myAuthenticationProvider(MyAuthenticationProvider){
    }
  securityContextRepository(org.springframework.security.web.context.NullSecurityContextRepository)
}

and part of Config.groovy:

grails.plugin.springsecurity.providerNames = ['myAuthenticationProvider']

If i commited some dump misstake - I apologize for it.

Thank You in advance, Regards, Mariusz Kuligowski

[alvarosanchez]

The problem with your authenticate() method is that the Authentication object you are returning (an instance of RestAuthenticationToken) has authenticated = false.

You have to use the following constructor:

RestAuthenticationToken(Object principal, Object credentials, Collection<? extends GrantedAuthority> authorities, String tokenValue)

[ghost]

Thanks for the reply. I updated my previous post. Now I am using this constructor and still have: Status Code: 403 Forbidden

[alvarosanchez]

Enable debug as specified in the documentation and paste here the full output, please.

[ghost]

2014-11-26 11:28:22,808 [http-bio-8080-exec-4] DEBUG matcher.AntPathRequestMatch
er  - Request '/api/login' matched by universal pattern '/**'
2014-11-26 11:28:22,812 [http-bio-8080-exec-4] DEBUG web.FilterChainProxy  - /ap
i/login at position 1 of 9 in additional filter chain; firing Filter: 'RestLogou
tFilter'
2014-11-26 11:28:22,834 [http-bio-8080-exec-4] DEBUG web.FilterChainProxy  - /ap
i/login at position 2 of 9 in additional filter chain; firing Filter: 'MutableLo
goutFilter'
2014-11-26 11:28:22,834 [http-bio-8080-exec-4] DEBUG web.FilterChainProxy  - /ap
i/login at position 3 of 9 in additional filter chain; firing Filter: 'RestAuthe
nticationFilter'
2014-11-26 11:28:22,834 [http-bio-8080-exec-4] DEBUG rest.RestAuthenticationFilt
er  - Actual URI is /api/login; endpoint URL is /api/login
2014-11-26 11:28:22,835 [http-bio-8080-exec-4] DEBUG rest.RestAuthenticationFilt
er  - Applying authentication filter to this request
2014-11-26 11:28:22,919 [http-bio-8080-exec-4] DEBUG credentials.DefaultJsonPayl
oadCredentialsExtractor  - Extracted credentials from JSON payload. Username: te
st, password: [PROTECTED]
2014-11-26 11:28:22,942 [http-bio-8080-exec-4] DEBUG rest.RestAuthenticationFilt
er  - Trying to authenticate the request
2014-11-26 11:28:22,945 [http-bio-8080-exec-4] DEBUG authentication.ProviderMana
ger  - Authentication attempt using xxfideltronik.com.MyAuthenticationProvider
Servlet.service() for servlet [default] in context with path [/shark] threw exce
ption
org.codehaus.groovy.runtime.typehandling.GroovyCastException: Cannot cast object
 'org.springframework.security.authentication.UsernamePasswordAuthenticationToke
n@ab00af89: Principal: test; Credentials: [PROTECTED]; Authenticated: false; Det
ails: org.springframework.security.web.authentication.WebAuthenticationDetails@b
364: RemoteIpAddress: 0:0:0:0:0:0:0:1; SessionId: null; Not granted any authorit
ies' with class 'org.springframework.security.authentication.UsernamePasswordAut
henticationToken' to class 'com.odobo.grails.plugin.springsecurity.rest.RestAuth
enticationToken'
        at org.codehaus.groovy.runtime.typehandling.DefaultTypeTransformation.co
ntinueCastOnSAM(DefaultTypeTransformation.java:392)
        at org.codehaus.groovy.runtime.typehandling.DefaultTypeTransformation.co
ntinueCastOnNumber(DefaultTypeTransformation.java:306)
        at org.codehaus.groovy.runtime.typehandling.DefaultTypeTransformation.ca
stToType(DefaultTypeTransformation.java:227)
        at org.codehaus.groovy.runtime.ScriptBytecodeAdapter.castToType(ScriptBy
tecodeAdapter.java:599)
        at xxfideltronik.com.MyAuthenticationProvider.authenticate(MyAuthenticat
ionProvider.groovy:30)
        at org.springframework.security.authentication.ProviderManager.authentic
ate(ProviderManager.java:156)
        at org.springframework.security.authentication.AuthenticationManager$aut
henticate.call(Unknown Source)
        at org.codehaus.groovy.runtime.callsite.CallSiteArray.defaultCall(CallSi
teArray.java:45)
        at org.codehaus.groovy.runtime.callsite.AbstractCallSite.call(AbstractCa
llSite.java:108)
        at org.codehaus.groovy.runtime.callsite.AbstractCallSite.call(AbstractCa
llSite.java:116)
        at com.odobo.grails.plugin.springsecurity.rest.RestAuthenticationFilter.
doFilter(RestAuthenticationFilter.groovy:84)
        at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.
doFilter(FilterChainProxy.java:342)
        at grails.plugin.springsecurity.web.authentication.logout.MutableLogoutF
ilter.doFilter(MutableLogoutFilter.java:82)
        at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.
doFilter(FilterChainProxy.java:342)
        at javax.servlet.FilterChain$doFilter.call(Unknown Source)
        at org.codehaus.groovy.runtime.callsite.CallSiteArray.defaultCall(CallSi
teArray.java:45)
        at org.codehaus.groovy.runtime.callsite.AbstractCallSite.call(AbstractCa
llSite.java:108)
        at org.codehaus.groovy.runtime.callsite.AbstractCallSite.call(AbstractCa
llSite.java:120)
        at com.odobo.grails.plugin.springsecurity.rest.RestLogoutFilter.doFilter
(RestLogoutFilter.groovy:63)
        at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.
doFilter(FilterChainProxy.java:342)
        at org.springframework.security.web.FilterChainProxy.doFilterInternal(Fi
lterChainProxy.java:192)
        at org.springframework.security.web.FilterChainProxy.doFilter(FilterChai
nProxy.java:160)
        at org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(D
elegatingFilterProxy.java:344)
        at org.springframework.web.filter.DelegatingFilterProxy.doFilter(Delegat
ingFilterProxy.java:261)
        at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(Appl
icationFilterChain.java:241)
        at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationF
ilterChain.java:208)
        at org.codehaus.groovy.grails.web.servlet.mvc.GrailsWebRequestFilter.doF
ilterInternal(GrailsWebRequestFilter.java:69)
        at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerR
equestFilter.java:107)
        at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(Appl
icationFilterChain.java:241)
        at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationF
ilterChain.java:208)
        at org.codehaus.groovy.grails.web.filters.HiddenHttpMethodFilter.doFilte
rInternal(HiddenHttpMethodFilter.java:67)
        at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerR
equestFilter.java:107)
        at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(Appl
icationFilterChain.java:241)
        at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationF
ilterChain.java:208)
        at com.brandseye.cors.CorsFilter.doFilter(CorsFilter.java:82)
        at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(Appl
icationFilterChain.java:241)
        at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationF
ilterChain.java:208)
        at org.springframework.web.filter.CharacterEncodingFilter.doFilterIntern
al(CharacterEncodingFilter.java:88)
        at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerR
equestFilter.java:107)
        at org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(D
elegatingFilterProxy.java:344)
        at org.springframework.web.filter.DelegatingFilterProxy.doFilter(Delegat
ingFilterProxy.java:261)
        at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(Appl
icationFilterChain.java:241)
        at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationF
ilterChain.java:208)
        at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperV
alve.java:220)
        at org.apache.catalina.core.StandardContextValve.invoke(StandardContextV
alve.java:122)
        at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.j
ava:170)
        at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.j
ava:98)
        at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineVal
ve.java:116)
        at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.jav
a:408)
        at org.apache.coyote.http11.AbstractHttp11Processor.process(AbstractHttp
11Processor.java:1040)
        at org.apache.coyote.AbstractProtocol$AbstractConnectionHandler.process(
AbstractProtocol.java:607)
        at org.apache.tomcat.util.net.JIoEndpoint$SocketProcessor.run(JIoEndpoin
t.java:313)
        at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.
java:1145)
        at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor
.java:615)
        at java.lang.Thread.run(Thread.java:745)
2014-11-26 11:28:23,080 [http-bio-8080-exec-4] DEBUG matcher.AntPathRequestMatch
er  - Request '/grails-errorhandler' matched by universal pattern '/**'
2014-11-26 11:28:23,081 [http-bio-8080-exec-4] DEBUG web.FilterChainProxy  - /gr
ails-errorhandler at position 1 of 9 in additional filter chain; firing Filter:
'RestLogoutFilter'
2014-11-26 11:28:23,081 [http-bio-8080-exec-4] DEBUG web.FilterChainProxy  - /gr
ails-errorhandler at position 2 of 9 in additional filter chain; firing Filter:
'MutableLogoutFilter'
2014-11-26 11:28:23,081 [http-bio-8080-exec-4] DEBUG web.FilterChainProxy  - /gr
ails-errorhandler at position 3 of 9 in additional filter chain; firing Filter:
'RestAuthenticationFilter'
2014-11-26 11:28:23,082 [http-bio-8080-exec-4] DEBUG rest.RestAuthenticationFilt
er  - Actual URI is /grails-errorhandler; endpoint URL is /api/login
2014-11-26 11:28:23,083 [http-bio-8080-exec-4] DEBUG web.FilterChainProxy  - /gr
ails-errorhandler at position 4 of 9 in additional filter chain; firing Filter:
'SecurityContextHolderAwareRequestFilter'
2014-11-26 11:28:23,087 [http-bio-8080-exec-4] DEBUG web.FilterChainProxy  - /gr
ails-errorhandler at position 5 of 9 in additional filter chain; firing Filter:
'GrailsRememberMeAuthenticationFilter'
2014-11-26 11:28:23,087 [http-bio-8080-exec-4] DEBUG web.FilterChainProxy  - /gr
ails-errorhandler at position 6 of 9 in additional filter chain; firing Filter:
'GrailsAnonymousAuthenticationFilter'
2014-11-26 11:28:23,090 [http-bio-8080-exec-4] DEBUG web.FilterChainProxy  - /gr
ails-errorhandler at position 7 of 9 in additional filter chain; firing Filter:
'RestTokenValidationFilter'
2014-11-26 11:28:23,110 [http-bio-8080-exec-4] DEBUG rest.RestTokenValidationFil
ter  - Token not found
2014-11-26 11:28:23,113 [http-bio-8080-exec-4] DEBUG rest.RestTokenValidationFil
ter  - Request does not contain any token. Letting it continue through the filte
r chain
2014-11-26 11:28:23,113 [http-bio-8080-exec-4] DEBUG web.FilterChainProxy  - /gr
ails-errorhandler at position 8 of 9 in additional filter chain; firing Filter:
'ExceptionTranslationFilter'
2014-11-26 11:28:23,113 [http-bio-8080-exec-4] DEBUG web.FilterChainProxy  - /gr
ails-errorhandler at position 9 of 9 in additional filter chain; firing Filter:
'FilterSecurityInterceptor'
2014-11-26 11:28:23,116 [http-bio-8080-exec-4] DEBUG intercept.FilterSecurityInt
erceptor  - Secure object: FilterInvocation: URL: /grails-errorhandler; Attribut
es: [isFullyAuthenticated()]
2014-11-26 11:28:23,117 [http-bio-8080-exec-4] DEBUG intercept.FilterSecurityInt
erceptor  - Previously Authenticated: grails.plugin.springsecurity.authenticatio
n.GrailsAnonymousAuthenticationToken@dc41564: Principal: org.springframework.sec
urity.core.userdetails.User@dc730200: Username: __grails.anonymous.user__; Passw
ord: [PROTECTED]; Enabled: false; AccountNonExpired: false; credentialsNonExpire
d: false; AccountNonLocked: false; Granted Authorities: ROLE_ANONYMOUS; Credenti
als: [PROTECTED]; Authenticated: true; Details: org.springframework.security.web
.authentication.WebAuthenticationDetails@b364: RemoteIpAddress: 0:0:0:0:0:0:0:1;
 SessionId: null; Granted Authorities: ROLE_ANONYMOUS
2014-11-26 11:28:23,119 [http-bio-8080-exec-4] DEBUG hierarchicalroles.RoleHiera
rchyImpl  - getReachableGrantedAuthorities() - From the roles [ROLE_ANONYMOUS] o
ne can reach [ROLE_ANONYMOUS] in zero or more steps.
2014-11-26 11:28:23,247 [http-bio-8080-exec-4] DEBUG access.ExceptionTranslation
Filter  - Access is denied (user is anonymous); redirecting to authentication en
try point
org.springframework.security.access.AccessDeniedException: Access is denied
        at grails.plugin.springsecurity.access.vote.AuthenticatedVetoableDecisio
nManager.deny(AuthenticatedVetoableDecisionManager.java:113)
        at grails.plugin.springsecurity.access.vote.AuthenticatedVetoableDecisio
nManager.checkOtherVoters(AuthenticatedVetoableDecisionManager.java:105)
        at grails.plugin.springsecurity.access.vote.AuthenticatedVetoableDecisio
nManager.decide(AuthenticatedVetoableDecisionManager.java:44)
        at com.odobo.grails.plugin.springsecurity.rest.RestTokenValidationFilter
.processFilterChain(RestTokenValidationFilter.groovy:108)
        at com.odobo.grails.plugin.springsecurity.rest.RestTokenValidationFilter
.doFilter(RestTokenValidationFilter.groovy:77)
        at grails.plugin.springsecurity.web.filter.GrailsAnonymousAuthentication
Filter.doFilter(GrailsAnonymousAuthenticationFilter.java:53)
        at com.odobo.grails.plugin.springsecurity.rest.RestAuthenticationFilter.
doFilter(RestAuthenticationFilter.groovy:122)
        at grails.plugin.springsecurity.web.authentication.logout.MutableLogoutF
ilter.doFilter(MutableLogoutFilter.java:82)
        at com.odobo.grails.plugin.springsecurity.rest.RestLogoutFilter.doFilter
(RestLogoutFilter.groovy:63)
        at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.
java:1145)
        at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor
.java:615)
        at java.lang.Thread.run(Thread.java:745)
2014-11-26 11:28:23,248 [http-bio-8080-exec-4] DEBUG access.ExceptionTranslation
Filter  - Calling Authentication entry point.
2014-11-26 11:28:23,248 [http-bio-8080-exec-4] DEBUG authentication.Http403Forbi
ddenEntryPoint  - Pre-authenticated entry point called. Rejecting access

[alvarosanchez]

Is a cast exception! You can't simply do RestAuthenticationToken authenticationRequest = authentication.

[ghost]

Okay, sorry for that and thank You for your patience. I fixed this misstake and there is new log:

my new authenticate method: Authentication authenticate(Authentication authentication) throws AuthenticationException {

    String name = "test"
    String password = "test123"
    String token = "a8b3h5j2a8b3h5j2a8b3h5j2a8b3h5j2"
    List<GrantedAuthority> grantedAuths = new ArrayList<>();
    grantedAuths.add(new SimpleGrantedAuthority("ROLE_USER"));
    Authentication auth = new RestAuthenticationToken(name,password,grantedAuths,token)
    return auth
}

2014-11-26 12:07:30,617 [http-bio-8080-exec-4] DEBUG matcher.AntPathRequestMatch er - Request '/api/login' matched by universal pattern '/' 2014-11-26 12:07:30,629 [http-bio-8080-exec-4] DEBUG web.FilterChainProxy - /ap i/login at position 1 of 9 in additional filter chain; firing Filter: 'RestLogou tFilter' 2014-11-26 12:07:30,673 [http-bio-8080-exec-4] DEBUG web.FilterChainProxy - /ap i/login at position 2 of 9 in additional filter chain; firing Filter: 'MutableLo goutFilter' 2014-11-26 12:07:30,674 [http-bio-8080-exec-4] DEBUG web.FilterChainProxy - /ap i/login at position 3 of 9 in additional filter chain; firing Filter: 'RestAuthe nticationFilter' 2014-11-26 12:07:30,675 [http-bio-8080-exec-4] DEBUG rest.RestAuthenticationFilt er - Actual URI is /api/login; endpoint URL is /api/login 2014-11-26 12:07:30,675 [http-bio-8080-exec-4] DEBUG rest.RestAuthenticationFilt er - Applying authentication filter to this request 2014-11-26 12:07:30,750 [http-bio-8080-exec-4] DEBUG credentials.DefaultJsonPayl oadCredentialsExtractor - Extracted credentials from JSON payload. Username: te st, password: [PROTECTED] 2014-11-26 12:07:30,767 [http-bio-8080-exec-4] DEBUG rest.RestAuthenticationFilt er - Trying to authenticate the request 2014-11-26 12:07:30,768 [http-bio-8080-exec-4] DEBUG authentication.ProviderMana ger - Authentication attempt using xxfideltronik.com.MyAuthenticationProvider 2014-11-26 12:07:30,778 [http-bio-8080-exec-4] DEBUG rest.RestAuthenticationFilt er - Request authenticated. Storing the authentication result in the security c ontext 2014-11-26 12:07:30,779 [http-bio-8080-exec-4] DEBUG rest.RestAuthenticationFilt er - Authentication result: com.odobo.grails.plugin.springsecurity.rest.RestAut henticationToken@442bf5c6: Principal: test; Credentials: [PROTECTED]; Authentica ted: true; Details: org.springframework.security.web.authentication.WebAuthentic ationDetails@b364: RemoteIpAddress: 0:0:0:0:0:0:0:1; SessionId: null; Granted Au thorities: ROLE_USER 2014-11-26 12:07:30,863 [http-bio-8080-exec-4] DEBUG rest.RestAuthenticationFilt er - Generated token: cg76gr1**1g13mbav Servlet.service() for servlet [default] in context with path [/shark] threw exce ption groovy.lang.MissingPropertyException: No such property: username for class: java .lang.String at org.codehaus.groovy.runtime.ScriptBytecodeAdapter.unwrap(ScriptByteco deAdapter.java:50) at org.codehaus.groovy.runtime.callsite.PojoMetaClassGetPropertySite.get Property(PojoMetaClassGetPropertySite.java:35) at org.codehaus.groovy.runtime.callsite.AbstractCallSite.callGetProperty (AbstractCallSite.java:227) at com.odobo.grails.plugin.springsecurity.rest.token.storage.GormTokenSt orageService$_storeToken_closure1.doCall(GormTokenStorageService.groovy:49) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl. java:57) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAcces sorImpl.java:43) at java.lang.reflect.Method.invoke(Method.java:606) at org.codehaus.groovy.reflection.CachedMethod.invoke(CachedMethod.java: 90) at groovy.lang.MetaMethod.doMethodInvoke(MetaMethod.java:233) at groovy.lang.MetaClassImpl.invokeMethod(MetaClassImpl.java:1085) at groovy.lang.ExpandoMetaClass.invokeMethod(ExpandoMetaClass.java:1110)

    at groovy.lang.MetaClassImpl.invokeMethod(MetaClassImpl.java:909)
    at groovy.lang.Closure.call(Closure.java:423)
    at groovy.lang.Closure.call(Closure.java:439)
    at org.codehaus.groovy.grails.orm.support.GrailsTransactionTemplate$2.do

InTransaction(GrailsTransactionTemplate.groovy:88) at org.springframework.transaction.support.TransactionTemplate.execute(T ransactionTemplate.java:133) at org.codehaus.groovy.grails.orm.support.GrailsTransactionTemplate.exec ute(GrailsTransactionTemplate.groovy:85) at org.grails.datastore.gorm.GormStaticApi.withTransaction(GormStaticApi .groovy:814) at org.grails.datastore.gorm.GormStaticApi.withTransaction(GormStaticApi .groovy:714) at shark.AuthenticationToken.withTransaction(AuthenticationToken.groovy)

    at shark.AuthenticationToken$withTransaction.call(Unknown Source)
    at org.codehaus.groovy.runtime.callsite.CallSiteArray.defaultCall(CallSi

teArray.java:45) at org.codehaus.groovy.runtime.callsite.AbstractCallSite.call(AbstractCa llSite.java:108) at org.codehaus.groovy.runtime.callsite.AbstractCallSite.call(AbstractCa llSite.java:116) at com.odobo.grails.plugin.springsecurity.rest.token.storage.GormTokenSt orageService.storeToken(GormTokenStorageService.groovy:48) at com.odobo.grails.plugin.springsecurity.rest.token.storage.TokenStorag eService$storeToken.call(Unknown Source) at org.codehaus.groovy.runtime.callsite.CallSiteArray.defaultCall(CallSi teArray.java:45) at org.codehaus.groovy.runtime.callsite.AbstractCallSite.call(AbstractCa llSite.java:108) at org.codehaus.groovy.runtime.callsite.AbstractCallSite.call(AbstractCa llSite.java:120) at com.odobo.grails.plugin.springsecurity.rest.RestAuthenticationFilter. doFilter(RestAuthenticationFilter.groovy:113) at org.springframework.security.web.FilterChainProxy$VirtualFilterChain. doFilter(FilterChainProxy.java:342) at grails.plugin.springsecurity.web.authentication.logout.MutableLogoutF ilter.doFilter(MutableLogoutFilter.java:82) at org.springframework.security.web.FilterChainProxy$VirtualFilterChain. doFilter(FilterChainProxy.java:342) at javax.servlet.FilterChain$doFilter.call(Unknown Source) at org.codehaus.groovy.runtime.callsite.CallSiteArray.defaultCall(CallSi teArray.java:45) at org.codehaus.groovy.runtime.callsite.AbstractCallSite.call(AbstractCa llSite.java:108) at org.codehaus.groovy.runtime.callsite.AbstractCallSite.call(AbstractCa llSite.java:120) at com.odobo.grails.plugin.springsecurity.rest.RestLogoutFilter.doFilter (RestLogoutFilter.groovy:63) at org.springframework.security.web.FilterChainProxy$VirtualFilterChain. doFilter(FilterChainProxy.java:342) at org.springframework.security.web.FilterChainProxy.doFilterInternal(Fi lterChainProxy.java:192) at org.springframework.security.web.FilterChainProxy.doFilter(FilterChai nProxy.java:160) at org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(D elegatingFilterProxy.java:344) at org.springframework.web.filter.DelegatingFilterProxy.doFilter(Delegat ingFilterProxy.java:261) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(Appl icationFilterChain.java:241) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationF ilterChain.java:208) at org.codehaus.groovy.grails.web.servlet.mvc.GrailsWebRequestFilter.doF ilterInternal(GrailsWebRequestFilter.java:69) at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerR equestFilter.java:107) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(Appl icationFilterChain.java:241) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationF ilterChain.java:208) at org.codehaus.groovy.grails.web.filters.HiddenHttpMethodFilter.doFilte rInternal(HiddenHttpMethodFilter.java:67) at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerR equestFilter.java:107) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(Appl icationFilterChain.java:241) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationF ilterChain.java:208) at com.brandseye.cors.CorsFilter.doFilter(CorsFilter.java:82) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(Appl icationFilterChain.java:241) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationF ilterChain.java:208) at org.springframework.web.filter.CharacterEncodingFilter.doFilterIntern al(CharacterEncodingFilter.java:88) at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerR equestFilter.java:107) at org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(D elegatingFilterProxy.java:344) at org.springframework.web.filter.DelegatingFilterProxy.doFilter(Delegat ingFilterProxy.java:261) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(Appl icationFilterChain.java:241) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationF ilterChain.java:208) at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperV alve.java:220) at org.apache.catalina.core.StandardContextValve.invoke(StandardContextV alve.java:122) at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.j ava:170) at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.j ava:98) at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineVal ve.java:116) at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.jav a:408) at org.apache.coyote.http11.AbstractHttp11Processor.process(AbstractHttp 11Processor.java:1040) at org.apache.coyote.AbstractProtocol$AbstractConnectionHandler.process( AbstractProtocol.java:607) at org.apache.tomcat.util.net.JIoEndpoint$SocketProcessor.run(JIoEndpoin t.java:313) at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor. java:1145) at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor .java:615) at java.lang.Thread.run(Thread.java:745) 2014-11-26 12:07:31,092 [http-bio-8080-exec-4] DEBUG matcher.AntPathRequestMatch er - Request '/grails-errorhandler' matched by universal pattern '/' 2014-11-26 12:07:31,092 [http-bio-8080-exec-4] DEBUG web.FilterChainProxy - /gr ails-errorhandler at position 1 of 9 in additional filter chain; firing Filter: 'RestLogoutFilter' 2014-11-26 12:07:31,093 [http-bio-8080-exec-4] DEBUG web.FilterChainProxy - /gr ails-errorhandler at position 2 of 9 in additional filter chain; firing Filter: 'MutableLogoutFilter' 2014-11-26 12:07:31,093 [http-bio-8080-exec-4] DEBUG web.FilterChainProxy - /gr ails-errorhandler at position 3 of 9 in additional filter chain; firing Filter: 'RestAuthenticationFilter' 2014-11-26 12:07:31,093 [http-bio-8080-exec-4] DEBUG rest.RestAuthenticationFilt er - Actual URI is /grails-errorhandler; endpoint URL is /api/login 2014-11-26 12:07:31,095 [http-bio-8080-exec-4] DEBUG web.FilterChainProxy - /gr ails-errorhandler at position 4 of 9 in additional filter chain; firing Filter: 'SecurityContextHolderAwareRequestFilter' 2014-11-26 12:07:31,103 [http-bio-8080-exec-4] DEBUG web.FilterChainProxy - /gr ails-errorhandler at position 5 of 9 in additional filter chain; firing Filter: 'GrailsRememberMeAuthenticationFilter' 2014-11-26 12:07:31,103 [http-bio-8080-exec-4] DEBUG web.FilterChainProxy - /gr ails-errorhandler at position 6 of 9 in additional filter chain; firing Filter: 'GrailsAnonymousAuthenticationFilter' 2014-11-26 12:07:31,107 [http-bio-8080-exec-4] DEBUG web.FilterChainProxy - /gr ails-errorhandler at position 7 of 9 in additional filter chain; firing Filter: 'RestTokenValidationFilter' 2014-11-26 12:07:31,134 [http-bio-8080-exec-4] DEBUG rest.RestTokenValidationFil ter - Token not found 2014-11-26 12:07:31,137 [http-bio-8080-exec-4] DEBUG rest.RestTokenValidationFil ter - Request does not contain any token. Letting it continue through the filte r chain 2014-11-26 12:07:31,137 [http-bio-8080-exec-4] DEBUG web.FilterChainProxy - /gr ails-errorhandler at position 8 of 9 in additional filter chain; firing Filter: 'ExceptionTranslationFilter' 2014-11-26 12:07:31,137 [http-bio-8080-exec-4] DEBUG web.FilterChainProxy - /gr ails-errorhandler at position 9 of 9 in additional filter chain; firing Filter: 'FilterSecurityInterceptor' 2014-11-26 12:07:31,139 [http-bio-8080-exec-4] DEBUG intercept.FilterSecurityInt erceptor - Secure object: FilterInvocation: URL: /grails-errorhandler; Attribut es: [isFullyAuthenticated()] 2014-11-26 12:07:31,140 [http-bio-8080-exec-4] DEBUG intercept.FilterSecurityInt erceptor - Previously Authenticated: grails.plugin.springsecurity.authenticatio n.GrailsAnonymousAuthenticationToken@dc41564: Principal: org.springframework.sec urity.core.userdetails.User@dc730200: Username: grails.anonymous.user**; Passw ord: [PROTECTED]; Enabled: false; AccountNonExpired: false; credentialsNonExpire d: false; AccountNonLocked: false; Granted Authorities: ROLE_ANONYMOUS; Credenti als: [PROTECTED]; Authenticated: true; Details: org.springframework.security.web .authentication.WebAuthenticationDetails@b364: RemoteIpAddress: 0:0:0:0:0:0:0:1; SessionId: null; Granted Authorities: ROLE_ANONYMOUS 2014-11-26 12:07:31,140 [http-bio-8080-exec-4] DEBUG hierarchicalroles.RoleHiera rchyImpl - getReachableGrantedAuthorities() - From the roles [ROLE_ANONYMOUS] o ne can reach [ROLE_ANONYMOUS] in zero or more steps. 2014-11-26 12:07:31,239 [http-bio-8080-exec-4] DEBUG access.ExceptionTranslation Filter - Access is denied (user is anonymous); redirecting to authentication en try point org.springframework.security.access.AccessDeniedException: Access is denied at grails.plugin.springsecurity.access.vote.AuthenticatedVetoableDecisio nManager.deny(AuthenticatedVetoableDecisionManager.java:113) at grails.plugin.springsecurity.access.vote.AuthenticatedVetoableDecisio nManager.checkOtherVoters(AuthenticatedVetoableDecisionManager.java:105) at grails.plugin.springsecurity.access.vote.AuthenticatedVetoableDecisio nManager.decide(AuthenticatedVetoableDecisionManager.java:44) at com.odobo.grails.plugin.springsecurity.rest.RestTokenValidationFilter .processFilterChain(RestTokenValidationFilter.groovy:108) at com.odobo.grails.plugin.springsecurity.rest.RestTokenValidationFilter .doFilter(RestTokenValidationFilter.groovy:77) at grails.plugin.springsecurity.web.filter.GrailsAnonymousAuthentication Filter.doFilter(GrailsAnonymousAuthenticationFilter.java:53) at com.odobo.grails.plugin.springsecurity.rest.RestAuthenticationFilter. doFilter(RestAuthenticationFilter.groovy:122) at grails.plugin.springsecurity.web.authentication.logout.MutableLogoutF ilter.doFilter(MutableLogoutFilter.java:82) at com.odobo.grails.plugin.springsecurity.rest.RestLogoutFilter.doFilter (RestLogoutFilter.groovy:63) at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor. java:1145) at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor .java:615) at java.lang.Thread.run(Thread.java:745) 2014-11-26 12:07:31,242 [http-bio-8080-exec-4] DEBUG access.ExceptionTranslation Filter - Calling Authentication entry point. 2014-11-26 12:07:31,243 [http-bio-8080-exec-4] DEBUG authentication.Http403Forbi ddenEntryPoint - Pre-authenticated entry point called. Rejecting access

[alvarosanchez]

The principal object can't be a String. Actually, it doesn't make any sense to create them from scratch them. The authenticate() method already receives a proper principal, token, etc.

Better do this:

    Authentication authenticate(Authentication authentication) throws AuthenticationException {
        List<GrantedAuthority> grantedAuths = [new SimpleGrantedAuthority("ROLE_USER")]
        String token = "a8b3h5j2a8b3h5j2a8b3h5j2a8b3h5j2"
        return new RestAuthenticationToken(authentication.principal, authentication.credentials, grantedAuths, token)
    }

[ghost]

Thanks for your reply. I repleced authenticate method but i still have this strange error with username.

I am pasting log once again:

|Server running. Browse to http://localhost:8080/shark | Server running. Browse to http://localhost:8080/shark 2014-11-26 15:15:51,899 [http-bio-8080-exec-4] DEBUG matcher.AntPathRequestMatch er - Request '/api/login' matched by universal pattern '/' 2014-11-26 15:15:51,902 [http-bio-8080-exec-4] DEBUG web.FilterChainProxy - /ap i/login at position 1 of 9 in additional filter chain; firing Filter: 'RestLogou tFilter' 2014-11-26 15:15:51,944 [http-bio-8080-exec-4] DEBUG web.FilterChainProxy - /ap i/login at position 2 of 9 in additional filter chain; firing Filter: 'MutableLo goutFilter' 2014-11-26 15:15:51,944 [http-bio-8080-exec-4] DEBUG web.FilterChainProxy - /ap i/login at position 3 of 9 in additional filter chain; firing Filter: 'RestAuthe nticationFilter' 2014-11-26 15:15:51,945 [http-bio-8080-exec-4] DEBUG rest.RestAuthenticationFilt er - Actual URI is /api/login; endpoint URL is /api/login 2014-11-26 15:15:51,945 [http-bio-8080-exec-4] DEBUG rest.RestAuthenticationFilt er - Applying authentication filter to this request 2014-11-26 15:15:52,008 [http-bio-8080-exec-4] DEBUG credentials.DefaultJsonPayl oadCredentialsExtractor - Extracted credentials from JSON payload. Username: ma rian, password: [PROTECTED] 2014-11-26 15:15:52,021 [http-bio-8080-exec-4] DEBUG rest.RestAuthenticationFilt er - Trying to authenticate the request 2014-11-26 15:15:52,023 [http-bio-8080-exec-4] DEBUG authentication.ProviderMana ger - Authentication attempt using xxfideltronik.com.MyAuthenticationProvider 2014-11-26 15:15:52,035 [http-bio-8080-exec-4] DEBUG rest.RestAuthenticationFilt er - Request authenticated. Storing the authentication result in the security c ontext 2014-11-26 15:15:52,035 [http-bio-8080-exec-4] DEBUG rest.RestAuthenticationFilt er - Authentication result: com.odobo.grails.plugin.springsecurity.rest.RestAut henticationToken@fb913d6c: Principal: marian; Credentials: [PROTECTED]; Authenti cated: true; Details: org.springframework.security.web.authentication.WebAuthent icationDetails@b364: RemoteIpAddress: 0:0:0:0:0:0:0:1; SessionId: null; Granted Authorities: ROLE_USER 2014-11-26 15:15:52,077 [http-bio-8080-exec-4] DEBUG rest.RestAuthenticationFilt er - Generated token: 56o07nj**100t3bgv Servlet.service() for servlet [default] in context with path [/shark] threw exce ption groovy.lang.MissingPropertyException: No such property: username for class: java .lang.String at org.codehaus.groovy.runtime.ScriptBytecodeAdapter.unwrap(ScriptByteco deAdapter.java:50) at org.codehaus.groovy.runtime.callsite.PojoMetaClassGetPropertySite.get Property(PojoMetaClassGetPropertySite.java:35) at org.codehaus.groovy.runtime.callsite.AbstractCallSite.callGetProperty (AbstractCallSite.java:227) at com.odobo.grails.plugin.springsecurity.rest.token.storage.GormTokenSt orageService$_storeToken_closure1.doCall(GormTokenStorageService.groovy:49) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl. java:57) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAcces sorImpl.java:43) at java.lang.reflect.Method.invoke(Method.java:606) at org.codehaus.groovy.reflection.CachedMethod.invoke(CachedMethod.java: 90) at groovy.lang.MetaMethod.doMethodInvoke(MetaMethod.java:233) at groovy.lang.MetaClassImpl.invokeMethod(MetaClassImpl.java:1085) at groovy.lang.ExpandoMetaClass.invokeMethod(ExpandoMetaClass.java:1110)

    at groovy.lang.MetaClassImpl.invokeMethod(MetaClassImpl.java:909)
    at groovy.lang.Closure.call(Closure.java:423)
    at groovy.lang.Closure.call(Closure.java:439)
    at org.codehaus.groovy.grails.orm.support.GrailsTransactionTemplate$2.do

InTransaction(GrailsTransactionTemplate.groovy:88) at org.springframework.transaction.support.TransactionTemplate.execute(T ransactionTemplate.java:133) at org.codehaus.groovy.grails.orm.support.GrailsTransactionTemplate.exec ute(GrailsTransactionTemplate.groovy:85) at org.grails.datastore.gorm.GormStaticApi.withTransaction(GormStaticApi .groovy:814) at org.grails.datastore.gorm.GormStaticApi.withTransaction(GormStaticApi .groovy:714) at shark.AuthenticationToken.withTransaction(AuthenticationToken.groovy)

    at shark.AuthenticationToken$withTransaction.call(Unknown Source)
    at org.codehaus.groovy.runtime.callsite.CallSiteArray.defaultCall(CallSi

teArray.java:45) at org.codehaus.groovy.runtime.callsite.AbstractCallSite.call(AbstractCa llSite.java:108) at org.codehaus.groovy.runtime.callsite.AbstractCallSite.call(AbstractCa llSite.java:116) at com.odobo.grails.plugin.springsecurity.rest.token.storage.GormTokenSt orageService.storeToken(GormTokenStorageService.groovy:48) at com.odobo.grails.plugin.springsecurity.rest.token.storage.TokenStorag eService$storeToken.call(Unknown Source) at org.codehaus.groovy.runtime.callsite.CallSiteArray.defaultCall(CallSi teArray.java:45) at org.codehaus.groovy.runtime.callsite.AbstractCallSite.call(AbstractCa llSite.java:108) at org.codehaus.groovy.runtime.callsite.AbstractCallSite.call(AbstractCa llSite.java:120) at com.odobo.grails.plugin.springsecurity.rest.RestAuthenticationFilter. doFilter(RestAuthenticationFilter.groovy:113) at org.springframework.security.web.FilterChainProxy$VirtualFilterChain. doFilter(FilterChainProxy.java:342) at grails.plugin.springsecurity.web.authentication.logout.MutableLogoutF ilter.doFilter(MutableLogoutFilter.java:82) at org.springframework.security.web.FilterChainProxy$VirtualFilterChain. doFilter(FilterChainProxy.java:342) at javax.servlet.FilterChain$doFilter.call(Unknown Source) at org.codehaus.groovy.runtime.callsite.CallSiteArray.defaultCall(CallSi teArray.java:45) at org.codehaus.groovy.runtime.callsite.AbstractCallSite.call(AbstractCa llSite.java:108) at org.codehaus.groovy.runtime.callsite.AbstractCallSite.call(AbstractCa llSite.java:120) at com.odobo.grails.plugin.springsecurity.rest.RestLogoutFilter.doFilter (RestLogoutFilter.groovy:63) at org.springframework.security.web.FilterChainProxy$VirtualFilterChain. doFilter(FilterChainProxy.java:342) at org.springframework.security.web.FilterChainProxy.doFilterInternal(Fi lterChainProxy.java:192) at org.springframework.security.web.FilterChainProxy.doFilter(FilterChai nProxy.java:160) at org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(D elegatingFilterProxy.java:344) at org.springframework.web.filter.DelegatingFilterProxy.doFilter(Delegat ingFilterProxy.java:261) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(Appl icationFilterChain.java:241) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationF ilterChain.java:208) at org.codehaus.groovy.grails.web.servlet.mvc.GrailsWebRequestFilter.doF ilterInternal(GrailsWebRequestFilter.java:69) at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerR equestFilter.java:107) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(Appl icationFilterChain.java:241) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationF ilterChain.java:208) at org.codehaus.groovy.grails.web.filters.HiddenHttpMethodFilter.doFilte rInternal(HiddenHttpMethodFilter.java:67) at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerR equestFilter.java:107) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(Appl icationFilterChain.java:241) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationF ilterChain.java:208) at com.brandseye.cors.CorsFilter.doFilter(CorsFilter.java:82) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(Appl icationFilterChain.java:241) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationF ilterChain.java:208) at org.springframework.web.filter.CharacterEncodingFilter.doFilterIntern al(CharacterEncodingFilter.java:88) at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerR equestFilter.java:107) at org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(D elegatingFilterProxy.java:344) at org.springframework.web.filter.DelegatingFilterProxy.doFilter(Delegat ingFilterProxy.java:261) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(Appl icationFilterChain.java:241) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationF ilterChain.java:208) at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperV alve.java:220) at org.apache.catalina.core.StandardContextValve.invoke(StandardContextV alve.java:122) at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.j ava:170) at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.j ava:98) at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineVal ve.java:116) at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.jav a:408) at org.apache.coyote.http11.AbstractHttp11Processor.process(AbstractHttp 11Processor.java:1040) at org.apache.coyote.AbstractProtocol$AbstractConnectionHandler.process( AbstractProtocol.java:607) at org.apache.tomcat.util.net.JIoEndpoint$SocketProcessor.run(JIoEndpoin t.java:313) at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor. java:1145) at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor .java:615) at java.lang.Thread.run(Thread.java:745) 2014-11-26 15:15:52,210 [http-bio-8080-exec-4] DEBUG matcher.AntPathRequestMatch er - Request '/grails-errorhandler' matched by universal pattern '/' 2014-11-26 15:15:52,210 [http-bio-8080-exec-4] DEBUG web.FilterChainProxy - /gr ails-errorhandler at position 1 of 9 in additional filter chain; firing Filter: 'RestLogoutFilter' 2014-11-26 15:15:52,211 [http-bio-8080-exec-4] DEBUG web.FilterChainProxy - /gr ails-errorhandler at position 2 of 9 in additional filter chain; firing Filter: 'MutableLogoutFilter' 2014-11-26 15:15:52,211 [http-bio-8080-exec-4] DEBUG web.FilterChainProxy - /gr ails-errorhandler at position 3 of 9 in additional filter chain; firing Filter: 'RestAuthenticationFilter' 2014-11-26 15:15:52,212 [http-bio-8080-exec-4] DEBUG rest.RestAuthenticationFilt er - Actual URI is /grails-errorhandler; endpoint URL is /api/login 2014-11-26 15:15:52,212 [http-bio-8080-exec-4] DEBUG web.FilterChainProxy - /gr ails-errorhandler at position 4 of 9 in additional filter chain; firing Filter: 'SecurityContextHolderAwareRequestFilter' 2014-11-26 15:15:52,217 [http-bio-8080-exec-4] DEBUG web.FilterChainProxy - /gr ails-errorhandler at position 5 of 9 in additional filter chain; firing Filter: 'GrailsRememberMeAuthenticationFilter' 2014-11-26 15:15:52,217 [http-bio-8080-exec-4] DEBUG web.FilterChainProxy - /gr ails-errorhandler at position 6 of 9 in additional filter chain; firing Filter: 'GrailsAnonymousAuthenticationFilter' 2014-11-26 15:15:52,490 [http-bio-8080-exec-4] DEBUG web.FilterChainProxy - /gr ails-errorhandler at position 7 of 9 in additional filter chain; firing Filter: 'RestTokenValidationFilter' 2014-11-26 15:15:52,519 [http-bio-8080-exec-4] DEBUG rest.RestTokenValidationFil ter - Token not found 2014-11-26 15:15:52,531 [http-bio-8080-exec-4] DEBUG rest.RestTokenValidationFil ter - Request does not contain any token. Letting it continue through the filte r chain 2014-11-26 15:15:52,531 [http-bio-8080-exec-4] DEBUG web.FilterChainProxy - /gr ails-errorhandler at position 8 of 9 in additional filter chain; firing Filter: 'ExceptionTranslationFilter' 2014-11-26 15:15:52,532 [http-bio-8080-exec-4] DEBUG web.FilterChainProxy - /gr ails-errorhandler at position 9 of 9 in additional filter chain; firing Filter: 'FilterSecurityInterceptor' 2014-11-26 15:15:52,536 [http-bio-8080-exec-4] DEBUG intercept.FilterSecurityInt erceptor - Secure object: FilterInvocation: URL: /grails-errorhandler; Attribut es: [isFullyAuthenticated()] 2014-11-26 15:15:52,539 [http-bio-8080-exec-4] DEBUG intercept.FilterSecurityInt erceptor - Previously Authenticated: grails.plugin.springsecurity.authenticatio n.GrailsAnonymousAuthenticationToken@dc41564: Principal: org.springframework.sec urity.core.userdetails.User@dc730200: Username: grails.anonymous.user**; Passw ord: [PROTECTED]; Enabled: false; AccountNonExpired: false; credentialsNonExpire d: false; AccountNonLocked: false; Granted Authorities: ROLE_ANONYMOUS; Credenti als: [PROTECTED]; Authenticated: true; Details: org.springframework.security.web .authentication.WebAuthenticationDetails@b364: RemoteIpAddress: 0:0:0:0:0:0:0:1; SessionId: null; Granted Authorities: ROLE_ANONYMOUS 2014-11-26 15:15:52,539 [http-bio-8080-exec-4] DEBUG hierarchicalroles.RoleHiera rchyImpl - getReachableGrantedAuthorities() - From the roles [ROLE_ANONYMOUS] o ne can reach [ROLE_ANONYMOUS] in zero or more steps. 2014-11-26 15:15:52,714 [http-bio-8080-exec-4] DEBUG access.ExceptionTranslation Filter - Access is denied (user is anonymous); redirecting to authentication en try point org.springframework.security.access.AccessDeniedException: Access is denied at grails.plugin.springsecurity.access.vote.AuthenticatedVetoableDecisio nManager.deny(AuthenticatedVetoableDecisionManager.java:113) at grails.plugin.springsecurity.access.vote.AuthenticatedVetoableDecisio nManager.checkOtherVoters(AuthenticatedVetoableDecisionManager.java:105) at grails.plugin.springsecurity.access.vote.AuthenticatedVetoableDecisio nManager.decide(AuthenticatedVetoableDecisionManager.java:44) at com.odobo.grails.plugin.springsecurity.rest.RestTokenValidationFilter .processFilterChain(RestTokenValidationFilter.groovy:108) at com.odobo.grails.plugin.springsecurity.rest.RestTokenValidationFilter .doFilter(RestTokenValidationFilter.groovy:77) at grails.plugin.springsecurity.web.filter.GrailsAnonymousAuthentication Filter.doFilter(GrailsAnonymousAuthenticationFilter.java:53) at com.odobo.grails.plugin.springsecurity.rest.RestAuthenticationFilter. doFilter(RestAuthenticationFilter.groovy:122) at grails.plugin.springsecurity.web.authentication.logout.MutableLogoutF ilter.doFilter(MutableLogoutFilter.java:82) at com.odobo.grails.plugin.springsecurity.rest.RestLogoutFilter.doFilter (RestLogoutFilter.groovy:63) at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor. java:1145) at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor .java:615) at java.lang.Thread.run(Thread.java:745) 2014-11-26 15:15:52,715 [http-bio-8080-exec-4] DEBUG access.ExceptionTranslation Filter - Calling Authentication entry point. 2014-11-26 15:15:52,715 [http-bio-8080-exec-4] DEBUG authentication.Http403Forbi ddenEntryPoint - Pre-authenticated entry point called. Rejecting access

[alvarosanchez]

@kulig15 you need to attach a debugger to your authentication provider to see what's happening. The issue is that the principal is still a String, and that's not possible.

Normally, principals are instances of grails.plugin.springsecurity.userdetails.GrailsUser.

Also, if you could pay a little bit attention to the formatting of the output you paste, it will be much easier to help.

[ghost]

OK, sorry for that - next time I will pay much more attention to the formatting. After many hours spent in front of my computer , I released that i went wrong. I will explain You what I want achieve via Your marvelous plugin.

Our application have architecture like this: FrontEnd - App In AngularJS, Middleware in grails and Backend in Oracle.

Usernames and Passwords are stored in oracle DB and there is only one way to validate (via API).

So all work which my app should do is:

1. Receive JSON with username & password
2. Ask Oracle DB with these data and receive true or false 3 If true generate Token and keep somewhere information about user&token 4 Do all the same that your plugin offer (I mean receive requests with header which contains X-Auth-Token)

So the question is: what shoul I customize to get this functionality?

I will paste some debug code tommorow when I will be at work.

Thanks for your support and sorry for inconvenience.

[ghost]

Here I am pasting full log from today attempts.

2014-11-27 08:59:26,604 [localhost-startStop-1] DEBUG hierarchicalroles.RoleHierarchyImpl  - setHierarchy() - The following role hierarchy was set: 
2014-11-27 08:59:26,864 [localhost-startStop-1] DEBUG intercept.FilterSecurityInterceptor  - Validated configuration attributes
2014-11-27 08:59:30,830 [localhost-startStop-1] INFO  web.DefaultSecurityFilterChain  - Creating filter chain: Ant [pattern='/**'], [org.springframework.security.web.context.SecurityContextPersistenceFilter@17de544d, com.odobo.grails.plugin.springsecurity.rest.RestLogoutFilter@5709779, grails.plugin.springsecurity.web.authentication.logout.MutableLogoutFilter@22e88bb9, grails.plugin.springsecurity.web.authentication.RequestHolderAuthenticationFilter@512d3096, com.odobo.grails.plugin.springsecurity.rest.RestAuthenticationFilter@6dd0f17c, org.springframework.security.web.servletapi.SecurityContextHolderAwareRequestFilter@309e3c37, grails.plugin.springsecurity.web.filter.GrailsRememberMeAuthenticationFilter@648357d0, grails.plugin.springsecurity.web.filter.GrailsAnonymousAuthenticationFilter@6afa4c3d, com.odobo.grails.plugin.springsecurity.rest.RestTokenValidationFilter@56a36fa9, org.springframework.security.web.access.ExceptionTranslationFilter@3f7ecaf, org.springframework.security.web.access.ExceptionTranslationFilter@9d3d732, org.springframework.security.web.access.intercept.FilterSecurityInterceptor@32d518a8]
2014-11-27 08:59:45,779 [http-bio-8080-exec-4] DEBUG matcher.AntPathRequestMatcher  - Request '/api/login' matched by universal pattern '/**'
2014-11-27 08:59:45,796 [http-bio-8080-exec-4] DEBUG web.FilterChainProxy  - /api/login at position 1 of 12 in additional filter chain; firing Filter: 'SecurityContextPersistenceFilter'
2014-11-27 08:59:45,798 [http-bio-8080-exec-4] DEBUG web.FilterChainProxy  - /api/login at position 2 of 12 in additional filter chain; firing Filter: 'RestLogoutFilter'
2014-11-27 08:59:45,851 [http-bio-8080-exec-4] DEBUG web.FilterChainProxy  - /api/login at position 3 of 12 in additional filter chain; firing Filter: 'MutableLogoutFilter'
2014-11-27 08:59:45,851 [http-bio-8080-exec-4] DEBUG web.FilterChainProxy  - /api/login at position 4 of 12 in additional filter chain; firing Filter: 'RequestHolderAuthenticationFilter'
2014-11-27 08:59:45,854 [http-bio-8080-exec-4] DEBUG web.FilterChainProxy  - /api/login at position 5 of 12 in additional filter chain; firing Filter: 'RestAuthenticationFilter'
2014-11-27 08:59:45,856 [http-bio-8080-exec-4] DEBUG rest.RestAuthenticationFilter  - Actual URI is /api/login; endpoint URL is /api/login
2014-11-27 08:59:45,858 [http-bio-8080-exec-4] DEBUG rest.RestAuthenticationFilter  - Applying authentication filter to this request
2014-11-27 08:59:45,942 [http-bio-8080-exec-4] DEBUG credentials.DefaultJsonPayloadCredentialsExtractor  - Extracted credentials from JSON payload. Username: test, password: [PROTECTED]
2014-11-27 08:59:45,961 [http-bio-8080-exec-4] DEBUG rest.RestAuthenticationFilter  - Trying to authenticate the request
2014-11-27 08:59:45,964 [http-bio-8080-exec-4] DEBUG authentication.ProviderManager  - Authentication attempt using com.foo.MyAuthenticationProvider
2014-11-27 08:59:45,976 [http-bio-8080-exec-4] DEBUG rest.RestAuthenticationFilter  - Request authenticated. Storing the authentication result in the security context
2014-11-27 08:59:45,982 [http-bio-8080-exec-4] DEBUG rest.RestAuthenticationFilter  - Authentication result: com.odobo.grails.plugin.springsecurity.rest.RestAuthenticationToken@442bf5c6: Principal: test; Credentials: [PROTECTED]; Authenticated: true; Details: org.springframework.security.web.authentication.WebAuthenticationDetails@b364: RemoteIpAddress: 0:0:0:0:0:0:0:1; SessionId: null; Granted Authorities: ROLE_USER
2014-11-27 08:59:46,045 [http-bio-8080-exec-4] DEBUG rest.RestAuthenticationFilter  - Generated token: v1fac29****************1h060818
2014-11-27 08:59:46,163 [http-bio-8080-exec-4] DEBUG context.SecurityContextPersistenceFilter  - SecurityContextHolder now cleared, as request processing completed
2014-11-27 08:59:46,246 [http-bio-8080-exec-4] DEBUG matcher.AntPathRequestMatcher  - Request '/grails-errorhandler' matched by universal pattern '/**'
2014-11-27 08:59:46,247 [http-bio-8080-exec-4] DEBUG web.FilterChainProxy  - /grails-errorhandler at position 1 of 12 in additional filter chain; firing Filter: 'SecurityContextPersistenceFilter'
2014-11-27 08:59:46,248 [http-bio-8080-exec-4] DEBUG web.FilterChainProxy  - /grails-errorhandler at position 2 of 12 in additional filter chain; firing Filter: 'RestLogoutFilter'
2014-11-27 08:59:46,249 [http-bio-8080-exec-4] DEBUG web.FilterChainProxy  - /grails-errorhandler at position 3 of 12 in additional filter chain; firing Filter: 'MutableLogoutFilter'
2014-11-27 08:59:46,249 [http-bio-8080-exec-4] DEBUG web.FilterChainProxy  - /grails-errorhandler at position 4 of 12 in additional filter chain; firing Filter: 'RequestHolderAuthenticationFilter'
2014-11-27 08:59:46,250 [http-bio-8080-exec-4] DEBUG web.FilterChainProxy  - /grails-errorhandler at position 5 of 12 in additional filter chain; firing Filter: 'RestAuthenticationFilter'
2014-11-27 08:59:46,251 [http-bio-8080-exec-4] DEBUG rest.RestAuthenticationFilter  - Actual URI is /grails-errorhandler; endpoint URL is /api/login
2014-11-27 08:59:46,252 [http-bio-8080-exec-4] DEBUG web.FilterChainProxy  - /grails-errorhandler at position 6 of 12 in additional filter chain; firing Filter: 'SecurityContextHolderAwareRequestFilter'
2014-11-27 08:59:46,256 [http-bio-8080-exec-4] DEBUG web.FilterChainProxy  - /grails-errorhandler at position 7 of 12 in additional filter chain; firing Filter: 'GrailsRememberMeAuthenticationFilter'
2014-11-27 08:59:46,261 [http-bio-8080-exec-4] DEBUG web.FilterChainProxy  - /grails-errorhandler at position 8 of 12 in additional filter chain; firing Filter: 'GrailsAnonymousAuthenticationFilter'
2014-11-27 08:59:46,267 [http-bio-8080-exec-4] DEBUG web.FilterChainProxy  - /grails-errorhandler at position 9 of 12 in additional filter chain; firing Filter: 'RestTokenValidationFilter'
2014-11-27 08:59:46,287 [http-bio-8080-exec-4] DEBUG rest.RestTokenValidationFilter  - Token not found
2014-11-27 08:59:46,302 [http-bio-8080-exec-4] DEBUG rest.RestTokenValidationFilter  - Request does not contain any token. Letting it continue through the filter chain
2014-11-27 08:59:46,303 [http-bio-8080-exec-4] DEBUG web.FilterChainProxy  - /grails-errorhandler at position 10 of 12 in additional filter chain; firing Filter: 'ExceptionTranslationFilter'
2014-11-27 08:59:46,303 [http-bio-8080-exec-4] DEBUG web.FilterChainProxy  - /grails-errorhandler at position 11 of 12 in additional filter chain; firing Filter: 'ExceptionTranslationFilter'
2014-11-27 08:59:46,303 [http-bio-8080-exec-4] DEBUG web.FilterChainProxy  - /grails-errorhandler at position 12 of 12 in additional filter chain; firing Filter: 'FilterSecurityInterceptor'
2014-11-27 08:59:46,305 [http-bio-8080-exec-4] DEBUG intercept.FilterSecurityInterceptor  - Secure object: FilterInvocation: URL: /grails-errorhandler; Attributes: [_DENY_]
2014-11-27 08:59:46,306 [http-bio-8080-exec-4] DEBUG intercept.FilterSecurityInterceptor  - Previously Authenticated: grails.plugin.springsecurity.authentication.GrailsAnonymousAuthenticationToken@dc41564: Principal: org.springframework.security.core.userdetails.User@dc730200: Username: __grails.anonymous.user__; Password: [PROTECTED]; Enabled: false; AccountNonExpired: false; credentialsNonExpired: false; AccountNonLocked: false; Granted Authorities: ROLE_ANONYMOUS; Credentials: [PROTECTED]; Authenticated: true; Details: org.springframework.security.web.authentication.WebAuthenticationDetails@b364: RemoteIpAddress: 0:0:0:0:0:0:0:1; SessionId: null; Granted Authorities: ROLE_ANONYMOUS
2014-11-27 08:59:46,307 [http-bio-8080-exec-4] DEBUG hierarchicalroles.RoleHierarchyImpl  - getReachableGrantedAuthorities() - From the roles [ROLE_ANONYMOUS] one can reach [ROLE_ANONYMOUS] in zero or more steps.
2014-11-27 08:59:46,378 [http-bio-8080-exec-4] DEBUG access.ExceptionTranslationFilter  - Access is denied (user is anonymous); redirecting to authentication entry point
org.springframework.security.access.AccessDeniedException: Access is denied
    at grails.plugin.springsecurity.access.vote.AuthenticatedVetoableDecisionManager.decide(AuthenticatedVetoableDecisionManager.java:47)
    at com.odobo.grails.plugin.springsecurity.rest.RestTokenValidationFilter.processFilterChain(RestTokenValidationFilter.groovy:108)
    at com.odobo.grails.plugin.springsecurity.rest.RestTokenValidationFilter.doFilter(RestTokenValidationFilter.groovy:77)
    at grails.plugin.springsecurity.web.filter.GrailsAnonymousAuthenticationFilter.doFilter(GrailsAnonymousAuthenticationFilter.java:53)
    at com.odobo.grails.plugin.springsecurity.rest.RestAuthenticationFilter.doFilter(RestAuthenticationFilter.groovy:122)
    at grails.plugin.springsecurity.web.authentication.RequestHolderAuthenticationFilter.doFilter(RequestHolderAuthenticationFilter.java:49)
    at grails.plugin.springsecurity.web.authentication.logout.MutableLogoutFilter.doFilter(MutableLogoutFilter.java:82)
    at com.odobo.grails.plugin.springsecurity.rest.RestLogoutFilter.doFilter(RestLogoutFilter.groovy:63)
    at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145)
    at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615)
    at java.lang.Thread.run(Thread.java:745)
2014-11-27 08:59:46,400 [http-bio-8080-exec-4] DEBUG savedrequest.HttpSessionRequestCache  - DefaultSavedRequest added to Session: DefaultSavedRequest[http://localhost:8080/shark/grails-errorhandler]
2014-11-27 08:59:46,401 [http-bio-8080-exec-4] DEBUG access.ExceptionTranslationFilter  - Calling Authentication entry point.
2014-11-27 08:59:46,404 [http-bio-8080-exec-4] DEBUG web.DefaultRedirectStrategy  - Redirecting to 'http://localhost:8080/shark/login/auth'
2014-11-27 08:59:46,406 [http-bio-8080-exec-4] DEBUG access.ExceptionTranslationFilter  - Chain processed normally
2014-11-27 08:59:46,406 [http-bio-8080-exec-4] DEBUG context.SecurityContextPersistenceFilter  - SecurityContextHolder now cleared, as request processing completed
2014-11-27 08:59:46,475 [http-bio-8080-exec-5] DEBUG matcher.AntPathRequestMatcher  - Request '/login/auth' matched by universal pattern '/**'
2014-11-27 08:59:46,475 [http-bio-8080-exec-5] DEBUG web.FilterChainProxy  - /login/auth at position 1 of 12 in additional filter chain; firing Filter: 'SecurityContextPersistenceFilter'
2014-11-27 08:59:46,475 [http-bio-8080-exec-5] DEBUG web.FilterChainProxy  - /login/auth at position 2 of 12 in additional filter chain; firing Filter: 'RestLogoutFilter'
2014-11-27 08:59:46,476 [http-bio-8080-exec-5] DEBUG web.FilterChainProxy  - /login/auth at position 3 of 12 in additional filter chain; firing Filter: 'MutableLogoutFilter'
2014-11-27 08:59:46,476 [http-bio-8080-exec-5] DEBUG web.FilterChainProxy  - /login/auth at position 4 of 12 in additional filter chain; firing Filter: 'RequestHolderAuthenticationFilter'
2014-11-27 08:59:46,476 [http-bio-8080-exec-5] DEBUG web.FilterChainProxy  - /login/auth at position 5 of 12 in additional filter chain; firing Filter: 'RestAuthenticationFilter'
2014-11-27 08:59:46,477 [http-bio-8080-exec-5] DEBUG rest.RestAuthenticationFilter  - Actual URI is /login/auth; endpoint URL is /api/login
2014-11-27 08:59:46,477 [http-bio-8080-exec-5] DEBUG web.FilterChainProxy  - /login/auth at position 6 of 12 in additional filter chain; firing Filter: 'SecurityContextHolderAwareRequestFilter'
2014-11-27 08:59:46,477 [http-bio-8080-exec-5] DEBUG web.FilterChainProxy  - /login/auth at position 7 of 12 in additional filter chain; firing Filter: 'GrailsRememberMeAuthenticationFilter'
2014-11-27 08:59:46,478 [http-bio-8080-exec-5] DEBUG web.FilterChainProxy  - /login/auth at position 8 of 12 in additional filter chain; firing Filter: 'GrailsAnonymousAuthenticationFilter'
2014-11-27 08:59:46,478 [http-bio-8080-exec-5] DEBUG web.FilterChainProxy  - /login/auth at position 9 of 12 in additional filter chain; firing Filter: 'RestTokenValidationFilter'
2014-11-27 08:59:46,478 [http-bio-8080-exec-5] DEBUG rest.RestTokenValidationFilter  - Token not found
2014-11-27 08:59:46,478 [http-bio-8080-exec-5] DEBUG rest.RestTokenValidationFilter  - Request does not contain any token. Letting it continue through the filter chain
2014-11-27 08:59:46,479 [http-bio-8080-exec-5] DEBUG web.FilterChainProxy  - /login/auth at position 10 of 12 in additional filter chain; firing Filter: 'ExceptionTranslationFilter'
2014-11-27 08:59:46,479 [http-bio-8080-exec-5] DEBUG web.FilterChainProxy  - /login/auth at position 11 of 12 in additional filter chain; firing Filter: 'ExceptionTranslationFilter'
2014-11-27 08:59:46,479 [http-bio-8080-exec-5] DEBUG web.FilterChainProxy  - /login/auth at position 12 of 12 in additional filter chain; firing Filter: 'FilterSecurityInterceptor'
2014-11-27 08:59:46,479 [http-bio-8080-exec-5] DEBUG intercept.FilterSecurityInterceptor  - Secure object: FilterInvocation: URL: /login/auth; Attributes: [_DENY_]
2014-11-27 08:59:46,479 [http-bio-8080-exec-5] DEBUG intercept.FilterSecurityInterceptor  - Previously Authenticated: grails.plugin.springsecurity.authentication.GrailsAnonymousAuthenticationToken@f23943d4: Principal: org.springframework.security.core.userdetails.User@dc730200: Username: __grails.anonymous.user__; Password: [PROTECTED]; Enabled: false; AccountNonExpired: false; credentialsNonExpired: false; AccountNonLocked: false; Granted Authorities: ROLE_ANONYMOUS; Credentials: [PROTECTED]; Authenticated: true; Details: org.springframework.security.web.authentication.WebAuthenticationDetails@fffde5d4: RemoteIpAddress: 0:0:0:0:0:0:0:1; SessionId: 62C4B9210C7439806B68B03ED3B349F6; Granted Authorities: ROLE_ANONYMOUS
2014-11-27 08:59:46,479 [http-bio-8080-exec-5] DEBUG hierarchicalroles.RoleHierarchyImpl  - getReachableGrantedAuthorities() - From the roles [ROLE_ANONYMOUS] one can reach [ROLE_ANONYMOUS] in zero or more steps.
2014-11-27 08:59:46,482 [http-bio-8080-exec-5] DEBUG access.ExceptionTranslationFilter  - Access is denied (user is anonymous); redirecting to authentication entry point
org.springframework.security.access.AccessDeniedException: Access is denied
    at grails.plugin.springsecurity.access.vote.AuthenticatedVetoableDecisionManager.decide(AuthenticatedVetoableDecisionManager.java:47)
    at com.odobo.grails.plugin.springsecurity.rest.RestTokenValidationFilter.processFilterChain(RestTokenValidationFilter.groovy:108)
    at com.odobo.grails.plugin.springsecurity.rest.RestTokenValidationFilter.doFilter(RestTokenValidationFilter.groovy:77)
    at grails.plugin.springsecurity.web.filter.GrailsAnonymousAuthenticationFilter.doFilter(GrailsAnonymousAuthenticationFilter.java:53)
    at com.odobo.grails.plugin.springsecurity.rest.RestAuthenticationFilter.doFilter(RestAuthenticationFilter.groovy:122)
    at grails.plugin.springsecurity.web.authentication.RequestHolderAuthenticationFilter.doFilter(RequestHolderAuthenticationFilter.java:49)
    at grails.plugin.springsecurity.web.authentication.logout.MutableLogoutFilter.doFilter(MutableLogoutFilter.java:82)
    at com.odobo.grails.plugin.springsecurity.rest.RestLogoutFilter.doFilter(RestLogoutFilter.groovy:63)
    at com.brandseye.cors.CorsFilter.doFilter(CorsFilter.java:82)
    at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145)
    at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615)
    at java.lang.Thread.run(Thread.java:745)
2014-11-27 08:59:46,483 [http-bio-8080-exec-5] DEBUG savedrequest.HttpSessionRequestCache  - DefaultSavedRequest added to Session: DefaultSavedRequest[http://localhost:8080/shark/login/auth]
2014-11-27 08:59:46,483 [http-bio-8080-exec-5] DEBUG access.ExceptionTranslationFilter  - Calling Authentication entry point.
2014-11-27 08:59:46,484 [http-bio-8080-exec-5] DEBUG web.DefaultRedirectStrategy  - Redirecting to 'http://localhost:8080/shark/login/auth'
2014-11-27 08:59:46,484 [http-bio-8080-exec-5] DEBUG access.ExceptionTranslationFilter  - Chain processed normally
2014-11-27 08:59:46,484 [http-bio-8080-exec-5] DEBUG context.SecurityContextPersistenceFilter  - SecurityContextHolder now cleared, as request processing completed
2014-11-27 08:59:46,498 [http-bio-8080-exec-6] DEBUG matcher.AntPathRequestMatcher  - Request '/login/auth' matched by universal pattern '/**'
2014-11-27 08:59:46,498 [http-bio-8080-exec-6] DEBUG web.FilterChainProxy  - /login/auth at position 1 of 12 in additional filter chain; firing Filter: 'SecurityContextPersistenceFilter'
2014-11-27 08:59:46,499 [http-bio-8080-exec-6] DEBUG web.FilterChainProxy  - /login/auth at position 2 of 12 in additional filter chain; firing Filter: 'RestLogoutFilter'
2014-11-27 08:59:46,499 [http-bio-8080-exec-6] DEBUG web.FilterChainProxy  - /login/auth at position 3 of 12 in additional filter chain; firing Filter: 'MutableLogoutFilter'
2014-11-27 08:59:46,500 [http-bio-8080-exec-6] DEBUG web.FilterChainProxy  - /login/auth at position 4 of 12 in additional filter chain; firing Filter: 'RequestHolderAuthenticationFilter'
2014-11-27 08:59:46,500 [http-bio-8080-exec-6] DEBUG web.FilterChainProxy  - /login/auth at position 5 of 12 in additional filter chain; firing Filter: 'RestAuthenticationFilter'
2014-11-27 08:59:46,500 [http-bio-8080-exec-6] DEBUG rest.RestAuthenticationFilter  - Actual URI is /login/auth; endpoint URL is /api/login
2014-11-27 08:59:46,500 [http-bio-8080-exec-6] DEBUG web.FilterChainProxy  - /login/auth at position 6 of 12 in additional filter chain; firing Filter: 'SecurityContextHolderAwareRequestFilter'
2014-11-27 08:59:46,500 [http-bio-8080-exec-6] DEBUG web.FilterChainProxy  - /login/auth at position 7 of 12 in additional filter chain; firing Filter: 'GrailsRememberMeAuthenticationFilter'
2014-11-27 08:59:46,501 [http-bio-8080-exec-6] DEBUG web.FilterChainProxy  - /login/auth at position 8 of 12 in additional filter chain; firing Filter: 'GrailsAnonymousAuthenticationFilter'
2014-11-27 08:59:46,501 [http-bio-8080-exec-6] DEBUG web.FilterChainProxy  - /login/auth at position 9 of 12 in additional filter chain; firing Filter: 'RestTokenValidationFilter'
2014-11-27 08:59:46,501 [http-bio-8080-exec-6] DEBUG rest.RestTokenValidationFilter  - Token not found
2014-11-27 08:59:46,501 [http-bio-8080-exec-6] DEBUG rest.RestTokenValidationFilter  - Request does not contain any token. Letting it continue through the filter chain
2014-11-27 08:59:46,501 [http-bio-8080-exec-6] DEBUG web.FilterChainProxy  - /login/auth at position 10 of 12 in additional filter chain; firing Filter: 'ExceptionTranslationFilter'
2014-11-27 08:59:46,501 [http-bio-8080-exec-6] DEBUG web.FilterChainProxy  - /login/auth at position 11 of 12 in additional filter chain; firing Filter: 'ExceptionTranslationFilter'
2014-11-27 08:59:46,502 [http-bio-8080-exec-6] DEBUG web.FilterChainProxy  - /login/auth at position 12 of 12 in additional filter chain; firing Filter: 'FilterSecurityInterceptor'
2014-11-27 08:59:46,502 [http-bio-8080-exec-6] DEBUG intercept.FilterSecurityInterceptor  - Secure object: FilterInvocation: URL: /login/auth; Attributes: [_DENY_]
2014-11-27 08:59:46,502 [http-bio-8080-exec-6] DEBUG intercept.FilterSecurityInterceptor  - Previously Authenticated: grails.plugin.springsecurity.authentication.GrailsAnonymousAuthenticationToken@f23943d4: Principal: org.springframework.security.core.userdetails.User@dc730200: Username: __grails.anonymous.user__; Password: [PROTECTED]; Enabled: false; AccountNonExpired: false; credentialsNonExpired: false; AccountNonLocked: false; Granted Authorities: ROLE_ANONYMOUS; Credentials: [PROTECTED]; Authenticated: true; Details: org.springframework.security.web.authentication.WebAuthenticationDetails@fffde5d4: RemoteIpAddress: 0:0:0:0:0:0:0:1; SessionId: 62C4B9210C7439806B68B03ED3B349F6; Granted Authorities: ROLE_ANONYMOUS
2014-11-27 08:59:46,502 [http-bio-8080-exec-6] DEBUG hierarchicalroles.RoleHierarchyImpl  - getReachableGrantedAuthorities() - From the roles [ROLE_ANONYMOUS] one can reach [ROLE_ANONYMOUS] in zero or more steps.
2014-11-27 08:59:46,504 [http-bio-8080-exec-6] DEBUG access.ExceptionTranslationFilter  - Access is denied (user is anonymous); redirecting to authentication entry point
org.springframework.security.access.AccessDeniedException: Access is denied
    at grails.plugin.springsecurity.access.vote.AuthenticatedVetoableDecisionManager.decide(AuthenticatedVetoableDecisionManager.java:47)
    at com.odobo.grails.plugin.springsecurity.rest.RestTokenValidationFilter.processFilterChain(RestTokenValidationFilter.groovy:108)
    at com.odobo.grails.plugin.springsecurity.rest.RestTokenValidationFilter.doFilter(RestTokenValidationFilter.groovy:77)
    at grails.plugin.springsecurity.web.filter.GrailsAnonymousAuthenticationFilter.doFilter(GrailsAnonymousAuthenticationFilter.java:53)
    at com.odobo.grails.plugin.springsecurity.rest.RestAuthenticationFilter.doFilter(RestAuthenticationFilter.groovy:122)
    at grails.plugin.springsecurity.web.authentication.RequestHolderAuthenticationFilter.doFilter(RequestHolderAuthenticationFilter.java:49)
    at grails.plugin.springsecurity.web.authentication.logout.MutableLogoutFilter.doFilter(MutableLogoutFilter.java:82)
    at com.odobo.grails.plugin.springsecurity.rest.RestLogoutFilter.doFilter(RestLogoutFilter.groovy:63)
    at com.brandseye.cors.CorsFilter.doFilter(CorsFilter.java:82)
    at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145)
    at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615)
    at java.lang.Thread.run(Thread.java:745)
2014-11-27 08:59:46,505 [http-bio-8080-exec-6] DEBUG savedrequest.HttpSessionRequestCache  - DefaultSavedRequest added to Session: DefaultSavedRequest[http://localhost:8080/shark/login/auth]
2014-11-27 08:59:46,505 [http-bio-8080-exec-6] DEBUG access.ExceptionTranslationFilter  - Calling Authentication entry point.
2014-11-27 08:59:46,506 [http-bio-8080-exec-6] DEBUG web.DefaultRedirectStrategy  - Redirecting to 'http://localhost:8080/shark/login/auth'
2014-11-27 08:59:46,507 [http-bio-8080-exec-6] DEBUG access.ExceptionTranslationFilter  - Chain processed normally
2014-11-27 08:59:46,507 [http-bio-8080-exec-6] DEBUG context.SecurityContextPersistenceFilter  - SecurityContextHolder now cleared, as request processing completed
2014-11-27 08:59:46,552 [http-bio-8080-exec-7] DEBUG matcher.AntPathRequestMatcher  - Request '/login/auth' matched by universal pattern '/**'
2014-11-27 08:59:46,553 [http-bio-8080-exec-7] DEBUG web.FilterChainProxy  - /login/auth at position 1 of 12 in additional filter chain; firing Filter: 'SecurityContextPersistenceFilter'
2014-11-27 08:59:46,553 [http-bio-8080-exec-7] DEBUG web.FilterChainProxy  - /login/auth at position 2 of 12 in additional filter chain; firing Filter: 'RestLogoutFilter'
2014-11-27 08:59:46,554 [http-bio-8080-exec-7] DEBUG web.FilterChainProxy  - /login/auth at position 3 of 12 in additional filter chain; firing Filter: 'MutableLogoutFilter'
2014-11-27 08:59:46,555 [http-bio-8080-exec-7] DEBUG web.FilterChainProxy  - /login/auth at position 4 of 12 in additional filter chain; firing Filter: 'RequestHolderAuthenticationFilter'
2014-11-27 08:59:46,555 [http-bio-8080-exec-7] DEBUG web.FilterChainProxy  - /login/auth at position 5 of 12 in additional filter chain; firing Filter: 'RestAuthenticationFilter'
2014-11-27 08:59:46,556 [http-bio-8080-exec-7] DEBUG rest.RestAuthenticationFilter  - Actual URI is /login/auth; endpoint URL is /api/login
2014-11-27 08:59:46,556 [http-bio-8080-exec-7] DEBUG web.FilterChainProxy  - /login/auth at position 6 of 12 in additional filter chain; firing Filter: 'SecurityContextHolderAwareRequestFilter'
2014-11-27 08:59:46,556 [http-bio-8080-exec-7] DEBUG web.FilterChainProxy  - /login/auth at position 7 of 12 in additional filter chain; firing Filter: 'GrailsRememberMeAuthenticationFilter'
2014-11-27 08:59:46,557 [http-bio-8080-exec-7] DEBUG web.FilterChainProxy  - /login/auth at position 8 of 12 in additional filter chain; firing Filter: 'GrailsAnonymousAuthenticationFilter'
2014-11-27 08:59:46,557 [http-bio-8080-exec-7] DEBUG web.FilterChainProxy  - /login/auth at position 9 of 12 in additional filter chain; firing Filter: 'RestTokenValidationFilter'
2014-11-27 08:59:46,557 [http-bio-8080-exec-7] DEBUG rest.RestTokenValidationFilter  - Token not found
2014-11-27 08:59:46,558 [http-bio-8080-exec-7] DEBUG rest.RestTokenValidationFilter  - Request does not contain any token. Letting it continue through the filter chain
2014-11-27 08:59:46,558 [http-bio-8080-exec-7] DEBUG web.FilterChainProxy  - /login/auth at position 10 of 12 in additional filter chain; firing Filter: 'ExceptionTranslationFilter'
2014-11-27 08:59:46,558 [http-bio-8080-exec-7] DEBUG web.FilterChainProxy  - /login/auth at position 11 of 12 in additional filter chain; firing Filter: 'ExceptionTranslationFilter'
2014-11-27 08:59:46,558 [http-bio-8080-exec-7] DEBUG web.FilterChainProxy  - /login/auth at position 12 of 12 in additional filter chain; firing Filter: 'FilterSecurityInterceptor'
2014-11-27 08:59:46,559 [http-bio-8080-exec-7] DEBUG intercept.FilterSecurityInterceptor  - Secure object: FilterInvocation: URL: /login/auth; Attributes: [_DENY_]
2014-11-27 08:59:46,559 [http-bio-8080-exec-7] DEBUG intercept.FilterSecurityInterceptor  - Previously Authenticated: grails.plugin.springsecurity.authentication.GrailsAnonymousAuthenticationToken@f23943d4: Principal: org.springframework.security.core.userdetails.User@dc730200: Username: __grails.anonymous.user__; Password: [PROTECTED]; Enabled: false; AccountNonExpired: false; credentialsNonExpired: false; AccountNonLocked: false; Granted Authorities: ROLE_ANONYMOUS; Credentials: [PROTECTED]; Authenticated: true; Details: org.springframework.security.web.authentication.WebAuthenticationDetails@fffde5d4: RemoteIpAddress: 0:0:0:0:0:0:0:1; SessionId: 62C4B9210C7439806B68B03ED3B349F6; Granted Authorities: ROLE_ANONYMOUS
2014-11-27 08:59:46,560 [http-bio-8080-exec-7] DEBUG hierarchicalroles.RoleHierarchyImpl  - getReachableGrantedAuthorities() - From the roles [ROLE_ANONYMOUS] one can reach [ROLE_ANONYMOUS] in zero or more steps.
2014-11-27 08:59:46,561 [http-bio-8080-exec-7] DEBUG access.ExceptionTranslationFilter  - Access is denied (user is anonymous); redirecting to authentication entry point
org.springframework.security.access.AccessDeniedException: Access is denied
    at grails.plugin.springsecurity.access.vote.AuthenticatedVetoableDecisionManager.decide(AuthenticatedVetoableDecisionManager.java:47)
    at com.odobo.grails.plugin.springsecurity.rest.RestTokenValidationFilter.processFilterChain(RestTokenValidationFilter.groovy:108)
    at com.odobo.grails.plugin.springsecurity.rest.RestTokenValidationFilter.doFilter(RestTokenValidationFilter.groovy:77)
    at grails.plugin.springsecurity.web.filter.GrailsAnonymousAuthenticationFilter.doFilter(GrailsAnonymousAuthenticationFilter.java:53)
    at com.odobo.grails.plugin.springsecurity.rest.RestAuthenticationFilter.doFilter(RestAuthenticationFilter.groovy:122)
    at grails.plugin.springsecurity.web.authentication.RequestHolderAuthenticationFilter.doFilter(RequestHolderAuthenticationFilter.java:49)
    at grails.plugin.springsecurity.web.authentication.logout.MutableLogoutFilter.doFilter(MutableLogoutFilter.java:82)
    at com.odobo.grails.plugin.springsecurity.rest.RestLogoutFilter.doFilter(RestLogoutFilter.groovy:63)
    at com.brandseye.cors.CorsFilter.doFilter(CorsFilter.java:82)
    at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145)
    at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615)
    at java.lang.Thread.run(Thread.java:745)
2014-11-27 08:59:46,562 [http-bio-8080-exec-7] DEBUG savedrequest.HttpSessionRequestCache  - DefaultSavedRequest added to Session: DefaultSavedRequest[http://localhost:8080/shark/login/auth]
2014-11-27 08:59:46,563 [http-bio-8080-exec-7] DEBUG access.ExceptionTranslationFilter  - Calling Authentication entry point.
2014-11-27 08:59:46,564 [http-bio-8080-exec-7] DEBUG web.DefaultRedirectStrategy  - Redirecting to 'http://localhost:8080/shark/login/auth'
2014-11-27 08:59:46,564 [http-bio-8080-exec-7] DEBUG access.ExceptionTranslationFilter  - Chain processed normally
2014-11-27 08:59:46,564 [http-bio-8080-exec-7] DEBUG context.SecurityContextPersistenceFilter  - SecurityContextHolder now cleared, as request processing completed
2014-11-27 08:59:46,601 [http-bio-8080-exec-8] DEBUG matcher.AntPathRequestMatcher  - Request '/login/auth' matched by universal pattern '/**'
2014-11-27 08:59:46,601 [http-bio-8080-exec-8] DEBUG web.FilterChainProxy  - /login/auth at position 1 of 12 in additional filter chain; firing Filter: 'SecurityContextPersistenceFilter'
2014-11-27 08:59:46,602 [http-bio-8080-exec-8] DEBUG web.FilterChainProxy  - /login/auth at position 2 of 12 in additional filter chain; firing Filter: 'RestLogoutFilter'
2014-11-27 08:59:46,603 [http-bio-8080-exec-8] DEBUG web.FilterChainProxy  - /login/auth at position 3 of 12 in additional filter chain; firing Filter: 'MutableLogoutFilter'
2014-11-27 08:59:46,603 [http-bio-8080-exec-8] DEBUG web.FilterChainProxy  - /login/auth at position 4 of 12 in additional filter chain; firing Filter: 'RequestHolderAuthenticationFilter'
2014-11-27 08:59:46,604 [http-bio-8080-exec-8] DEBUG web.FilterChainProxy  - /login/auth at position 5 of 12 in additional filter chain; firing Filter: 'RestAuthenticationFilter'
2014-11-27 08:59:46,608 [http-bio-8080-exec-8] DEBUG rest.RestAuthenticationFilter  - Actual URI is /login/auth; endpoint URL is /api/login
2014-11-27 08:59:46,608 [http-bio-8080-exec-8] DEBUG web.FilterChainProxy  - /login/auth at position 6 of 12 in additional filter chain; firing Filter: 'SecurityContextHolderAwareRequestFilter'
2014-11-27 08:59:46,609 [http-bio-8080-exec-8] DEBUG web.FilterChainProxy  - /login/auth at position 7 of 12 in additional filter chain; firing Filter: 'GrailsRememberMeAuthenticationFilter'
2014-11-27 08:59:46,609 [http-bio-8080-exec-8] DEBUG web.FilterChainProxy  - /login/auth at position 8 of 12 in additional filter chain; firing Filter: 'GrailsAnonymousAuthenticationFilter'
2014-11-27 08:59:46,609 [http-bio-8080-exec-8] DEBUG web.FilterChainProxy  - /login/auth at position 9 of 12 in additional filter chain; firing Filter: 'RestTokenValidationFilter'
2014-11-27 08:59:46,609 [http-bio-8080-exec-8] DEBUG rest.RestTokenValidationFilter  - Token not found
2014-11-27 08:59:46,610 [http-bio-8080-exec-8] DEBUG rest.RestTokenValidationFilter  - Request does not contain any token. Letting it continue through the filter chain
2014-11-27 08:59:46,610 [http-bio-8080-exec-8] DEBUG web.FilterChainProxy  - /login/auth at position 10 of 12 in additional filter chain; firing Filter: 'ExceptionTranslationFilter'
2014-11-27 08:59:46,610 [http-bio-8080-exec-8] DEBUG web.FilterChainProxy  - /login/auth at position 11 of 12 in additional filter chain; firing Filter: 'ExceptionTranslationFilter'
2014-11-27 08:59:46,610 [http-bio-8080-exec-8] DEBUG web.FilterChainProxy  - /login/auth at position 12 of 12 in additional filter chain; firing Filter: 'FilterSecurityInterceptor'
2014-11-27 08:59:46,610 [http-bio-8080-exec-8] DEBUG intercept.FilterSecurityInterceptor  - Secure object: FilterInvocation: URL: /login/auth; Attributes: [_DENY_]
2014-11-27 08:59:46,611 [http-bio-8080-exec-8] DEBUG intercept.FilterSecurityInterceptor  - Previously Authenticated: grails.plugin.springsecurity.authentication.GrailsAnonymousAuthenticationToken@f23943d4: Principal: org.springframework.security.core.userdetails.User@dc730200: Username: __grails.anonymous.user__; Password: [PROTECTED]; Enabled: false; AccountNonExpired: false; credentialsNonExpired: false; AccountNonLocked: false; Granted Authorities: ROLE_ANONYMOUS; Credentials: [PROTECTED]; Authenticated: true; Details: org.springframework.security.web.authentication.WebAuthenticationDetails@fffde5d4: RemoteIpAddress: 0:0:0:0:0:0:0:1; SessionId: 62C4B9210C7439806B68B03ED3B349F6; Granted Authorities: ROLE_ANONYMOUS
2014-11-27 08:59:46,611 [http-bio-8080-exec-8] DEBUG hierarchicalroles.RoleHierarchyImpl  - getReachableGrantedAuthorities() - From the roles [ROLE_ANONYMOUS] one can reach [ROLE_ANONYMOUS] in zero or more steps.
2014-11-27 08:59:46,613 [http-bio-8080-exec-8] DEBUG access.ExceptionTranslationFilter  - Access is denied (user is anonymous); redirecting to authentication entry point
org.springframework.security.access.AccessDeniedException: Access is denied
    at grails.plugin.springsecurity.access.vote.AuthenticatedVetoableDecisionManager.decide(AuthenticatedVetoableDecisionManager.java:47)
    at com.odobo.grails.plugin.springsecurity.rest.RestTokenValidationFilter.processFilterChain(RestTokenValidationFilter.groovy:108)
    at com.odobo.grails.plugin.springsecurity.rest.RestTokenValidationFilter.doFilter(RestTokenValidationFilter.groovy:77)
    at grails.plugin.springsecurity.web.filter.GrailsAnonymousAuthenticationFilter.doFilter(GrailsAnonymousAuthenticationFilter.java:53)
    at com.odobo.grails.plugin.springsecurity.rest.RestAuthenticationFilter.doFilter(RestAuthenticationFilter.groovy:122)
    at grails.plugin.springsecurity.web.authentication.RequestHolderAuthenticationFilter.doFilter(RequestHolderAuthenticationFilter.java:49)
    at grails.plugin.springsecurity.web.authentication.logout.MutableLogoutFilter.doFilter(MutableLogoutFilter.java:82)
    at com.odobo.grails.plugin.springsecurity.rest.RestLogoutFilter.doFilter(RestLogoutFilter.groovy:63)
    at com.brandseye.cors.CorsFilter.doFilter(CorsFilter.java:82)
    at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145)
    at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615)
    at java.lang.Thread.run(Thread.java:745)
2014-11-27 08:59:46,614 [http-bio-8080-exec-8] DEBUG savedrequest.HttpSessionRequestCache  - DefaultSavedRequest added to Session: DefaultSavedRequest[http://localhost:8080/shark/login/auth]
2014-11-27 08:59:46,614 [http-bio-8080-exec-8] DEBUG access.ExceptionTranslationFilter  - Calling Authentication entry point.
2014-11-27 08:59:46,615 [http-bio-8080-exec-8] DEBUG web.DefaultRedirectStrategy  - Redirecting to 'http://localhost:8080/shark/login/auth'
2014-11-27 08:59:46,615 [http-bio-8080-exec-8] DEBUG access.ExceptionTranslationFilter  - Chain processed normally
2014-11-27 08:59:46,615 [http-bio-8080-exec-8] DEBUG context.SecurityContextPersistenceFilter  - SecurityContextHolder now cleared, as request processing completed
2014-11-27 08:59:46,629 [http-bio-8080-exec-9] DEBUG matcher.AntPathRequestMatcher  - Request '/login/auth' matched by universal pattern '/**'
2014-11-27 08:59:46,630 [http-bio-8080-exec-9] DEBUG web.FilterChainProxy  - /login/auth at position 1 of 12 in additional filter chain; firing Filter: 'SecurityContextPersistenceFilter'
2014-11-27 08:59:46,631 [http-bio-8080-exec-9] DEBUG web.FilterChainProxy  - /login/auth at position 2 of 12 in additional filter chain; firing Filter: 'RestLogoutFilter'
2014-11-27 08:59:46,631 [http-bio-8080-exec-9] DEBUG web.FilterChainProxy  - /login/auth at position 3 of 12 in additional filter chain; firing Filter: 'MutableLogoutFilter'
2014-11-27 08:59:46,631 [http-bio-8080-exec-9] DEBUG web.FilterChainProxy  - /login/auth at position 4 of 12 in additional filter chain; firing Filter: 'RequestHolderAuthenticationFilter'
2014-11-27 08:59:46,631 [http-bio-8080-exec-9] DEBUG web.FilterChainProxy  - /login/auth at position 5 of 12 in additional filter chain; firing Filter: 'RestAuthenticationFilter'
2014-11-27 08:59:46,632 [http-bio-8080-exec-9] DEBUG rest.RestAuthenticationFilter  - Actual URI is /login/auth; endpoint URL is /api/login
2014-11-27 08:59:46,632 [http-bio-8080-exec-9] DEBUG web.FilterChainProxy  - /login/auth at position 6 of 12 in additional filter chain; firing Filter: 'SecurityContextHolderAwareRequestFilter'
2014-11-27 08:59:46,632 [http-bio-8080-exec-9] DEBUG web.FilterChainProxy  - /login/auth at position 7 of 12 in additional filter chain; firing Filter: 'GrailsRememberMeAuthenticationFilter'
2014-11-27 08:59:46,632 [http-bio-8080-exec-9] DEBUG web.FilterChainProxy  - /login/auth at position 8 of 12 in additional filter chain; firing Filter: 'GrailsAnonymousAuthenticationFilter'
2014-11-27 08:59:46,632 [http-bio-8080-exec-9] DEBUG web.FilterChainProxy  - /login/auth at position 9 of 12 in additional filter chain; firing Filter: 'RestTokenValidationFilter'
2014-11-27 08:59:46,632 [http-bio-8080-exec-9] DEBUG rest.RestTokenValidationFilter  - Token not found
2014-11-27 08:59:46,633 [http-bio-8080-exec-9] DEBUG rest.RestTokenValidationFilter  - Request does not contain any token. Letting it continue through the filter chain
2014-11-27 08:59:46,633 [http-bio-8080-exec-9] DEBUG web.FilterChainProxy  - /login/auth at position 10 of 12 in additional filter chain; firing Filter: 'ExceptionTranslationFilter'
2014-11-27 08:59:46,633 [http-bio-8080-exec-9] DEBUG web.FilterChainProxy  - /login/auth at position 11 of 12 in additional filter chain; firing Filter: 'ExceptionTranslationFilter'
2014-11-27 08:59:46,633 [http-bio-8080-exec-9] DEBUG web.FilterChainProxy  - /login/auth at position 12 of 12 in additional filter chain; firing Filter: 'FilterSecurityInterceptor'
2014-11-27 08:59:46,633 [http-bio-8080-exec-9] DEBUG intercept.FilterSecurityInterceptor  - Secure object: FilterInvocation: URL: /login/auth; Attributes: [_DENY_]
2014-11-27 08:59:46,633 [http-bio-8080-exec-9] DEBUG intercept.FilterSecurityInterceptor  - Previously Authenticated: grails.plugin.springsecurity.authentication.GrailsAnonymousAuthenticationToken@f23943d4: Principal: org.springframework.security.core.userdetails.User@dc730200: Username: __grails.anonymous.user__; Password: [PROTECTED]; Enabled: false; AccountNonExpired: false; credentialsNonExpired: false; AccountNonLocked: false; Granted Authorities: ROLE_ANONYMOUS; Credentials: [PROTECTED]; Authenticated: true; Details: org.springframework.security.web.authentication.WebAuthenticationDetails@fffde5d4: RemoteIpAddress: 0:0:0:0:0:0:0:1; SessionId: 62C4B9210C7439806B68B03ED3B349F6; Granted Authorities: ROLE_ANONYMOUS
2014-11-27 08:59:46,633 [http-bio-8080-exec-9] DEBUG hierarchicalroles.RoleHierarchyImpl  - getReachableGrantedAuthorities() - From the roles [ROLE_ANONYMOUS] one can reach [ROLE_ANONYMOUS] in zero or more steps.
2014-11-27 08:59:46,636 [http-bio-8080-exec-9] DEBUG access.ExceptionTranslationFilter  - Access is denied (user is anonymous); redirecting to authentication entry point
org.springframework.security.access.AccessDeniedException: Access is denied
    at grails.plugin.springsecurity.access.vote.AuthenticatedVetoableDecisionManager.decide(AuthenticatedVetoableDecisionManager.java:47)
    at com.odobo.grails.plugin.springsecurity.rest.RestTokenValidationFilter.processFilterChain(RestTokenValidationFilter.groovy:108)
    at com.odobo.grails.plugin.springsecurity.rest.RestTokenValidationFilter.doFilter(RestTokenValidationFilter.groovy:77)
    at grails.plugin.springsecurity.web.filter.GrailsAnonymousAuthenticationFilter.doFilter(GrailsAnonymousAuthenticationFilter.java:53)
    at com.odobo.grails.plugin.springsecurity.rest.RestAuthenticationFilter.doFilter(RestAuthenticationFilter.groovy:122)
    at grails.plugin.springsecurity.web.authentication.RequestHolderAuthenticationFilter.doFilter(RequestHolderAuthenticationFilter.java:49)
    at grails.plugin.springsecurity.web.authentication.logout.MutableLogoutFilter.doFilter(MutableLogoutFilter.java:82)
    at com.odobo.grails.plugin.springsecurity.rest.RestLogoutFilter.doFilter(RestLogoutFilter.groovy:63)
    at com.brandseye.cors.CorsFilter.doFilter(CorsFilter.java:82)
    at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145)
    at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615)
    at java.lang.Thread.run(Thread.java:745)
2014-11-27 08:59:46,637 [http-bio-8080-exec-9] DEBUG savedrequest.HttpSessionRequestCache  - DefaultSavedRequest added to Session: DefaultSavedRequest[http://localhost:8080/shark/login/auth]
2014-11-27 08:59:46,637 [http-bio-8080-exec-9] DEBUG access.ExceptionTranslationFilter  - Calling Authentication entry point.
2014-11-27 08:59:46,637 [http-bio-8080-exec-9] DEBUG web.DefaultRedirectStrategy  - Redirecting to 'http://localhost:8080/shark/login/auth'
2014-11-27 08:59:46,637 [http-bio-8080-exec-9] DEBUG access.ExceptionTranslationFilter  - Chain processed normally
2014-11-27 08:59:46,637 [http-bio-8080-exec-9] DEBUG context.SecurityContextPersistenceFilter  - SecurityContextHolder now cleared, as request processing completed
2014-11-27 08:59:46,650 [http-bio-8080-exec-10] DEBUG matcher.AntPathRequestMatcher  - Request '/login/auth' matched by universal pattern '/**'
2014-11-27 08:59:46,651 [http-bio-8080-exec-10] DEBUG web.FilterChainProxy  - /login/auth at position 1 of 12 in additional filter chain; firing Filter: 'SecurityContextPersistenceFilter'
2014-11-27 08:59:46,651 [http-bio-8080-exec-10] DEBUG web.FilterChainProxy  - /login/auth at position 2 of 12 in additional filter chain; firing Filter: 'RestLogoutFilter'
2014-11-27 08:59:46,651 [http-bio-8080-exec-10] DEBUG web.FilterChainProxy  - /login/auth at position 3 of 12 in additional filter chain; firing Filter: 'MutableLogoutFilter'
2014-11-27 08:59:46,652 [http-bio-8080-exec-10] DEBUG web.FilterChainProxy  - /login/auth at position 4 of 12 in additional filter chain; firing Filter: 'RequestHolderAuthenticationFilter'
2014-11-27 08:59:46,652 [http-bio-8080-exec-10] DEBUG web.FilterChainProxy  - /login/auth at position 5 of 12 in additional filter chain; firing Filter: 'RestAuthenticationFilter'
2014-11-27 08:59:46,652 [http-bio-8080-exec-10] DEBUG rest.RestAuthenticationFilter  - Actual URI is /login/auth; endpoint URL is /api/login
2014-11-27 08:59:46,652 [http-bio-8080-exec-10] DEBUG web.FilterChainProxy  - /login/auth at position 6 of 12 in additional filter chain; firing Filter: 'SecurityContextHolderAwareRequestFilter'
2014-11-27 08:59:46,652 [http-bio-8080-exec-10] DEBUG web.FilterChainProxy  - /login/auth at position 7 of 12 in additional filter chain; firing Filter: 'GrailsRememberMeAuthenticationFilter'
2014-11-27 08:59:46,652 [http-bio-8080-exec-10] DEBUG web.FilterChainProxy  - /login/auth at position 8 of 12 in additional filter chain; firing Filter: 'GrailsAnonymousAuthenticationFilter'
2014-11-27 08:59:46,653 [http-bio-8080-exec-10] DEBUG web.FilterChainProxy  - /login/auth at position 9 of 12 in additional filter chain; firing Filter: 'RestTokenValidationFilter'
2014-11-27 08:59:46,653 [http-bio-8080-exec-10] DEBUG rest.RestTokenValidationFilter  - Token not found
2014-11-27 08:59:46,653 [http-bio-8080-exec-10] DEBUG rest.RestTokenValidationFilter  - Request does not contain any token. Letting it continue through the filter chain
2014-11-27 08:59:46,653 [http-bio-8080-exec-10] DEBUG web.FilterChainProxy  - /login/auth at position 10 of 12 in additional filter chain; firing Filter: 'ExceptionTranslationFilter'
2014-11-27 08:59:46,653 [http-bio-8080-exec-10] DEBUG web.FilterChainProxy  - /login/auth at position 11 of 12 in additional filter chain; firing Filter: 'ExceptionTranslationFilter'
2014-11-27 08:59:46,653 [http-bio-8080-exec-10] DEBUG web.FilterChainProxy  - /login/auth at position 12 of 12 in additional filter chain; firing Filter: 'FilterSecurityInterceptor'
2014-11-27 08:59:46,653 [http-bio-8080-exec-10] DEBUG intercept.FilterSecurityInterceptor  - Secure object: FilterInvocation: URL: /login/auth; Attributes: [_DENY_]
2014-11-27 08:59:46,654 [http-bio-8080-exec-10] DEBUG intercept.FilterSecurityInterceptor  - Previously Authenticated: grails.plugin.springsecurity.authentication.GrailsAnonymousAuthenticationToken@f23943d4: Principal: org.springframework.security.core.userdetails.User@dc730200: Username: __grails.anonymous.user__; Password: [PROTECTED]; Enabled: false; AccountNonExpired: false; credentialsNonExpired: false; AccountNonLocked: false; Granted Authorities: ROLE_ANONYMOUS; Credentials: [PROTECTED]; Authenticated: true; Details: org.springframework.security.web.authentication.WebAuthenticationDetails@fffde5d4: RemoteIpAddress: 0:0:0:0:0:0:0:1; SessionId: 62C4B9210C7439806B68B03ED3B349F6; Granted Authorities: ROLE_ANONYMOUS
2014-11-27 08:59:46,654 [http-bio-8080-exec-10] DEBUG hierarchicalroles.RoleHierarchyImpl  - getReachableGrantedAuthorities() - From the roles [ROLE_ANONYMOUS] one can reach [ROLE_ANONYMOUS] in zero or more steps.
2014-11-27 08:59:46,656 [http-bio-8080-exec-10] DEBUG access.ExceptionTranslationFilter  - Access is denied (user is anonymous); redirecting to authentication entry point
org.springframework.security.access.AccessDeniedException: Access is denied
    at grails.plugin.springsecurity.access.vote.AuthenticatedVetoableDecisionManager.decide(AuthenticatedVetoableDecisionManager.java:47)
    at com.odobo.grails.plugin.springsecurity.rest.RestTokenValidationFilter.processFilterChain(RestTokenValidationFilter.groovy:108)
    at com.odobo.grails.plugin.springsecurity.rest.RestTokenValidationFilter.doFilter(RestTokenValidationFilter.groovy:77)
    at grails.plugin.springsecurity.web.filter.GrailsAnonymousAuthenticationFilter.doFilter(GrailsAnonymousAuthenticationFilter.java:53)
    at com.odobo.grails.plugin.springsecurity.rest.RestAuthenticationFilter.doFilter(RestAuthenticationFilter.groovy:122)
    at grails.plugin.springsecurity.web.authentication.RequestHolderAuthenticationFilter.doFilter(RequestHolderAuthenticationFilter.java:49)
    at grails.plugin.springsecurity.web.authentication.logout.MutableLogoutFilter.doFilter(MutableLogoutFilter.java:82)
    at com.odobo.grails.plugin.springsecurity.rest.RestLogoutFilter.doFilter(RestLogoutFilter.groovy:63)
    at com.brandseye.cors.CorsFilter.doFilter(CorsFilter.java:82)
    at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145)
    at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615)
    at java.lang.Thread.run(Thread.java:745)
2014-11-27 08:59:46,657 [http-bio-8080-exec-10] DEBUG savedrequest.HttpSessionRequestCache  - DefaultSavedRequest added to Session: DefaultSavedRequest[http://localhost:8080/shark/login/auth]
2014-11-27 08:59:46,657 [http-bio-8080-exec-10] DEBUG access.ExceptionTranslationFilter  - Calling Authentication entry point.
2014-11-27 08:59:46,657 [http-bio-8080-exec-10] DEBUG web.DefaultRedirectStrategy  - Redirecting to 'http://localhost:8080/shark/login/auth'
2014-11-27 08:59:46,658 [http-bio-8080-exec-10] DEBUG access.ExceptionTranslationFilter  - Chain processed normally
2014-11-27 08:59:46,658 [http-bio-8080-exec-10] DEBUG context.SecurityContextPersistenceFilter  - SecurityContextHolder now cleared, as request processing completed
2014-11-27 08:59:46,714 [http-bio-8080-exec-10] DEBUG matcher.AntPathRequestMatcher  - Request '/login/auth' matched by universal pattern '/**'
2014-11-27 08:59:46,715 [http-bio-8080-exec-10] DEBUG web.FilterChainProxy  - /login/auth at position 1 of 12 in additional filter chain; firing Filter: 'SecurityContextPersistenceFilter'
2014-11-27 08:59:46,716 [http-bio-8080-exec-10] DEBUG web.FilterChainProxy  - /login/auth at position 2 of 12 in additional filter chain; firing Filter: 'RestLogoutFilter'
2014-11-27 08:59:46,717 [http-bio-8080-exec-10] DEBUG web.FilterChainProxy  - /login/auth at position 3 of 12 in additional filter chain; firing Filter: 'MutableLogoutFilter'
2014-11-27 08:59:46,717 [http-bio-8080-exec-10] DEBUG web.FilterChainProxy  - /login/auth at position 4 of 12 in additional filter chain; firing Filter: 'RequestHolderAuthenticationFilter'
2014-11-27 08:59:46,717 [http-bio-8080-exec-10] DEBUG web.FilterChainProxy  - /login/auth at position 5 of 12 in additional filter chain; firing Filter: 'RestAuthenticationFilter'
2014-11-27 08:59:46,717 [http-bio-8080-exec-10] DEBUG rest.RestAuthenticationFilter  - Actual URI is /login/auth; endpoint URL is /api/login
2014-11-27 08:59:46,717 [http-bio-8080-exec-10] DEBUG web.FilterChainProxy  - /login/auth at position 6 of 12 in additional filter chain; firing Filter: 'SecurityContextHolderAwareRequestFilter'
2014-11-27 08:59:46,717 [http-bio-8080-exec-10] DEBUG web.FilterChainProxy  - /login/auth at position 7 of 12 in additional filter chain; firing Filter: 'GrailsRememberMeAuthenticationFilter'
2014-11-27 08:59:46,718 [http-bio-8080-exec-10] DEBUG web.FilterChainProxy  - /login/auth at position 8 of 12 in additional filter chain; firing Filter: 'GrailsAnonymousAuthenticationFilter'
2014-11-27 08:59:46,718 [http-bio-8080-exec-10] DEBUG web.FilterChainProxy  - /login/auth at position 9 of 12 in additional filter chain; firing Filter: 'RestTokenValidationFilter'
2014-11-27 08:59:46,718 [http-bio-8080-exec-10] DEBUG rest.RestTokenValidationFilter  - Token not found
2014-11-27 08:59:46,719 [http-bio-8080-exec-10] DEBUG rest.RestTokenValidationFilter  - Request does not contain any token. Letting it continue through the filter chain
2014-11-27 08:59:46,719 [http-bio-8080-exec-10] DEBUG web.FilterChainProxy  - /login/auth at position 10 of 12 in additional filter chain; firing Filter: 'ExceptionTranslationFilter'
2014-11-27 08:59:46,719 [http-bio-8080-exec-10] DEBUG web.FilterChainProxy  - /login/auth at position 11 of 12 in additional filter chain; firing Filter: 'ExceptionTranslationFilter'
2014-11-27 08:59:46,719 [http-bio-8080-exec-10] DEBUG web.FilterChainProxy  - /login/auth at position 12 of 12 in additional filter chain; firing Filter: 'FilterSecurityInterceptor'
2014-11-27 08:59:46,719 [http-bio-8080-exec-10] DEBUG intercept.FilterSecurityInterceptor  - Secure object: FilterInvocation: URL: /login/auth; Attributes: [_DENY_]
2014-11-27 08:59:46,719 [http-bio-8080-exec-10] DEBUG intercept.FilterSecurityInterceptor  - Previously Authenticated: grails.plugin.springsecurity.authentication.GrailsAnonymousAuthenticationToken@f23943d4: Principal: org.springframework.security.core.userdetails.User@dc730200: Username: __grails.anonymous.user__; Password: [PROTECTED]; Enabled: false; AccountNonExpired: false; credentialsNonExpired: false; AccountNonLocked: false; Granted Authorities: ROLE_ANONYMOUS; Credentials: [PROTECTED]; Authenticated: true; Details: org.springframework.security.web.authentication.WebAuthenticationDetails@fffde5d4: RemoteIpAddress: 0:0:0:0:0:0:0:1; SessionId: 62C4B9210C7439806B68B03ED3B349F6; Granted Authorities: ROLE_ANONYMOUS
2014-11-27 08:59:46,720 [http-bio-8080-exec-10] DEBUG hierarchicalroles.RoleHierarchyImpl  - getReachableGrantedAuthorities() - From the roles [ROLE_ANONYMOUS] one can reach [ROLE_ANONYMOUS] in zero or more steps.
2014-11-27 08:59:46,723 [http-bio-8080-exec-10] DEBUG access.ExceptionTranslationFilter  - Access is denied (user is anonymous); redirecting to authentication entry point
org.springframework.security.access.AccessDeniedException: Access is denied
    at grails.plugin.springsecurity.access.vote.AuthenticatedVetoableDecisionManager.decide(AuthenticatedVetoableDecisionManager.java:47)
    at com.odobo.grails.plugin.springsecurity.rest.RestTokenValidationFilter.processFilterChain(RestTokenValidationFilter.groovy:108)
    at com.odobo.grails.plugin.springsecurity.rest.RestTokenValidationFilter.doFilter(RestTokenValidationFilter.groovy:77)
    at grails.plugin.springsecurity.web.filter.GrailsAnonymousAuthenticationFilter.doFilter(GrailsAnonymousAuthenticationFilter.java:53)
    at com.odobo.grails.plugin.springsecurity.rest.RestAuthenticationFilter.doFilter(RestAuthenticationFilter.groovy:122)
    at grails.plugin.springsecurity.web.authentication.RequestHolderAuthenticationFilter.doFilter(RequestHolderAuthenticationFilter.java:49)
    at grails.plugin.springsecurity.web.authentication.logout.MutableLogoutFilter.doFilter(MutableLogoutFilter.java:82)
    at com.odobo.grails.plugin.springsecurity.rest.RestLogoutFilter.doFilter(RestLogoutFilter.groovy:63)
    at com.brandseye.cors.CorsFilter.doFilter(CorsFilter.java:82)
    at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145)
    at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615)
    at java.lang.Thread.run(Thread.java:745)
2014-11-27 08:59:46,724 [http-bio-8080-exec-10] DEBUG savedrequest.HttpSessionRequestCache  - DefaultSavedRequest added to Session: DefaultSavedRequest[http://localhost:8080/shark/login/auth]
2014-11-27 08:59:46,724 [http-bio-8080-exec-10] DEBUG access.ExceptionTranslationFilter  - Calling Authentication entry point.
2014-11-27 08:59:46,725 [http-bio-8080-exec-10] DEBUG web.DefaultRedirectStrategy  - Redirecting to 'http://localhost:8080/shark/login/auth'
2014-11-27 08:59:46,725 [http-bio-8080-exec-10] DEBUG access.ExceptionTranslationFilter  - Chain processed normally
2014-11-27 08:59:46,726 [http-bio-8080-exec-10] DEBUG context.SecurityContextPersistenceFilter  - SecurityContextHolder now cleared, as request processing completed
2014-11-27 08:59:46,755 [http-bio-8080-exec-10] DEBUG matcher.AntPathRequestMatcher  - Request '/login/auth' matched by universal pattern '/**'
2014-11-27 08:59:46,756 [http-bio-8080-exec-10] DEBUG web.FilterChainProxy  - /login/auth at position 1 of 12 in additional filter chain; firing Filter: 'SecurityContextPersistenceFilter'
2014-11-27 08:59:46,756 [http-bio-8080-exec-10] DEBUG web.FilterChainProxy  - /login/auth at position 2 of 12 in additional filter chain; firing Filter: 'RestLogoutFilter'
2014-11-27 08:59:46,756 [http-bio-8080-exec-10] DEBUG web.FilterChainProxy  - /login/auth at position 3 of 12 in additional filter chain; firing Filter: 'MutableLogoutFilter'
2014-11-27 08:59:46,756 [http-bio-8080-exec-10] DEBUG web.FilterChainProxy  - /login/auth at position 4 of 12 in additional filter chain; firing Filter: 'RequestHolderAuthenticationFilter'
2014-11-27 08:59:46,756 [http-bio-8080-exec-10] DEBUG web.FilterChainProxy  - /login/auth at position 5 of 12 in additional filter chain; firing Filter: 'RestAuthenticationFilter'
2014-11-27 08:59:46,756 [http-bio-8080-exec-10] DEBUG rest.RestAuthenticationFilter  - Actual URI is /login/auth; endpoint URL is /api/login
2014-11-27 08:59:46,757 [http-bio-8080-exec-10] DEBUG web.FilterChainProxy  - /login/auth at position 6 of 12 in additional filter chain; firing Filter: 'SecurityContextHolderAwareRequestFilter'
2014-11-27 08:59:46,757 [http-bio-8080-exec-10] DEBUG web.FilterChainProxy  - /login/auth at position 7 of 12 in additional filter chain; firing Filter: 'GrailsRememberMeAuthenticationFilter'
2014-11-27 08:59:46,757 [http-bio-8080-exec-10] DEBUG web.FilterChainProxy  - /login/auth at position 8 of 12 in additional filter chain; firing Filter: 'GrailsAnonymousAuthenticationFilter'
2014-11-27 08:59:46,757 [http-bio-8080-exec-10] DEBUG web.FilterChainProxy  - /login/auth at position 9 of 12 in additional filter chain; firing Filter: 'RestTokenValidationFilter'
2014-11-27 08:59:46,757 [http-bio-8080-exec-10] DEBUG rest.RestTokenValidationFilter  - Token not found
2014-11-27 08:59:46,757 [http-bio-8080-exec-10] DEBUG rest.RestTokenValidationFilter  - Request does not contain any token. Letting it continue through the filter chain
2014-11-27 08:59:46,758 [http-bio-8080-exec-10] DEBUG web.FilterChainProxy  - /login/auth at position 10 of 12 in additional filter chain; firing Filter: 'ExceptionTranslationFilter'
2014-11-27 08:59:46,758 [http-bio-8080-exec-10] DEBUG web.FilterChainProxy  - /login/auth at position 11 of 12 in additional filter chain; firing Filter: 'ExceptionTranslationFilter'
2014-11-27 08:59:46,758 [http-bio-8080-exec-10] DEBUG web.FilterChainProxy  - /login/auth at position 12 of 12 in additional filter chain; firing Filter: 'FilterSecurityInterceptor'
2014-11-27 08:59:46,758 [http-bio-8080-exec-10] DEBUG intercept.FilterSecurityInterceptor  - Secure object: FilterInvocation: URL: /login/auth; Attributes: [_DENY_]
2014-11-27 08:59:46,758 [http-bio-8080-exec-10] DEBUG intercept.FilterSecurityInterceptor  - Previously Authenticated: grails.plugin.springsecurity.authentication.GrailsAnonymousAuthenticationToken@f23943d4: Principal: org.springframework.security.core.userdetails.User@dc730200: Username: __grails.anonymous.user__; Password: [PROTECTED]; Enabled: false; AccountNonExpired: false; credentialsNonExpired: false; AccountNonLocked: false; Granted Authorities: ROLE_ANONYMOUS; Credentials: [PROTECTED]; Authenticated: true; Details: org.springframework.security.web.authentication.WebAuthenticationDetails@fffde5d4: RemoteIpAddress: 0:0:0:0:0:0:0:1; SessionId: 62C4B9210C7439806B68B03ED3B349F6; Granted Authorities: ROLE_ANONYMOUS
2014-11-27 08:59:46,759 [http-bio-8080-exec-10] DEBUG hierarchicalroles.RoleHierarchyImpl  - getReachableGrantedAuthorities() - From the roles [ROLE_ANONYMOUS] one can reach [ROLE_ANONYMOUS] in zero or more steps.
2014-11-27 08:59:46,762 [http-bio-8080-exec-10] DEBUG access.ExceptionTranslationFilter  - Access is denied (user is anonymous); redirecting to authentication entry point
org.springframework.security.access.AccessDeniedException: Access is denied
    at grails.plugin.springsecurity.access.vote.AuthenticatedVetoableDecisionManager.decide(AuthenticatedVetoableDecisionManager.java:47)
    at com.odobo.grails.plugin.springsecurity.rest.RestTokenValidationFilter.processFilterChain(RestTokenValidationFilter.groovy:108)
    at com.odobo.grails.plugin.springsecurity.rest.RestTokenValidationFilter.doFilter(RestTokenValidationFilter.groovy:77)
    at grails.plugin.springsecurity.web.filter.GrailsAnonymousAuthenticationFilter.doFilter(GrailsAnonymousAuthenticationFilter.java:53)
    at com.odobo.grails.plugin.springsecurity.rest.RestAuthenticationFilter.doFilter(RestAuthenticationFilter.groovy:122)
    at grails.plugin.springsecurity.web.authentication.RequestHolderAuthenticationFilter.doFilter(RequestHolderAuthenticationFilter.java:49)
    at grails.plugin.springsecurity.web.authentication.logout.MutableLogoutFilter.doFilter(MutableLogoutFilter.java:82)
    at com.odobo.grails.plugin.springsecurity.rest.RestLogoutFilter.doFilter(RestLogoutFilter.groovy:63)
    at com.brandseye.cors.CorsFilter.doFilter(CorsFilter.java:82)
    at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145)
    at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615)
    at java.lang.Thread.run(Thread.java:745)
2014-11-27 08:59:46,764 [http-bio-8080-exec-10] DEBUG savedrequest.HttpSessionRequestCache  - DefaultSavedRequest added to Session: DefaultSavedRequest[http://localhost:8080/shark/login/auth]
2014-11-27 08:59:46,764 [http-bio-8080-exec-10] DEBUG access.ExceptionTranslationFilter  - Calling Authentication entry point.
2014-11-27 08:59:46,764 [http-bio-8080-exec-10] DEBUG web.DefaultRedirectStrategy  - Redirecting to 'http://localhost:8080/shark/login/auth'
2014-11-27 08:59:46,764 [http-bio-8080-exec-10] DEBUG access.ExceptionTranslationFilter  - Chain processed normally
2014-11-27 08:59:46,764 [http-bio-8080-exec-10] DEBUG context.SecurityContextPersistenceFilter  - SecurityContextHolder now cleared, as request processing completed
2014-11-27 08:59:46,788 [http-bio-8080-exec-10] DEBUG matcher.AntPathRequestMatcher  - Request '/login/auth' matched by universal pattern '/**'
2014-11-27 08:59:46,788 [http-bio-8080-exec-10] DEBUG web.FilterChainProxy  - /login/auth at position 1 of 12 in additional filter chain; firing Filter: 'SecurityContextPersistenceFilter'
2014-11-27 08:59:46,788 [http-bio-8080-exec-10] DEBUG web.FilterChainProxy  - /login/auth at position 2 of 12 in additional filter chain; firing Filter: 'RestLogoutFilter'
2014-11-27 08:59:46,788 [http-bio-8080-exec-10] DEBUG web.FilterChainProxy  - /login/auth at position 3 of 12 in additional filter chain; firing Filter: 'MutableLogoutFilter'
2014-11-27 08:59:46,789 [http-bio-8080-exec-10] DEBUG web.FilterChainProxy  - /login/auth at position 4 of 12 in additional filter chain; firing Filter: 'RequestHolderAuthenticationFilter'
2014-11-27 08:59:46,789 [http-bio-8080-exec-10] DEBUG web.FilterChainProxy  - /login/auth at position 5 of 12 in additional filter chain; firing Filter: 'RestAuthenticationFilter'
2014-11-27 08:59:46,789 [http-bio-8080-exec-10] DEBUG rest.RestAuthenticationFilter  - Actual URI is /login/auth; endpoint URL is /api/login
2014-11-27 08:59:46,790 [http-bio-8080-exec-10] DEBUG web.FilterChainProxy  - /login/auth at position 6 of 12 in additional filter chain; firing Filter: 'SecurityContextHolderAwareRequestFilter'
2014-11-27 08:59:46,790 [http-bio-8080-exec-10] DEBUG web.FilterChainProxy  - /login/auth at position 7 of 12 in additional filter chain; firing Filter: 'GrailsRememberMeAuthenticationFilter'
2014-11-27 08:59:46,791 [http-bio-8080-exec-10] DEBUG web.FilterChainProxy  - /login/auth at position 8 of 12 in additional filter chain; firing Filter: 'GrailsAnonymousAuthenticationFilter'
2014-11-27 08:59:46,791 [http-bio-8080-exec-10] DEBUG web.FilterChainProxy  - /login/auth at position 9 of 12 in additional filter chain; firing Filter: 'RestTokenValidationFilter'
2014-11-27 08:59:46,791 [http-bio-8080-exec-10] DEBUG rest.RestTokenValidationFilter  - Token not found
2014-11-27 08:59:46,792 [http-bio-8080-exec-10] DEBUG rest.RestTokenValidationFilter  - Request does not contain any token. Letting it continue through the filter chain
2014-11-27 08:59:46,792 [http-bio-8080-exec-10] DEBUG web.FilterChainProxy  - /login/auth at position 10 of 12 in additional filter chain; firing Filter: 'ExceptionTranslationFilter'
2014-11-27 08:59:46,793 [http-bio-8080-exec-10] DEBUG web.FilterChainProxy  - /login/auth at position 11 of 12 in additional filter chain; firing Filter: 'ExceptionTranslationFilter'
2014-11-27 08:59:46,793 [http-bio-8080-exec-10] DEBUG web.FilterChainProxy  - /login/auth at position 12 of 12 in additional filter chain; firing Filter: 'FilterSecurityInterceptor'
2014-11-27 08:59:46,793 [http-bio-8080-exec-10] DEBUG intercept.FilterSecurityInterceptor  - Secure object: FilterInvocation: URL: /login/auth; Attributes: [_DENY_]
2014-11-27 08:59:46,794 [http-bio-8080-exec-10] DEBUG intercept.FilterSecurityInterceptor  - Previously Authenticated: grails.plugin.springsecurity.authentication.GrailsAnonymousAuthenticationToken@f23943d4: Principal: org.springframework.security.core.userdetails.User@dc730200: Username: __grails.anonymous.user__; Password: [PROTECTED]; Enabled: false; AccountNonExpired: false; credentialsNonExpired: false; AccountNonLocked: false; Granted Authorities: ROLE_ANONYMOUS; Credentials: [PROTECTED]; Authenticated: true; Details: org.springframework.security.web.authentication.WebAuthenticationDetails@fffde5d4: RemoteIpAddress: 0:0:0:0:0:0:0:1; SessionId: 62C4B9210C7439806B68B03ED3B349F6; Granted Authorities: ROLE_ANONYMOUS
2014-11-27 08:59:46,794 [http-bio-8080-exec-10] DEBUG hierarchicalroles.RoleHierarchyImpl  - getReachableGrantedAuthorities() - From the roles [ROLE_ANONYMOUS] one can reach [ROLE_ANONYMOUS] in zero or more steps.
2014-11-27 08:59:46,797 [http-bio-8080-exec-10] DEBUG access.ExceptionTranslationFilter  - Access is denied (user is anonymous); redirecting to authentication entry point
org.springframework.security.access.AccessDeniedException: Access is denied
    at grails.plugin.springsecurity.access.vote.AuthenticatedVetoableDecisionManager.decide(AuthenticatedVetoableDecisionManager.java:47)
    at com.odobo.grails.plugin.springsecurity.rest.RestTokenValidationFilter.processFilterChain(RestTokenValidationFilter.groovy:108)
    at com.odobo.grails.plugin.springsecurity.rest.RestTokenValidationFilter.doFilter(RestTokenValidationFilter.groovy:77)
    at grails.plugin.springsecurity.web.filter.GrailsAnonymousAuthenticationFilter.doFilter(GrailsAnonymousAuthenticationFilter.java:53)
    at com.odobo.grails.plugin.springsecurity.rest.RestAuthenticationFilter.doFilter(RestAuthenticationFilter.groovy:122)
    at grails.plugin.springsecurity.web.authentication.RequestHolderAuthenticationFilter.doFilter(RequestHolderAuthenticationFilter.java:49)
    at grails.plugin.springsecurity.web.authentication.logout.MutableLogoutFilter.doFilter(MutableLogoutFilter.java:82)
    at com.odobo.grails.plugin.springsecurity.rest.RestLogoutFilter.doFilter(RestLogoutFilter.groovy:63)
    at com.brandseye.cors.CorsFilter.doFilter(CorsFilter.java:82)
    at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145)
    at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615)
    at java.lang.Thread.run(Thread.java:745)
2014-11-27 08:59:46,798 [http-bio-8080-exec-10] DEBUG savedrequest.HttpSessionRequestCache  - DefaultSavedRequest added to Session: DefaultSavedRequest[http://localhost:8080/shark/login/auth]
2014-11-27 08:59:46,798 [http-bio-8080-exec-10] DEBUG access.ExceptionTranslationFilter  - Calling Authentication entry point.
2014-11-27 08:59:46,798 [http-bio-8080-exec-10] DEBUG web.DefaultRedirectStrategy  - Redirecting to 'http://localhost:8080/shark/login/auth'
2014-11-27 08:59:46,799 [http-bio-8080-exec-10] DEBUG access.ExceptionTranslationFilter  - Chain processed normally
2014-11-27 08:59:46,799 [http-bio-8080-exec-10] DEBUG context.SecurityContextPersistenceFilter  - SecurityContextHolder now cleared, as request processing completed
2014-11-27 08:59:46,822 [http-bio-8080-exec-10] DEBUG matcher.AntPathRequestMatcher  - Request '/login/auth' matched by universal pattern '/**'
2014-11-27 08:59:46,823 [http-bio-8080-exec-10] DEBUG web.FilterChainProxy  - /login/auth at position 1 of 12 in additional filter chain; firing Filter: 'SecurityContextPersistenceFilter'
2014-11-27 08:59:46,823 [http-bio-8080-exec-10] DEBUG web.FilterChainProxy  - /login/auth at position 2 of 12 in additional filter chain; firing Filter: 'RestLogoutFilter'
2014-11-27 08:59:46,823 [http-bio-8080-exec-10] DEBUG web.FilterChainProxy  - /login/auth at position 3 of 12 in additional filter chain; firing Filter: 'MutableLogoutFilter'
2014-11-27 08:59:46,823 [http-bio-8080-exec-10] DEBUG web.FilterChainProxy  - /login/auth at position 4 of 12 in additional filter chain; firing Filter: 'RequestHolderAuthenticationFilter'
2014-11-27 08:59:46,823 [http-bio-8080-exec-10] DEBUG web.FilterChainProxy  - /login/auth at position 5 of 12 in additional filter chain; firing Filter: 'RestAuthenticationFilter'
2014-11-27 08:59:46,823 [http-bio-8080-exec-10] DEBUG rest.RestAuthenticationFilter  - Actual URI is /login/auth; endpoint URL is /api/login
2014-11-27 08:59:46,824 [http-bio-8080-exec-10] DEBUG web.FilterChainProxy  - /login/auth at position 6 of 12 in additional filter chain; firing Filter: 'SecurityContextHolderAwareRequestFilter'
2014-11-27 08:59:46,824 [http-bio-8080-exec-10] DEBUG web.FilterChainProxy  - /login/auth at position 7 of 12 in additional filter chain; firing Filter: 'GrailsRememberMeAuthenticationFilter'
2014-11-27 08:59:46,824 [http-bio-8080-exec-10] DEBUG web.FilterChainProxy  - /login/auth at position 8 of 12 in additional filter chain; firing Filter: 'GrailsAnonymousAuthenticationFilter'
2014-11-27 08:59:46,824 [http-bio-8080-exec-10] DEBUG web.FilterChainProxy  - /login/auth at position 9 of 12 in additional filter chain; firing Filter: 'RestTokenValidationFilter'
2014-11-27 08:59:46,824 [http-bio-8080-exec-10] DEBUG rest.RestTokenValidationFilter  - Token not found
2014-11-27 08:59:46,824 [http-bio-8080-exec-10] DEBUG rest.RestTokenValidationFilter  - Request does not contain any token. Letting it continue through the filter chain
2014-11-27 08:59:46,824 [http-bio-8080-exec-10] DEBUG web.FilterChainProxy  - /login/auth at position 10 of 12 in additional filter chain; firing Filter: 'ExceptionTranslationFilter'
2014-11-27 08:59:46,824 [http-bio-8080-exec-10] DEBUG web.FilterChainProxy  - /login/auth at position 11 of 12 in additional filter chain; firing Filter: 'ExceptionTranslationFilter'
2014-11-27 08:59:46,824 [http-bio-8080-exec-10] DEBUG web.FilterChainProxy  - /login/auth at position 12 of 12 in additional filter chain; firing Filter: 'FilterSecurityInterceptor'
2014-11-27 08:59:46,825 [http-bio-8080-exec-10] DEBUG intercept.FilterSecurityInterceptor  - Secure object: FilterInvocation: URL: /login/auth; Attributes: [_DENY_]
2014-11-27 08:59:46,825 [http-bio-8080-exec-10] DEBUG intercept.FilterSecurityInterceptor  - Previously Authenticated: grails.plugin.springsecurity.authentication.GrailsAnonymousAuthenticationToken@f23943d4: Principal: org.springframework.security.core.userdetails.User@dc730200: Username: __grails.anonymous.user__; Password: [PROTECTED]; Enabled: false; AccountNonExpired: false; credentialsNonExpired: false; AccountNonLocked: false; Granted Authorities: ROLE_ANONYMOUS; Credentials: [PROTECTED]; Authenticated: true; Details: org.springframework.security.web.authentication.WebAuthenticationDetails@fffde5d4: RemoteIpAddress: 0:0:0:0:0:0:0:1; SessionId: 62C4B9210C7439806B68B03ED3B349F6; Granted Authorities: ROLE_ANONYMOUS
2014-11-27 08:59:46,825 [http-bio-8080-exec-10] DEBUG hierarchicalroles.RoleHierarchyImpl  - getReachableGrantedAuthorities() - From the roles [ROLE_ANONYMOUS] one can reach [ROLE_ANONYMOUS] in zero or more steps.
2014-11-27 08:59:46,828 [http-bio-8080-exec-10] DEBUG access.ExceptionTranslationFilter  - Access is denied (user is anonymous); redirecting to authentication entry point
org.springframework.security.access.AccessDeniedException: Access is denied
    at grails.plugin.springsecurity.access.vote.AuthenticatedVetoableDecisionManager.decide(AuthenticatedVetoableDecisionManager.java:47)
    at com.odobo.grails.plugin.springsecurity.rest.RestTokenValidationFilter.processFilterChain(RestTokenValidationFilter.groovy:108)
    at com.odobo.grails.plugin.springsecurity.rest.RestTokenValidationFilter.doFilter(RestTokenValidationFilter.groovy:77)
    at grails.plugin.springsecurity.web.filter.GrailsAnonymousAuthenticationFilter.doFilter(GrailsAnonymousAuthenticationFilter.java:53)
    at com.odobo.grails.plugin.springsecurity.rest.RestAuthenticationFilter.doFilter(RestAuthenticationFilter.groovy:122)
    at grails.plugin.springsecurity.web.authentication.RequestHolderAuthenticationFilter.doFilter(RequestHolderAuthenticationFilter.java:49)
    at grails.plugin.springsecurity.web.authentication.logout.MutableLogoutFilter.doFilter(MutableLogoutFilter.java:82)
    at com.odobo.grails.plugin.springsecurity.rest.RestLogoutFilter.doFilter(RestLogoutFilter.groovy:63)
    at com.brandseye.cors.CorsFilter.doFilter(CorsFilter.java:82)
    at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145)
    at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615)
    at java.lang.Thread.run(Thread.java:745)
2014-11-27 08:59:46,830 [http-bio-8080-exec-10] DEBUG savedrequest.HttpSessionRequestCache  - DefaultSavedRequest added to Session: DefaultSavedRequest[http://localhost:8080/shark/login/auth]
2014-11-27 08:59:46,831 [http-bio-8080-exec-10] DEBUG access.ExceptionTranslationFilter  - Calling Authentication entry point.
2014-11-27 08:59:46,832 [http-bio-8080-exec-10] DEBUG web.DefaultRedirectStrategy  - Redirecting to 'http://localhost:8080/shark/login/auth'
2014-11-27 08:59:46,832 [http-bio-8080-exec-10] DEBUG access.ExceptionTranslationFilter  - Chain processed normally
2014-11-27 08:59:46,832 [http-bio-8080-exec-10] DEBUG context.SecurityContextPersistenceFilter  - SecurityContextHolder now cleared, as request processing completed
2014-11-27 08:59:46,840 [http-bio-8080-exec-10] DEBUG matcher.AntPathRequestMatcher  - Request '/login/auth' matched by universal pattern '/**'
2014-11-27 08:59:46,840 [http-bio-8080-exec-10] DEBUG web.FilterChainProxy  - /login/auth at position 1 of 12 in additional filter chain; firing Filter: 'SecurityContextPersistenceFilter'
2014-11-27 08:59:46,840 [http-bio-8080-exec-10] DEBUG web.FilterChainProxy  - /login/auth at position 2 of 12 in additional filter chain; firing Filter: 'RestLogoutFilter'
2014-11-27 08:59:46,841 [http-bio-8080-exec-10] DEBUG web.FilterChainProxy  - /login/auth at position 3 of 12 in additional filter chain; firing Filter: 'MutableLogoutFilter'
2014-11-27 08:59:46,841 [http-bio-8080-exec-10] DEBUG web.FilterChainProxy  - /login/auth at position 4 of 12 in additional filter chain; firing Filter: 'RequestHolderAuthenticationFilter'
2014-11-27 08:59:46,841 [http-bio-8080-exec-10] DEBUG web.FilterChainProxy  - /login/auth at position 5 of 12 in additional filter chain; firing Filter: 'RestAuthenticationFilter'
2014-11-27 08:59:46,842 [http-bio-8080-exec-10] DEBUG rest.RestAuthenticationFilter  - Actual URI is /login/auth; endpoint URL is /api/login
2014-11-27 08:59:46,842 [http-bio-8080-exec-10] DEBUG web.FilterChainProxy  - /login/auth at position 6 of 12 in additional filter chain; firing Filter: 'SecurityContextHolderAwareRequestFilter'
2014-11-27 08:59:46,843 [http-bio-8080-exec-10] DEBUG web.FilterChainProxy  - /login/auth at position 7 of 12 in additional filter chain; firing Filter: 'GrailsRememberMeAuthenticationFilter'
2014-11-27 08:59:46,843 [http-bio-8080-exec-10] DEBUG web.FilterChainProxy  - /login/auth at position 8 of 12 in additional filter chain; firing Filter: 'GrailsAnonymousAuthenticationFilter'
2014-11-27 08:59:46,843 [http-bio-8080-exec-10] DEBUG web.FilterChainProxy  - /login/auth at position 9 of 12 in additional filter chain; firing Filter: 'RestTokenValidationFilter'
2014-11-27 08:59:46,843 [http-bio-8080-exec-10] DEBUG rest.RestTokenValidationFilter  - Token not found
2014-11-27 08:59:46,844 [http-bio-8080-exec-10] DEBUG rest.RestTokenValidationFilter  - Request does not contain any token. Letting it continue through the filter chain
2014-11-27 08:59:46,844 [http-bio-8080-exec-10] DEBUG web.FilterChainProxy  - /login/auth at position 10 of 12 in additional filter chain; firing Filter: 'ExceptionTranslationFilter'
2014-11-27 08:59:46,844 [http-bio-8080-exec-10] DEBUG web.FilterChainProxy  - /login/auth at position 11 of 12 in additional filter chain; firing Filter: 'ExceptionTranslationFilter'
2014-11-27 08:59:46,844 [http-bio-8080-exec-10] DEBUG web.FilterChainProxy  - /login/auth at position 12 of 12 in additional filter chain; firing Filter: 'FilterSecurityInterceptor'
2014-11-27 08:59:46,845 [http-bio-8080-exec-10] DEBUG intercept.FilterSecurityInterceptor  - Secure object: FilterInvocation: URL: /login/auth; Attributes: [_DENY_]
2014-11-27 08:59:46,845 [http-bio-8080-exec-10] DEBUG intercept.FilterSecurityInterceptor  - Previously Authenticated: grails.plugin.springsecurity.authentication.GrailsAnonymousAuthenticationToken@f23943d4: Principal: org.springframework.security.core.userdetails.User@dc730200: Username: __grails.anonymous.user__; Password: [PROTECTED]; Enabled: false; AccountNonExpired: false; credentialsNonExpired: false; AccountNonLocked: false; Granted Authorities: ROLE_ANONYMOUS; Credentials: [PROTECTED]; Authenticated: true; Details: org.springframework.security.web.authentication.WebAuthenticationDetails@fffde5d4: RemoteIpAddress: 0:0:0:0:0:0:0:1; SessionId: 62C4B9210C7439806B68B03ED3B349F6; Granted Authorities: ROLE_ANONYMOUS
2014-11-27 08:59:46,845 [http-bio-8080-exec-10] DEBUG hierarchicalroles.RoleHierarchyImpl  - getReachableGrantedAuthorities() - From the roles [ROLE_ANONYMOUS] one can reach [ROLE_ANONYMOUS] in zero or more steps.
2014-11-27 08:59:46,848 [http-bio-8080-exec-10] DEBUG access.ExceptionTranslationFilter  - Access is denied (user is anonymous); redirecting to authentication entry point
org.springframework.security.access.AccessDeniedException: Access is denied
    at grails.plugin.springsecurity.access.vote.AuthenticatedVetoableDecisionManager.decide(AuthenticatedVetoableDecisionManager.java:47)
    at com.odobo.grails.plugin.springsecurity.rest.RestTokenValidationFilter.processFilterChain(RestTokenValidationFilter.groovy:108)
    at com.odobo.grails.plugin.springsecurity.rest.RestTokenValidationFilter.doFilter(RestTokenValidationFilter.groovy:77)
    at grails.plugin.springsecurity.web.filter.GrailsAnonymousAuthenticationFilter.doFilter(GrailsAnonymousAuthenticationFilter.java:53)
    at com.odobo.grails.plugin.springsecurity.rest.RestAuthenticationFilter.doFilter(RestAuthenticationFilter.groovy:122)
    at grails.plugin.springsecurity.web.authentication.RequestHolderAuthenticationFilter.doFilter(RequestHolderAuthenticationFilter.java:49)
    at grails.plugin.springsecurity.web.authentication.logout.MutableLogoutFilter.doFilter(MutableLogoutFilter.java:82)
    at com.odobo.grails.plugin.springsecurity.rest.RestLogoutFilter.doFilter(RestLogoutFilter.groovy:63)
    at com.brandseye.cors.CorsFilter.doFilter(CorsFilter.java:82)
    at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145)
    at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615)
    at java.lang.Thread.run(Thread.java:745)
2014-11-27 08:59:46,849 [http-bio-8080-exec-10] DEBUG savedrequest.HttpSessionRequestCache  - DefaultSavedRequest added to Session: DefaultSavedRequest[http://localhost:8080/shark/login/auth]
2014-11-27 08:59:46,850 [http-bio-8080-exec-10] DEBUG access.ExceptionTranslationFilter  - Calling Authentication entry point.
2014-11-27 08:59:46,850 [http-bio-8080-exec-10] DEBUG web.DefaultRedirectStrategy  - Redirecting to 'http://localhost:8080/shark/login/auth'
2014-11-27 08:59:46,850 [http-bio-8080-exec-10] DEBUG access.ExceptionTranslationFilter  - Chain processed normally
2014-11-27 08:59:46,850 [http-bio-8080-exec-10] DEBUG context.SecurityContextPersistenceFilter  - SecurityContextHolder now cleared, as request processing completed
2014-11-27 08:59:46,876 [http-bio-8080-exec-10] DEBUG matcher.AntPathRequestMatcher  - Request '/login/auth' matched by universal pattern '/**'
2014-11-27 08:59:46,878 [http-bio-8080-exec-10] DEBUG web.FilterChainProxy  - /login/auth at position 1 of 12 in additional filter chain; firing Filter: 'SecurityContextPersistenceFilter'
2014-11-27 08:59:46,878 [http-bio-8080-exec-10] DEBUG web.FilterChainProxy  - /login/auth at position 2 of 12 in additional filter chain; firing Filter: 'RestLogoutFilter'
2014-11-27 08:59:46,878 [http-bio-8080-exec-10] DEBUG web.FilterChainProxy  - /login/auth at position 3 of 12 in additional filter chain; firing Filter: 'MutableLogoutFilter'
2014-11-27 08:59:46,878 [http-bio-8080-exec-10] DEBUG web.FilterChainProxy  - /login/auth at position 4 of 12 in additional filter chain; firing Filter: 'RequestHolderAuthenticationFilter'
2014-11-27 08:59:46,879 [http-bio-8080-exec-10] DEBUG web.FilterChainProxy  - /login/auth at position 5 of 12 in additional filter chain; firing Filter: 'RestAuthenticationFilter'
2014-11-27 08:59:46,879 [http-bio-8080-exec-10] DEBUG rest.RestAuthenticationFilter  - Actual URI is /login/auth; endpoint URL is /api/login
2014-11-27 08:59:46,879 [http-bio-8080-exec-10] DEBUG web.FilterChainProxy  - /login/auth at position 6 of 12 in additional filter chain; firing Filter: 'SecurityContextHolderAwareRequestFilter'
2014-11-27 08:59:46,879 [http-bio-8080-exec-10] DEBUG web.FilterChainProxy  - /login/auth at position 7 of 12 in additional filter chain; firing Filter: 'GrailsRememberMeAuthenticationFilter'
2014-11-27 08:59:46,879 [http-bio-8080-exec-10] DEBUG web.FilterChainProxy  - /login/auth at position 8 of 12 in additional filter chain; firing Filter: 'GrailsAnonymousAuthenticationFilter'
2014-11-27 08:59:46,879 [http-bio-8080-exec-10] DEBUG web.FilterChainProxy  - /login/auth at position 9 of 12 in additional filter chain; firing Filter: 'RestTokenValidationFilter'
2014-11-27 08:59:46,879 [http-bio-8080-exec-10] DEBUG rest.RestTokenValidationFilter  - Token not found
2014-11-27 08:59:46,880 [http-bio-8080-exec-10] DEBUG rest.RestTokenValidationFilter  - Request does not contain any token. Letting it continue through the filter chain
2014-11-27 08:59:46,880 [http-bio-8080-exec-10] DEBUG web.FilterChainProxy  - /login/auth at position 10 of 12 in additional filter chain; firing Filter: 'ExceptionTranslationFilter'
2014-11-27 08:59:46,880 [http-bio-8080-exec-10] DEBUG web.FilterChainProxy  - /login/auth at position 11 of 12 in additional filter chain; firing Filter: 'ExceptionTranslationFilter'
2014-11-27 08:59:46,880 [http-bio-8080-exec-10] DEBUG web.FilterChainProxy  - /login/auth at position 12 of 12 in additional filter chain; firing Filter: 'FilterSecurityInterceptor'
2014-11-27 08:59:46,880 [http-bio-8080-exec-10] DEBUG intercept.FilterSecurityInterceptor  - Secure object: FilterInvocation: URL: /login/auth; Attributes: [_DENY_]
2014-11-27 08:59:46,880 [http-bio-8080-exec-10] DEBUG intercept.FilterSecurityInterceptor  - Previously Authenticated: grails.plugin.springsecurity.authentication.GrailsAnonymousAuthenticationToken@f23943d4: Principal: org.springframework.security.core.userdetails.User@dc730200: Username: __grails.anonymous.user__; Password: [PROTECTED]; Enabled: false; AccountNonExpired: false; credentialsNonExpired: false; AccountNonLocked: false; Granted Authorities: ROLE_ANONYMOUS; Credentials: [PROTECTED]; Authenticated: true; Details: org.springframework.security.web.authentication.WebAuthenticationDetails@fffde5d4: RemoteIpAddress: 0:0:0:0:0:0:0:1; SessionId: 62C4B9210C7439806B68B03ED3B349F6; Granted Authorities: ROLE_ANONYMOUS
2014-11-27 08:59:46,880 [http-bio-8080-exec-10] DEBUG hierarchicalroles.RoleHierarchyImpl  - getReachableGrantedAuthorities() - From the roles [ROLE_ANONYMOUS] one can reach [ROLE_ANONYMOUS] in zero or more steps.
2014-11-27 08:59:46,882 [http-bio-8080-exec-10] DEBUG access.ExceptionTranslationFilter  - Access is denied (user is anonymous); redirecting to authentication entry point
org.springframework.security.access.AccessDeniedException: Access is denied
    at grails.plugin.springsecurity.access.vote.AuthenticatedVetoableDecisionManager.decide(AuthenticatedVetoableDecisionManager.java:47)
    at com.odobo.grails.plugin.springsecurity.rest.RestTokenValidationFilter.processFilterChain(RestTokenValidationFilter.groovy:108)
    at com.odobo.grails.plugin.springsecurity.rest.RestTokenValidationFilter.doFilter(RestTokenValidationFilter.groovy:77)
    at grails.plugin.springsecurity.web.filter.GrailsAnonymousAuthenticationFilter.doFilter(GrailsAnonymousAuthenticationFilter.java:53)
    at com.odobo.grails.plugin.springsecurity.rest.RestAuthenticationFilter.doFilter(RestAuthenticationFilter.groovy:122)
    at grails.plugin.springsecurity.web.authentication.RequestHolderAuthenticationFilter.doFilter(RequestHolderAuthenticationFilter.java:49)
    at grails.plugin.springsecurity.web.authentication.logout.MutableLogoutFilter.doFilter(MutableLogoutFilter.java:82)
    at com.odobo.grails.plugin.springsecurity.rest.RestLogoutFilter.doFilter(RestLogoutFilter.groovy:63)
    at com.brandseye.cors.CorsFilter.doFilter(CorsFilter.java:82)
    at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145)
    at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615)
    at java.lang.Thread.run(Thread.java:745)
2014-11-27 08:59:46,883 [http-bio-8080-exec-10] DEBUG savedrequest.HttpSessionRequestCache  - DefaultSavedRequest added to Session: DefaultSavedRequest[http://localhost:8080/shark/login/auth]
2014-11-27 08:59:46,883 [http-bio-8080-exec-10] DEBUG access.ExceptionTranslationFilter  - Calling Authentication entry point.
2014-11-27 08:59:46,883 [http-bio-8080-exec-10] DEBUG web.DefaultRedirectStrategy  - Redirecting to 'http://localhost:8080/shark/login/auth'
2014-11-27 08:59:46,883 [http-bio-8080-exec-10] DEBUG access.ExceptionTranslationFilter  - Chain processed normally
2014-11-27 08:59:46,884 [http-bio-8080-exec-10] DEBUG context.SecurityContextPersistenceFilter  - SecurityContextHolder now cleared, as request processing completed
2014-11-27 08:59:46,929 [http-bio-8080-exec-10] DEBUG matcher.AntPathRequestMatcher  - Request '/login/auth' matched by universal pattern '/**'
2014-11-27 08:59:46,929 [http-bio-8080-exec-10] DEBUG web.FilterChainProxy  - /login/auth at position 1 of 12 in additional filter chain; firing Filter: 'SecurityContextPersistenceFilter'
2014-11-27 08:59:46,929 [http-bio-8080-exec-10] DEBUG web.FilterChainProxy  - /login/auth at position 2 of 12 in additional filter chain; firing Filter: 'RestLogoutFilter'
2014-11-27 08:59:46,930 [http-bio-8080-exec-10] DEBUG web.FilterChainProxy  - /login/auth at position 3 of 12 in additional filter chain; firing Filter: 'MutableLogoutFilter'
2014-11-27 08:59:46,930 [http-bio-8080-exec-10] DEBUG web.FilterChainProxy  - /login/auth at position 4 of 12 in additional filter chain; firing Filter: 'RequestHolderAuthenticationFilter'
2014-11-27 08:59:46,930 [http-bio-8080-exec-10] DEBUG web.FilterChainProxy  - /login/auth at position 5 of 12 in additional filter chain; firing Filter: 'RestAuthenticationFilter'
2014-11-27 08:59:46,930 [http-bio-8080-exec-10] DEBUG rest.RestAuthenticationFilter  - Actual URI is /login/auth; endpoint URL is /api/login
2014-11-27 08:59:46,930 [http-bio-8080-exec-10] DEBUG web.FilterChainProxy  - /login/auth at position 6 of 12 in additional filter chain; firing Filter: 'SecurityContextHolderAwareRequestFilter'
2014-11-27 08:59:46,931 [http-bio-8080-exec-10] DEBUG web.FilterChainProxy  - /login/auth at position 7 of 12 in additional filter chain; firing Filter: 'GrailsRememberMeAuthenticationFilter'
2014-11-27 08:59:46,931 [http-bio-8080-exec-10] DEBUG web.FilterChainProxy  - /login/auth at position 8 of 12 in additional filter chain; firing Filter: 'GrailsAnonymousAuthenticationFilter'
2014-11-27 08:59:46,931 [http-bio-8080-exec-10] DEBUG web.FilterChainProxy  - /login/auth at position 9 of 12 in additional filter chain; firing Filter: 'RestTokenValidationFilter'
2014-11-27 08:59:46,931 [http-bio-8080-exec-10] DEBUG rest.RestTokenValidationFilter  - Token not found
2014-11-27 08:59:46,931 [http-bio-8080-exec-10] DEBUG rest.RestTokenValidationFilter  - Request does not contain any token. Letting it continue through the filter chain
2014-11-27 08:59:46,931 [http-bio-8080-exec-10] DEBUG web.FilterChainProxy  - /login/auth at position 10 of 12 in additional filter chain; firing Filter: 'ExceptionTranslationFilter'
2014-11-27 08:59:46,931 [http-bio-8080-exec-10] DEBUG web.FilterChainProxy  - /login/auth at position 11 of 12 in additional filter chain; firing Filter: 'ExceptionTranslationFilter'
2014-11-27 08:59:46,932 [http-bio-8080-exec-10] DEBUG web.FilterChainProxy  - /login/auth at position 12 of 12 in additional filter chain; firing Filter: 'FilterSecurityInterceptor'
2014-11-27 08:59:46,932 [http-bio-8080-exec-10] DEBUG intercept.FilterSecurityInterceptor  - Secure object: FilterInvocation: URL: /login/auth; Attributes: [_DENY_]
2014-11-27 08:59:46,932 [http-bio-8080-exec-10] DEBUG intercept.FilterSecurityInterceptor  - Previously Authenticated: grails.plugin.springsecurity.authentication.GrailsAnonymousAuthenticationToken@f23943d4: Principal: org.springframework.security.core.userdetails.User@dc730200: Username: __grails.anonymous.user__; Password: [PROTECTED]; Enabled: false; AccountNonExpired: false; credentialsNonExpired: false; AccountNonLocked: false; Granted Authorities: ROLE_ANONYMOUS; Credentials: [PROTECTED]; Authenticated: true; Details: org.springframework.security.web.authentication.WebAuthenticationDetails@fffde5d4: RemoteIpAddress: 0:0:0:0:0:0:0:1; SessionId: 62C4B9210C7439806B68B03ED3B349F6; Granted Authorities: ROLE_ANONYMOUS
2014-11-27 08:59:46,932 [http-bio-8080-exec-10] DEBUG hierarchicalroles.RoleHierarchyImpl  - getReachableGrantedAuthorities() - From the roles [ROLE_ANONYMOUS] one can reach [ROLE_ANONYMOUS] in zero or more steps.
2014-11-27 08:59:46,934 [http-bio-8080-exec-10] DEBUG access.ExceptionTranslationFilter  - Access is denied (user is anonymous); redirecting to authentication entry point
org.springframework.security.access.AccessDeniedException: Access is denied
    at grails.plugin.springsecurity.access.vote.AuthenticatedVetoableDecisionManager.decide(AuthenticatedVetoableDecisionManager.java:47)
    at com.odobo.grails.plugin.springsecurity.rest.RestTokenValidationFilter.processFilterChain(RestTokenValidationFilter.groovy:108)
    at com.odobo.grails.plugin.springsecurity.rest.RestTokenValidationFilter.doFilter(RestTokenValidationFilter.groovy:77)
    at grails.plugin.springsecurity.web.filter.GrailsAnonymousAuthenticationFilter.doFilter(GrailsAnonymousAuthenticationFilter.java:53)
    at com.odobo.grails.plugin.springsecurity.rest.RestAuthenticationFilter.doFilter(RestAuthenticationFilter.groovy:122)
    at grails.plugin.springsecurity.web.authentication.RequestHolderAuthenticationFilter.doFilter(RequestHolderAuthenticationFilter.java:49)
    at grails.plugin.springsecurity.web.authentication.logout.MutableLogoutFilter.doFilter(MutableLogoutFilter.java:82)
    at com.odobo.grails.plugin.springsecurity.rest.RestLogoutFilter.doFilter(RestLogoutFilter.groovy:63)
    at com.brandseye.cors.CorsFilter.doFilter(CorsFilter.java:82)
    at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145)
    at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615)
    at java.lang.Thread.run(Thread.java:745)
2014-11-27 08:59:46,935 [http-bio-8080-exec-10] DEBUG savedrequest.HttpSessionRequestCache  - DefaultSavedRequest added to Session: DefaultSavedRequest[http://localhost:8080/shark/login/auth]
2014-11-27 08:59:46,935 [http-bio-8080-exec-10] DEBUG access.ExceptionTranslationFilter  - Calling Authentication entry point.
2014-11-27 08:59:46,935 [http-bio-8080-exec-10] DEBUG web.DefaultRedirectStrategy  - Redirecting to 'http://localhost:8080/shark/login/auth'
2014-11-27 08:59:46,935 [http-bio-8080-exec-10] DEBUG access.ExceptionTranslationFilter  - Chain processed normally
2014-11-27 08:59:46,935 [http-bio-8080-exec-10] DEBUG context.SecurityContextPersistenceFilter  - SecurityContextHolder now cleared, as request processing completed
2014-11-27 08:59:46,945 [http-bio-8080-exec-10] DEBUG matcher.AntPathRequestMatcher  - Request '/login/auth' matched by universal pattern '/**'
2014-11-27 08:59:46,946 [http-bio-8080-exec-10] DEBUG web.FilterChainProxy  - /login/auth at position 1 of 12 in additional filter chain; firing Filter: 'SecurityContextPersistenceFilter'
2014-11-27 08:59:46,946 [http-bio-8080-exec-10] DEBUG web.FilterChainProxy  - /login/auth at position 2 of 12 in additional filter chain; firing Filter: 'RestLogoutFilter'
2014-11-27 08:59:46,946 [http-bio-8080-exec-10] DEBUG web.FilterChainProxy  - /login/auth at position 3 of 12 in additional filter chain; firing Filter: 'MutableLogoutFilter'
2014-11-27 08:59:46,946 [http-bio-8080-exec-10] DEBUG web.FilterChainProxy  - /login/auth at position 4 of 12 in additional filter chain; firing Filter: 'RequestHolderAuthenticationFilter'
2014-11-27 08:59:46,946 [http-bio-8080-exec-10] DEBUG web.FilterChainProxy  - /login/auth at position 5 of 12 in additional filter chain; firing Filter: 'RestAuthenticationFilter'
2014-11-27 08:59:46,947 [http-bio-8080-exec-10] DEBUG rest.RestAuthenticationFilter  - Actual URI is /login/auth; endpoint URL is /api/login
2014-11-27 08:59:46,947 [http-bio-8080-exec-10] DEBUG web.FilterChainProxy  - /login/auth at position 6 of 12 in additional filter chain; firing Filter: 'SecurityContextHolderAwareRequestFilter'
2014-11-27 08:59:46,947 [http-bio-8080-exec-10] DEBUG web.FilterChainProxy  - /login/auth at position 7 of 12 in additional filter chain; firing Filter: 'GrailsRememberMeAuthenticationFilter'
2014-11-27 08:59:46,947 [http-bio-8080-exec-10] DEBUG web.FilterChainProxy  - /login/auth at position 8 of 12 in additional filter chain; firing Filter: 'GrailsAnonymousAuthenticationFilter'
2014-11-27 08:59:46,947 [http-bio-8080-exec-10] DEBUG web.FilterChainProxy  - /login/auth at position 9 of 12 in additional filter chain; firing Filter: 'RestTokenValidationFilter'
2014-11-27 08:59:46,947 [http-bio-8080-exec-10] DEBUG rest.RestTokenValidationFilter  - Token not found
2014-11-27 08:59:46,948 [http-bio-8080-exec-10] DEBUG rest.RestTokenValidationFilter  - Request does not contain any token. Letting it continue through the filter chain
2014-11-27 08:59:46,948 [http-bio-8080-exec-10] DEBUG web.FilterChainProxy  - /login/auth at position 10 of 12 in additional filter chain; firing Filter: 'ExceptionTranslationFilter'
2014-11-27 08:59:46,948 [http-bio-8080-exec-10] DEBUG web.FilterChainProxy  - /login/auth at position 11 of 12 in additional filter chain; firing Filter: 'ExceptionTranslationFilter'
2014-11-27 08:59:46,948 [http-bio-8080-exec-10] DEBUG web.FilterChainProxy  - /login/auth at position 12 of 12 in additional filter chain; firing Filter: 'FilterSecurityInterceptor'
2014-11-27 08:59:46,948 [http-bio-8080-exec-10] DEBUG intercept.FilterSecurityInterceptor  - Secure object: FilterInvocation: URL: /login/auth; Attributes: [_DENY_]
2014-11-27 08:59:46,948 [http-bio-8080-exec-10] DEBUG intercept.FilterSecurityInterceptor  - Previously Authenticated: grails.plugin.springsecurity.authentication.GrailsAnonymousAuthenticationToken@f23943d4: Principal: org.springframework.security.core.userdetails.User@dc730200: Username: __grails.anonymous.user__; Password: [PROTECTED]; Enabled: false; AccountNonExpired: false; credentialsNonExpired: false; AccountNonLocked: false; Granted Authorities: ROLE_ANONYMOUS; Credentials: [PROTECTED]; Authenticated: true; Details: org.springframework.security.web.authentication.WebAuthenticationDetails@fffde5d4: RemoteIpAddress: 0:0:0:0:0:0:0:1; SessionId: 62C4B9210C7439806B68B03ED3B349F6; Granted Authorities: ROLE_ANONYMOUS
2014-11-27 08:59:46,949 [http-bio-8080-exec-10] DEBUG hierarchicalroles.RoleHierarchyImpl  - getReachableGrantedAuthorities() - From the roles [ROLE_ANONYMOUS] one can reach [ROLE_ANONYMOUS] in zero or more steps.
2014-11-27 08:59:46,950 [http-bio-8080-exec-10] DEBUG access.ExceptionTranslationFilter  - Access is denied (user is anonymous); redirecting to authentication entry point
org.springframework.security.access.AccessDeniedException: Access is denied
    at grails.plugin.springsecurity.access.vote.AuthenticatedVetoableDecisionManager.decide(AuthenticatedVetoableDecisionManager.java:47)
    at com.odobo.grails.plugin.springsecurity.rest.RestTokenValidationFilter.processFilterChain(RestTokenValidationFilter.groovy:108)
    at com.odobo.grails.plugin.springsecurity.rest.RestTokenValidationFilter.doFilter(RestTokenValidationFilter.groovy:77)
    at grails.plugin.springsecurity.web.filter.GrailsAnonymousAuthenticationFilter.doFilter(GrailsAnonymousAuthenticationFilter.java:53)
    at com.odobo.grails.plugin.springsecurity.rest.RestAuthenticationFilter.doFilter(RestAuthenticationFilter.groovy:122)
    at grails.plugin.springsecurity.web.authentication.RequestHolderAuthenticationFilter.doFilter(RequestHolderAuthenticationFilter.java:49)
    at grails.plugin.springsecurity.web.authentication.logout.MutableLogoutFilter.doFilter(MutableLogoutFilter.java:82)
    at com.odobo.grails.plugin.springsecurity.rest.RestLogoutFilter.doFilter(RestLogoutFilter.groovy:63)
    at com.brandseye.cors.CorsFilter.doFilter(CorsFilter.java:82)
    at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145)
    at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615)
    at java.lang.Thread.run(Thread.java:745)
2014-11-27 08:59:46,951 [http-bio-8080-exec-10] DEBUG savedrequest.HttpSessionRequestCache  - DefaultSavedRequest added to Session: DefaultSavedRequest[http://localhost:8080/shark/login/auth]
2014-11-27 08:59:46,952 [http-bio-8080-exec-10] DEBUG access.ExceptionTranslationFilter  - Calling Authentication entry point.
2014-11-27 08:59:46,952 [http-bio-8080-exec-10] DEBUG web.DefaultRedirectStrategy  - Redirecting to 'http://localhost:8080/shark/login/auth'
2014-11-27 08:59:46,952 [http-bio-8080-exec-10] DEBUG access.ExceptionTranslationFilter  - Chain processed normally
2014-11-27 08:59:46,953 [http-bio-8080-exec-10] DEBUG context.SecurityContextPersistenceFilter  - SecurityContextHolder now cleared, as request processing completed
2014-11-27 08:59:46,981 [http-bio-8080-exec-10] DEBUG matcher.AntPathRequestMatcher  - Request '/login/auth' matched by universal pattern '/**'
2014-11-27 08:59:46,982 [http-bio-8080-exec-10] DEBUG web.FilterChainProxy  - /login/auth at position 1 of 12 in additional filter chain; firing Filter: 'SecurityContextPersistenceFilter'
2014-11-27 08:59:46,982 [http-bio-8080-exec-10] DEBUG web.FilterChainProxy  - /login/auth at position 2 of 12 in additional filter chain; firing Filter: 'RestLogoutFilter'
2014-11-27 08:59:46,982 [http-bio-8080-exec-10] DEBUG web.FilterChainProxy  - /login/auth at position 3 of 12 in additional filter chain; firing Filter: 'MutableLogoutFilter'
2014-11-27 08:59:46,982 [http-bio-8080-exec-10] DEBUG web.FilterChainProxy  - /login/auth at position 4 of 12 in additional filter chain; firing Filter: 'RequestHolderAuthenticationFilter'
2014-11-27 08:59:46,982 [http-bio-8080-exec-10] DEBUG web.FilterChainProxy  - /login/auth at position 5 of 12 in additional filter chain; firing Filter: 'RestAuthenticationFilter'
2014-11-27 08:59:46,983 [http-bio-8080-exec-10] DEBUG rest.RestAuthenticationFilter  - Actual URI is /login/auth; endpoint URL is /api/login
2014-11-27 08:59:46,983 [http-bio-8080-exec-10] DEBUG web.FilterChainProxy  - /login/auth at position 6 of 12 in additional filter chain; firing Filter: 'SecurityContextHolderAwareRequestFilter'
2014-11-27 08:59:46,983 [http-bio-8080-exec-10] DEBUG web.FilterChainProxy  - /login/auth at position 7 of 12 in additional filter chain; firing Filter: 'GrailsRememberMeAuthenticationFilter'
2014-11-27 08:59:46,983 [http-bio-8080-exec-10] DEBUG web.FilterChainProxy  - /login/auth at position 8 of 12 in additional filter chain; firing Filter: 'GrailsAnonymousAuthenticationFilter'
2014-11-27 08:59:46,983 [http-bio-8080-exec-10] DEBUG web.FilterChainProxy  - /login/auth at position 9 of 12 in additional filter chain; firing Filter: 'RestTokenValidationFilter'
2014-11-27 08:59:46,983 [http-bio-8080-exec-10] DEBUG rest.RestTokenValidationFilter  - Token not found
2014-11-27 08:59:46,983 [http-bio-8080-exec-10] DEBUG rest.RestTokenValidationFilter  - Request does not contain any token. Letting it continue through the filter chain
2014-11-27 08:59:46,983 [http-bio-8080-exec-10] DEBUG web.FilterChainProxy  - /login/auth at position 10 of 12 in additional filter chain; firing Filter: 'ExceptionTranslationFilter'
2014-11-27 08:59:46,983 [http-bio-8080-exec-10] DEBUG web.FilterChainProxy  - /login/auth at position 11 of 12 in additional filter chain; firing Filter: 'ExceptionTranslationFilter'
2014-11-27 08:59:46,983 [http-bio-8080-exec-10] DEBUG web.FilterChainProxy  - /login/auth at position 12 of 12 in additional filter chain; firing Filter: 'FilterSecurityInterceptor'
2014-11-27 08:59:46,984 [http-bio-8080-exec-10] DEBUG intercept.FilterSecurityInterceptor  - Secure object: FilterInvocation: URL: /login/auth; Attributes: [_DENY_]
2014-11-27 08:59:46,984 [http-bio-8080-exec-10] DEBUG intercept.FilterSecurityInterceptor  - Previously Authenticated: grails.plugin.springsecurity.authentication.GrailsAnonymousAuthenticationToken@f23943d4: Principal: org.springframework.security.core.userdetails.User@dc730200: Username: __grails.anonymous.user__; Password: [PROTECTED]; Enabled: false; AccountNonExpired: false; credentialsNonExpired: false; AccountNonLocked: false; Granted Authorities: ROLE_ANONYMOUS; Credentials: [PROTECTED]; Authenticated: true; Details: org.springframework.security.web.authentication.WebAuthenticationDetails@fffde5d4: RemoteIpAddress: 0:0:0:0:0:0:0:1; SessionId: 62C4B9210C7439806B68B03ED3B349F6; Granted Authorities: ROLE_ANONYMOUS
2014-11-27 08:59:46,984 [http-bio-8080-exec-10] DEBUG hierarchicalroles.RoleHierarchyImpl  - getReachableGrantedAuthorities() - From the roles [ROLE_ANONYMOUS] one can reach [ROLE_ANONYMOUS] in zero or more steps.
2014-11-27 08:59:46,987 [http-bio-8080-exec-10] DEBUG access.ExceptionTranslationFilter  - Access is denied (user is anonymous); redirecting to authentication entry point
org.springframework.security.access.AccessDeniedException: Access is denied
    at grails.plugin.springsecurity.access.vote.AuthenticatedVetoableDecisionManager.decide(AuthenticatedVetoableDecisionManager.java:47)
    at com.odobo.grails.plugin.springsecurity.rest.RestTokenValidationFilter.processFilterChain(RestTokenValidationFilter.groovy:108)
    at com.odobo.grails.plugin.springsecurity.rest.RestTokenValidationFilter.doFilter(RestTokenValidationFilter.groovy:77)
    at grails.plugin.springsecurity.web.filter.GrailsAnonymousAuthenticationFilter.doFilter(GrailsAnonymousAuthenticationFilter.java:53)
    at com.odobo.grails.plugin.springsecurity.rest.RestAuthenticationFilter.doFilter(RestAuthenticationFilter.groovy:122)
    at grails.plugin.springsecurity.web.authentication.RequestHolderAuthenticationFilter.doFilter(RequestHolderAuthenticationFilter.java:49)
    at grails.plugin.springsecurity.web.authentication.logout.MutableLogoutFilter.doFilter(MutableLogoutFilter.java:82)
    at com.odobo.grails.plugin.springsecurity.rest.RestLogoutFilter.doFilter(RestLogoutFilter.groovy:63)
    at com.brandseye.cors.CorsFilter.doFilter(CorsFilter.java:82)
    at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145)
    at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615)
    at java.lang.Thread.run(Thread.java:745)
2014-11-27 08:59:46,988 [http-bio-8080-exec-10] DEBUG savedrequest.HttpSessionRequestCache  - DefaultSavedRequest added to Session: DefaultSavedRequest[http://localhost:8080/shark/login/auth]
2014-11-27 08:59:46,989 [http-bio-8080-exec-10] DEBUG access.ExceptionTranslationFilter  - Calling Authentication entry point.
2014-11-27 08:59:46,990 [http-bio-8080-exec-10] DEBUG web.DefaultRedirectStrategy  - Redirecting to 'http://localhost:8080/shark/login/auth'
2014-11-27 08:59:46,990 [http-bio-8080-exec-10] DEBUG access.ExceptionTranslationFilter  - Chain processed normally
2014-11-27 08:59:46,990 [http-bio-8080-exec-10] DEBUG context.SecurityContextPersistenceFilter  - SecurityContextHolder now cleared, as request processing completed
2014-11-27 08:59:47,003 [http-bio-8080-exec-10] DEBUG matcher.AntPathRequestMatcher  - Request '/login/auth' matched by universal pattern '/**'
2014-11-27 08:59:47,004 [http-bio-8080-exec-10] DEBUG web.FilterChainProxy  - /login/auth at position 1 of 12 in additional filter chain; firing Filter: 'SecurityContextPersistenceFilter'
2014-11-27 08:59:47,004 [http-bio-8080-exec-10] DEBUG web.FilterChainProxy  - /login/auth at position 2 of 12 in additional filter chain; firing Filter: 'RestLogoutFilter'
2014-11-27 08:59:47,005 [http-bio-8080-exec-10] DEBUG web.FilterChainProxy  - /login/auth at position 3 of 12 in additional filter chain; firing Filter: 'MutableLogoutFilter'
2014-11-27 08:59:47,005 [http-bio-8080-exec-10] DEBUG web.FilterChainProxy  - /login/auth at position 4 of 12 in additional filter chain; firing Filter: 'RequestHolderAuthenticationFilter'
2014-11-27 08:59:47,005 [http-bio-8080-exec-10] DEBUG web.FilterChainProxy  - /login/auth at position 5 of 12 in additional filter chain; firing Filter: 'RestAuthenticationFilter'
2014-11-27 08:59:47,006 [http-bio-8080-exec-10] DEBUG rest.RestAuthenticationFilter  - Actual URI is /login/auth; endpoint URL is /api/login
2014-11-27 08:59:47,006 [http-bio-8080-exec-10] DEBUG web.FilterChainProxy  - /login/auth at position 6 of 12 in additional filter chain; firing Filter: 'SecurityContextHolderAwareRequestFilter'
2014-11-27 08:59:47,006 [http-bio-8080-exec-10] DEBUG web.FilterChainProxy  - /login/auth at position 7 of 12 in additional filter chain; firing Filter: 'GrailsRememberMeAuthenticationFilter'
2014-11-27 08:59:47,006 [http-bio-8080-exec-10] DEBUG web.FilterChainProxy  - /login/auth at position 8 of 12 in additional filter chain; firing Filter: 'GrailsAnonymousAuthenticationFilter'
2014-11-27 08:59:47,006 [http-bio-8080-exec-10] DEBUG web.FilterChainProxy  - /login/auth at position 9 of 12 in additional filter chain; firing Filter: 'RestTokenValidationFilter'
2014-11-27 08:59:47,006 [http-bio-8080-exec-10] DEBUG rest.RestTokenValidationFilter  - Token not found
2014-11-27 08:59:47,007 [http-bio-8080-exec-10] DEBUG rest.RestTokenValidationFilter  - Request does not contain any token. Letting it continue through the filter chain
2014-11-27 08:59:47,007 [http-bio-8080-exec-10] DEBUG web.FilterChainProxy  - /login/auth at position 10 of 12 in additional filter chain; firing Filter: 'ExceptionTranslationFilter'
2014-11-27 08:59:47,007 [http-bio-8080-exec-10] DEBUG web.FilterChainProxy  - /login/auth at position 11 of 12 in additional filter chain; firing Filter: 'ExceptionTranslationFilter'
2014-11-27 08:59:47,007 [http-bio-8080-exec-10] DEBUG web.FilterChainProxy  - /login/auth at position 12 of 12 in additional filter chain; firing Filter: 'FilterSecurityInterceptor'
2014-11-27 08:59:47,007 [http-bio-8080-exec-10] DEBUG intercept.FilterSecurityInterceptor  - Secure object: FilterInvocation: URL: /login/auth; Attributes: [_DENY_]
2014-11-27 08:59:47,007 [http-bio-8080-exec-10] DEBUG intercept.FilterSecurityInterceptor  - Previously Authenticated: grails.plugin.springsecurity.authentication.GrailsAnonymousAuthenticationToken@f23943d4: Principal: org.springframework.security.core.userdetails.User@dc730200: Username: __grails.anonymous.user__; Password: [PROTECTED]; Enabled: false; AccountNonExpired: false; credentialsNonExpired: false; AccountNonLocked: false; Granted Authorities: ROLE_ANONYMOUS; Credentials: [PROTECTED]; Authenticated: true; Details: org.springframework.security.web.authentication.WebAuthenticationDetails@fffde5d4: RemoteIpAddress: 0:0:0:0:0:0:0:1; SessionId: 62C4B9210C7439806B68B03ED3B349F6; Granted Authorities: ROLE_ANONYMOUS
2014-11-27 08:59:47,007 [http-bio-8080-exec-10] DEBUG hierarchicalroles.RoleHierarchyImpl  - getReachableGrantedAuthorities() - From the roles [ROLE_ANONYMOUS] one can reach [ROLE_ANONYMOUS] in zero or more steps.
2014-11-27 08:59:47,009 [http-bio-8080-exec-10] DEBUG access.ExceptionTranslationFilter  - Access is denied (user is anonymous); redirecting to authentication entry point
org.springframework.security.access.AccessDeniedException: Access is denied
    at grails.plugin.springsecurity.access.vote.AuthenticatedVetoableDecisionManager.decide(AuthenticatedVetoableDecisionManager.java:47)
    at com.odobo.grails.plugin.springsecurity.rest.RestTokenValidationFilter.processFilterChain(RestTokenValidationFilter.groovy:108)
    at com.odobo.grails.plugin.springsecurity.rest.RestTokenValidationFilter.doFilter(RestTokenValidationFilter.groovy:77)
    at grails.plugin.springsecurity.web.filter.GrailsAnonymousAuthenticationFilter.doFilter(GrailsAnonymousAuthenticationFilter.java:53)
    at com.odobo.grails.plugin.springsecurity.rest.RestAuthenticationFilter.doFilter(RestAuthenticationFilter.groovy:122)
    at grails.plugin.springsecurity.web.authentication.RequestHolderAuthenticationFilter.doFilter(RequestHolderAuthenticationFilter.java:49)
    at grails.plugin.springsecurity.web.authentication.logout.MutableLogoutFilter.doFilter(MutableLogoutFilter.java:82)
    at com.odobo.grails.plugin.springsecurity.rest.RestLogoutFilter.doFilter(RestLogoutFilter.groovy:63)
    at com.brandseye.cors.CorsFilter.doFilter(CorsFilter.java:82)
    at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145)
    at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615)
    at java.lang.Thread.run(Thread.java:745)
2014-11-27 08:59:47,009 [http-bio-8080-exec-10] DEBUG savedrequest.HttpSessionRequestCache  - DefaultSavedRequest added to Session: DefaultSavedRequest[http://localhost:8080/shark/login/auth]
2014-11-27 08:59:47,010 [http-bio-8080-exec-10] DEBUG access.ExceptionTranslationFilter  - Calling Authentication entry point.
2014-11-27 08:59:47,010 [http-bio-8080-exec-10] DEBUG web.DefaultRedirectStrategy  - Redirecting to 'http://localhost:8080/shark/login/auth'
2014-11-27 08:59:47,010 [http-bio-8080-exec-10] DEBUG access.ExceptionTranslationFilter  - Chain processed normally
2014-11-27 08:59:47,010 [http-bio-8080-exec-10] DEBUG context.SecurityContextPersistenceFilter  - SecurityContextHolder now cleared, as request processing completed
2014-11-27 08:59:47,021 [http-bio-8080-exec-10] DEBUG matcher.AntPathRequestMatcher  - Request '/login/auth' matched by universal pattern '/**'
2014-11-27 08:59:47,022 [http-bio-8080-exec-10] DEBUG web.FilterChainProxy  - /login/auth at position 1 of 12 in additional filter chain; firing Filter: 'SecurityContextPersistenceFilter'
2014-11-27 08:59:47,023 [http-bio-8080-exec-10] DEBUG web.FilterChainProxy  - /login/auth at position 2 of 12 in additional filter chain; firing Filter: 'RestLogoutFilter'
2014-11-27 08:59:47,023 [http-bio-8080-exec-10] DEBUG web.FilterChainProxy  - /login/auth at position 3 of 12 in additional filter chain; firing Filter: 'MutableLogoutFilter'
2014-11-27 08:59:47,023 [http-bio-8080-exec-10] DEBUG web.FilterChainProxy  - /login/auth at position 4 of 12 in additional filter chain; firing Filter: 'RequestHolderAuthenticationFilter'
2014-11-27 08:59:47,023 [http-bio-8080-exec-10] DEBUG web.FilterChainProxy  - /login/auth at position 5 of 12 in additional filter chain; firing Filter: 'RestAuthenticationFilter'
2014-11-27 08:59:47,024 [http-bio-8080-exec-10] DEBUG rest.RestAuthenticationFilter  - Actual URI is /login/auth; endpoint URL is /api/login
2014-11-27 08:59:47,024 [http-bio-8080-exec-10] DEBUG web.FilterChainProxy  - /login/auth at position 6 of 12 in additional filter chain; firing Filter: 'SecurityContextHolderAwareRequestFilter'
2014-11-27 08:59:47,024 [http-bio-8080-exec-10] DEBUG web.FilterChainProxy  - /login/auth at position 7 of 12 in additional filter chain; firing Filter: 'GrailsRememberMeAuthenticationFilter'
2014-11-27 08:59:47,024 [http-bio-8080-exec-10] DEBUG web.FilterChainProxy  - /login/auth at position 8 of 12 in additional filter chain; firing Filter: 'GrailsAnonymousAuthenticationFilter'
2014-11-27 08:59:47,024 [http-bio-8080-exec-10] DEBUG web.FilterChainProxy  - /login/auth at position 9 of 12 in additional filter chain; firing Filter: 'RestTokenValidationFilter'
2014-11-27 08:59:47,024 [http-bio-8080-exec-10] DEBUG rest.RestTokenValidationFilter  - Token not found
2014-11-27 08:59:47,025 [http-bio-8080-exec-10] DEBUG rest.RestTokenValidationFilter  - Request does not contain any token. Letting it continue through the filter chain
2014-11-27 08:59:47,025 [http-bio-8080-exec-10] DEBUG web.FilterChainProxy  - /login/auth at position 10 of 12 in additional filter chain; firing Filter: 'ExceptionTranslationFilter'
2014-11-27 08:59:47,025 [http-bio-8080-exec-10] DEBUG web.FilterChainProxy  - /login/auth at position 11 of 12 in additional filter chain; firing Filter: 'ExceptionTranslationFilter'
2014-11-27 08:59:47,025 [http-bio-8080-exec-10] DEBUG web.FilterChainProxy  - /login/auth at position 12 of 12 in additional filter chain; firing Filter: 'FilterSecurityInterceptor'
2014-11-27 08:59:47,025 [http-bio-8080-exec-10] DEBUG intercept.FilterSecurityInterceptor  - Secure object: FilterInvocation: URL: /login/auth; Attributes: [_DENY_]
2014-11-27 08:59:47,025 [http-bio-8080-exec-10] DEBUG intercept.FilterSecurityInterceptor  - Previously Authenticated: grails.plugin.springsecurity.authentication.GrailsAnonymousAuthenticationToken@f23943d4: Principal: org.springframework.security.core.userdetails.User@dc730200: Username: __grails.anonymous.user__; Password: [PROTECTED]; Enabled: false; AccountNonExpired: false; credentialsNonExpired: false; AccountNonLocked: false; Granted Authorities: ROLE_ANONYMOUS; Credentials: [PROTECTED]; Authenticated: true; Details: org.springframework.security.web.authentication.WebAuthenticationDetails@fffde5d4: RemoteIpAddress: 0:0:0:0:0:0:0:1; SessionId: 62C4B9210C7439806B68B03ED3B349F6; Granted Authorities: ROLE_ANONYMOUS
2014-11-27 08:59:47,025 [http-bio-8080-exec-10] DEBUG hierarchicalroles.RoleHierarchyImpl  - getReachableGrantedAuthorities() - From the roles [ROLE_ANONYMOUS] one can reach [ROLE_ANONYMOUS] in zero or more steps.
2014-11-27 08:59:47,027 [http-bio-8080-exec-10] DEBUG access.ExceptionTranslationFilter  - Access is denied (user is anonymous); redirecting to authentication entry point
org.springframework.security.access.AccessDeniedException: Access is denied
    at grails.plugin.springsecurity.access.vote.AuthenticatedVetoableDecisionManager.decide(AuthenticatedVetoableDecisionManager.java:47)
    at com.odobo.grails.plugin.springsecurity.rest.RestTokenValidationFilter.processFilterChain(RestTokenValidationFilter.groovy:108)
    at com.odobo.grails.plugin.springsecurity.rest.RestTokenValidationFilter.doFilter(RestTokenValidationFilter.groovy:77)
    at grails.plugin.springsecurity.web.filter.GrailsAnonymousAuthenticationFilter.doFilter(GrailsAnonymousAuthenticationFilter.java:53)
    at com.odobo.grails.plugin.springsecurity.rest.RestAuthenticationFilter.doFilter(RestAuthenticationFilter.groovy:122)
    at grails.plugin.springsecurity.web.authentication.RequestHolderAuthenticationFilter.doFilter(RequestHolderAuthenticationFilter.java:49)
    at grails.plugin.springsecurity.web.authentication.logout.MutableLogoutFilter.doFilter(MutableLogoutFilter.java:82)
    at com.odobo.grails.plugin.springsecurity.rest.RestLogoutFilter.doFilter(RestLogoutFilter.groovy:63)
    at com.brandseye.cors.CorsFilter.doFilter(CorsFilter.java:82)
    at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145)
    at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615)
    at java.lang.Thread.run(Thread.java:745)
2014-11-27 08:59:47,027 [http-bio-8080-exec-10] DEBUG savedrequest.HttpSessionRequestCache  - DefaultSavedRequest added to Session: DefaultSavedRequest[http://localhost:8080/shark/login/auth]
2014-11-27 08:59:47,027 [http-bio-8080-exec-10] DEBUG access.ExceptionTranslationFilter  - Calling Authentication entry point.
2014-11-27 08:59:47,028 [http-bio-8080-exec-10] DEBUG web.DefaultRedirectStrategy  - Redirecting to 'http://localhost:8080/shark/login/auth'
2014-11-27 08:59:47,028 [http-bio-8080-exec-10] DEBUG access.ExceptionTranslationFilter  - Chain processed normally
2014-11-27 08:59:47,028 [http-bio-8080-exec-10] DEBUG context.SecurityContextPersistenceFilter  - SecurityContextHolder now cleared, as request processing completed
2014-11-27 08:59:47,041 [http-bio-8080-exec-10] DEBUG matcher.AntPathRequestMatcher  - Request '/login/auth' matched by universal pattern '/**'
2014-11-27 08:59:47,041 [http-bio-8080-exec-10] DEBUG web.FilterChainProxy  - /login/auth at position 1 of 12 in additional filter chain; firing Filter: 'SecurityContextPersistenceFilter'
2014-11-27 08:59:47,041 [http-bio-8080-exec-10] DEBUG web.FilterChainProxy  - /login/auth at position 2 of 12 in additional filter chain; firing Filter: 'RestLogoutFilter'
2014-11-27 08:59:47,041 [http-bio-8080-exec-10] DEBUG web.FilterChainProxy  - /login/auth at position 3 of 12 in additional filter chain; firing Filter: 'MutableLogoutFilter'
2014-11-27 08:59:47,041 [http-bio-8080-exec-10] DEBUG web.FilterChainProxy  - /login/auth at position 4 of 12 in additional filter chain; firing Filter: 'RequestHolderAuthenticationFilter'
2014-11-27 08:59:47,042 [http-bio-8080-exec-10] DEBUG web.FilterChainProxy  - /login/auth at position 5 of 12 in additional filter chain; firing Filter: 'RestAuthenticationFilter'
2014-11-27 08:59:47,042 [http-bio-8080-exec-10] DEBUG rest.RestAuthenticationFilter  - Actual URI is /login/auth; endpoint URL is /api/login
2014-11-27 08:59:47,042 [http-bio-8080-exec-10] DEBUG web.FilterChainProxy  - /login/auth at position 6 of 12 in additional filter chain; firing Filter: 'SecurityContextHolderAwareRequestFilter'
2014-11-27 08:59:47,042 [http-bio-8080-exec-10] DEBUG web.FilterChainProxy  - /login/auth at position 7 of 12 in additional filter chain; firing Filter: 'GrailsRememberMeAuthenticationFilter'
2014-11-27 08:59:47,042 [http-bio-8080-exec-10] DEBUG web.FilterChainProxy  - /login/auth at position 8 of 12 in additional filter chain; firing Filter: 'GrailsAnonymousAuthenticationFilter'
2014-11-27 08:59:47,042 [http-bio-8080-exec-10] DEBUG web.FilterChainProxy  - /login/auth at position 9 of 12 in additional filter chain; firing Filter: 'RestTokenValidationFilter'
2014-11-27 08:59:47,042 [http-bio-8080-exec-10] DEBUG rest.RestTokenValidationFilter  - Token not found
2014-11-27 08:59:47,043 [http-bio-8080-exec-10] DEBUG rest.RestTokenValidationFilter  - Request does not contain any token. Letting it continue through the filter chain
2014-11-27 08:59:47,043 [http-bio-8080-exec-10] DEBUG web.FilterChainProxy  - /login/auth at position 10 of 12 in additional filter chain; firing Filter: 'ExceptionTranslationFilter'
2014-11-27 08:59:47,043 [http-bio-8080-exec-10] DEBUG web.FilterChainProxy  - /login/auth at position 11 of 12 in additional filter chain; firing Filter: 'ExceptionTranslationFilter'
2014-11-27 08:59:47,043 [http-bio-8080-exec-10] DEBUG web.FilterChainProxy  - /login/auth at position 12 of 12 in additional filter chain; firing Filter: 'FilterSecurityInterceptor'
2014-11-27 08:59:47,043 [http-bio-8080-exec-10] DEBUG intercept.FilterSecurityInterceptor  - Secure object: FilterInvocation: URL: /login/auth; Attributes: [_DENY_]
2014-11-27 08:59:47,043 [http-bio-8080-exec-10] DEBUG intercept.FilterSecurityInterceptor  - Previously Authenticated: grails.plugin.springsecurity.authentication.GrailsAnonymousAuthenticationToken@f23943d4: Principal: org.springframework.security.core.userdetails.User@dc730200: Username: __grails.anonymous.user__; Password: [PROTECTED]; Enabled: false; AccountNonExpired: false; credentialsNonExpired: false; AccountNonLocked: false; Granted Authorities: ROLE_ANONYMOUS; Credentials: [PROTECTED]; Authenticated: true; Details: org.springframework.security.web.authentication.WebAuthenticationDetails@fffde5d4: RemoteIpAddress: 0:0:0:0:0:0:0:1; SessionId: 62C4B9210C7439806B68B03ED3B349F6; Granted Authorities: ROLE_ANONYMOUS
2014-11-27 08:59:47,043 [http-bio-8080-exec-10] DEBUG hierarchicalroles.RoleHierarchyImpl  - getReachableGrantedAuthorities() - From the roles [ROLE_ANONYMOUS] one can reach [ROLE_ANONYMOUS] in zero or more steps.
2014-11-27 08:59:47,045 [http-bio-8080-exec-10] DEBUG access.ExceptionTranslationFilter  - Access is denied (user is anonymous); redirecting to authentication entry point
org.springframework.security.access.AccessDeniedException: Access is denied
    at grails.plugin.springsecurity.access.vote.AuthenticatedVetoableDecisionManager.decide(AuthenticatedVetoableDecisionManager.java:47)
    at com.odobo.grails.plugin.springsecurity.rest.RestTokenValidationFilter.processFilterChain(RestTokenValidationFilter.groovy:108)
    at com.odobo.grails.plugin.springsecurity.rest.RestTokenValidationFilter.doFilter(RestTokenValidationFilter.groovy:77)
    at grails.plugin.springsecurity.web.filter.GrailsAnonymousAuthenticationFilter.doFilter(GrailsAnonymousAuthenticationFilter.java:53)
    at com.odobo.grails.plugin.springsecurity.rest.RestAuthenticationFilter.doFilter(RestAuthenticationFilter.groovy:122)
    at grails.plugin.springsecurity.web.authentication.RequestHolderAuthenticationFilter.doFilter(RequestHolderAuthenticationFilter.java:49)
    at grails.plugin.springsecurity.web.authentication.logout.MutableLogoutFilter.doFilter(MutableLogoutFilter.java:82)
    at com.odobo.grails.plugin.springsecurity.rest.RestLogoutFilter.doFilter(RestLogoutFilter.groovy:63)
    at com.brandseye.cors.CorsFilter.doFilter(CorsFilter.java:82)
    at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145)
    at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615)
    at java.lang.Thread.run(Thread.java:745)
2014-11-27 08:59:47,045 [http-bio-8080-exec-10] DEBUG savedrequest.HttpSessionRequestCache  - DefaultSavedRequest added to Session: DefaultSavedRequest[http://localhost:8080/shark/login/auth]
2014-11-27 08:59:47,046 [http-bio-8080-exec-10] DEBUG access.ExceptionTranslationFilter  - Calling Authentication entry point.
2014-11-27 08:59:47,046 [http-bio-8080-exec-10] DEBUG web.DefaultRedirectStrategy  - Redirecting to 'http://localhost:8080/shark/login/auth'
2014-11-27 08:59:47,046 [http-bio-8080-exec-10] DEBUG access.ExceptionTranslationFilter  - Chain processed normally
2014-11-27 08:59:47,046 [http-bio-8080-exec-10] DEBUG context.SecurityContextPersistenceFilter  - SecurityContextHolder now cleared, as request processing completed
2014-11-27 08:59:47,055 [http-bio-8080-exec-10] DEBUG matcher.AntPathRequestMatcher  - Request '/login/auth' matched by universal pattern '/**'
2014-11-27 08:59:47,055 [http-bio-8080-exec-10] DEBUG web.FilterChainProxy  - /login/auth at position 1 of 12 in additional filter chain; firing Filter: 'SecurityContextPersistenceFilter'
2014-11-27 08:59:47,056 [http-bio-8080-exec-10] DEBUG web.FilterChainProxy  - /login/auth at position 2 of 12 in additional filter chain; firing Filter: 'RestLogoutFilter'
2014-11-27 08:59:47,057 [http-bio-8080-exec-10] DEBUG web.FilterChainProxy  - /login/auth at position 3 of 12 in additional filter chain; firing Filter: 'MutableLogoutFilter'
2014-11-27 08:59:47,058 [http-bio-8080-exec-10] DEBUG web.FilterChainProxy  - /login/auth at position 4 of 12 in additional filter chain; firing Filter: 'RequestHolderAuthenticationFilter'
2014-11-27 08:59:47,058 [http-bio-8080-exec-10] DEBUG web.FilterChainProxy  - /login/auth at position 5 of 12 in additional filter chain; firing Filter: 'RestAuthenticationFilter'
2014-11-27 08:59:47,058 [http-bio-8080-exec-10] DEBUG rest.RestAuthenticationFilter  - Actual URI is /login/auth; endpoint URL is /api/login
2014-11-27 08:59:47,058 [http-bio-8080-exec-10] DEBUG web.FilterChainProxy  - /login/auth at position 6 of 12 in additional filter chain; firing Filter: 'SecurityContextHolderAwareRequestFilter'
2014-11-27 08:59:47,058 [http-bio-8080-exec-10] DEBUG web.FilterChainProxy  - /login/auth at position 7 of 12 in additional filter chain; firing Filter: 'GrailsRememberMeAuthenticationFilter'
2014-11-27 08:59:47,058 [http-bio-8080-exec-10] DEBUG web.FilterChainProxy  - /login/auth at position 8 of 12 in additional filter chain; firing Filter: 'GrailsAnonymousAuthenticationFilter'
2014-11-27 08:59:47,059 [http-bio-8080-exec-10] DEBUG web.FilterChainProxy  - /login/auth at position 9 of 12 in additional filter chain; firing Filter: 'RestTokenValidationFilter'
2014-11-27 08:59:47,059 [http-bio-8080-exec-10] DEBUG rest.RestTokenValidationFilter  - Token not found
2014-11-27 08:59:47,059 [http-bio-8080-exec-10] DEBUG rest.RestTokenValidationFilter  - Request does not contain any token. Letting it continue through the filter chain
2014-11-27 08:59:47,059 [http-bio-8080-exec-10] DEBUG web.FilterChainProxy  - /login/auth at position 10 of 12 in additional filter chain; firing Filter: 'ExceptionTranslationFilter'
2014-11-27 08:59:47,059 [http-bio-8080-exec-10] DEBUG web.FilterChainProxy  - /login/auth at position 11 of 12 in additional filter chain; firing Filter: 'ExceptionTranslationFilter'
2014-11-27 08:59:47,059 [http-bio-8080-exec-10] DEBUG web.FilterChainProxy  - /login/auth at position 12 of 12 in additional filter chain; firing Filter: 'FilterSecurityInterceptor'
2014-11-27 08:59:47,059 [http-bio-8080-exec-10] DEBUG intercept.FilterSecurityInterceptor  - Secure object: FilterInvocation: URL: /login/auth; Attributes: [_DENY_]
2014-11-27 08:59:47,060 [http-bio-8080-exec-10] DEBUG intercept.FilterSecurityInterceptor  - Previously Authenticated: grails.plugin.springsecurity.authentication.GrailsAnonymousAuthenticationToken@f23943d4: Principal: org.springframework.security.core.userdetails.User@dc730200: Username: __grails.anonymous.user__; Password: [PROTECTED]; Enabled: false; AccountNonExpired: false; credentialsNonExpired: false; AccountNonLocked: false; Granted Authorities: ROLE_ANONYMOUS; Credentials: [PROTECTED]; Authenticated: true; Details: org.springframework.security.web.authentication.WebAuthenticationDetails@fffde5d4: RemoteIpAddress: 0:0:0:0:0:0:0:1; SessionId: 62C4B9210C7439806B68B03ED3B349F6; Granted Authorities: ROLE_ANONYMOUS
2014-11-27 08:59:47,060 [http-bio-8080-exec-10] DEBUG hierarchicalroles.RoleHierarchyImpl  - getReachableGrantedAuthorities() - From the roles [ROLE_ANONYMOUS] one can reach [ROLE_ANONYMOUS] in zero or more steps.
2014-11-27 08:59:47,062 [http-bio-8080-exec-10] DEBUG access.ExceptionTranslationFilter  - Access is denied (user is anonymous); redirecting to authentication entry point
org.springframework.security.access.AccessDeniedException: Access is denied
    at grails.plugin.springsecurity.access.vote.AuthenticatedVetoableDecisionManager.decide(AuthenticatedVetoableDecisionManager.java:47)
    at com.odobo.grails.plugin.springsecurity.rest.RestTokenValidationFilter.processFilterChain(RestTokenValidationFilter.groovy:108)
    at com.odobo.grails.plugin.springsecurity.rest.RestTokenValidationFilter.doFilter(RestTokenValidationFilter.groovy:77)
    at grails.plugin.springsecurity.web.filter.GrailsAnonymousAuthenticationFilter.doFilter(GrailsAnonymousAuthenticationFilter.java:53)
    at com.odobo.grails.plugin.springsecurity.rest.RestAuthenticationFilter.doFilter(RestAuthenticationFilter.groovy:122)
    at grails.plugin.springsecurity.web.authentication.RequestHolderAuthenticationFilter.doFilter(RequestHolderAuthenticationFilter.java:49)
    at grails.plugin.springsecurity.web.authentication.logout.MutableLogoutFilter.doFilter(MutableLogoutFilter.java:82)
    at com.odobo.grails.plugin.springsecurity.rest.RestLogoutFilter.doFilter(RestLogoutFilter.groovy:63)
    at com.brandseye.cors.CorsFilter.doFilter(CorsFilter.java:82)
    at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145)
    at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615)
    at java.lang.Thread.run(Thread.java:745)
2014-11-27 08:59:47,063 [http-bio-8080-exec-10] DEBUG savedrequest.HttpSessionRequestCache  - DefaultSavedRequest added to Session: DefaultSavedRequest[http://localhost:8080/shark/login/auth]
2014-11-27 08:59:47,063 [http-bio-8080-exec-10] DEBUG access.ExceptionTranslationFilter  - Calling Authentication entry point.
2014-11-27 08:59:47,063 [http-bio-8080-exec-10] DEBUG web.DefaultRedirectStrategy  - Redirecting to 'http://localhost:8080/shark/login/auth'
2014-11-27 08:59:47,063 [http-bio-8080-exec-10] DEBUG access.ExceptionTranslationFilter  - Chain processed normally
2014-11-27 08:59:47,063 [http-bio-8080-exec-10] DEBUG context.SecurityContextPersistenceFilter  - SecurityContextHolder now cleared, as request processing completed
2014-11-27 08:59:47,075 [http-bio-8080-exec-10] DEBUG matcher.AntPathRequestMatcher  - Request '/login/auth' matched by universal pattern '/**'
2014-11-27 08:59:47,075 [http-bio-8080-exec-10] DEBUG web.FilterChainProxy  - /login/auth at position 1 of 12 in additional filter chain; firing Filter: 'SecurityContextPersistenceFilter'
2014-11-27 08:59:47,076 [http-bio-8080-exec-10] DEBUG web.FilterChainProxy  - /login/auth at position 2 of 12 in additional filter chain; firing Filter: 'RestLogoutFilter'
2014-11-27 08:59:47,076 [http-bio-8080-exec-10] DEBUG web.FilterChainProxy  - /login/auth at position 3 of 12 in additional filter chain; firing Filter: 'MutableLogoutFilter'
2014-11-27 08:59:47,076 [http-bio-8080-exec-10] DEBUG web.FilterChainProxy  - /login/auth at position 4 of 12 in additional filter chain; firing Filter: 'RequestHolderAuthenticationFilter'
2014-11-27 08:59:47,076 [http-bio-8080-exec-10] DEBUG web.FilterChainProxy  - /login/auth at position 5 of 12 in additional filter chain; firing Filter: 'RestAuthenticationFilter'
2014-11-27 08:59:47,077 [http-bio-8080-exec-10] DEBUG rest.RestAuthenticationFilter  - Actual URI is /login/auth; endpoint URL is /api/login
2014-11-27 08:59:47,077 [http-bio-8080-exec-10] DEBUG web.FilterChainProxy  - /login/auth at position 6 of 12 in additional filter chain; firing Filter: 'SecurityContextHolderAwareRequestFilter'
2014-11-27 08:59:47,077 [http-bio-8080-exec-10] DEBUG web.FilterChainProxy  - /login/auth at position 7 of 12 in additional filter chain; firing Filter: 'GrailsRememberMeAuthenticationFilter'
2014-11-27 08:59:47,077 [http-bio-8080-exec-10] DEBUG web.FilterChainProxy  - /login/auth at position 8 of 12 in additional filter chain; firing Filter: 'GrailsAnonymousAuthenticationFilter'
2014-11-27 08:59:47,077 [http-bio-8080-exec-10] DEBUG web.FilterChainProxy  - /login/auth at position 9 of 12 in additional filter chain; firing Filter: 'RestTokenValidationFilter'
2014-11-27 08:59:47,077 [http-bio-8080-exec-10] DEBUG rest.RestTokenValidationFilter  - Token not found
2014-11-27 08:59:47,078 [http-bio-8080-exec-10] DEBUG rest.RestTokenValidationFilter  - Request does not contain any token. Letting it continue through the filter chain
2014-11-27 08:59:47,078 [http-bio-8080-exec-10] DEBUG web.FilterChainProxy  - /login/auth at position 10 of 12 in additional filter chain; firing Filter: 'ExceptionTranslationFilter'
2014-11-27 08:59:47,078 [http-bio-8080-exec-10] DEBUG web.FilterChainProxy  - /login/auth at position 11 of 12 in additional filter chain; firing Filter: 'ExceptionTranslationFilter'
2014-11-27 08:59:47,078 [http-bio-8080-exec-10] DEBUG web.FilterChainProxy  - /login/auth at position 12 of 12 in additional filter chain; firing Filter: 'FilterSecurityInterceptor'
2014-11-27 08:59:47,078 [http-bio-8080-exec-10] DEBUG intercept.FilterSecurityInterceptor  - Secure object: FilterInvocation: URL: /login/auth; Attributes: [_DENY_]
2014-11-27 08:59:47,078 [http-bio-8080-exec-10] DEBUG intercept.FilterSecurityInterceptor  - Previously Authenticated: grails.plugin.springsecurity.authentication.GrailsAnonymousAuthenticationToken@f23943d4: Principal: org.springframework.security.core.userdetails.User@dc730200: Username: __grails.anonymous.user__; Password: [PROTECTED]; Enabled: false; AccountNonExpired: false; credentialsNonExpired: false; AccountNonLocked: false; Granted Authorities: ROLE_ANONYMOUS; Credentials: [PROTECTED]; Authenticated: true; Details: org.springframework.security.web.authentication.WebAuthenticationDetails@fffde5d4: RemoteIpAddress: 0:0:0:0:0:0:0:1; SessionId: 62C4B9210C7439806B68B03ED3B349F6; Granted Authorities: ROLE_ANONYMOUS
2014-11-27 08:59:47,078 [http-bio-8080-exec-10] DEBUG hierarchicalroles.RoleHierarchyImpl  - getReachableGrantedAuthorities() - From the roles [ROLE_ANONYMOUS] one can reach [ROLE_ANONYMOUS] in zero or more steps.
2014-11-27 08:59:47,080 [http-bio-8080-exec-10] DEBUG access.ExceptionTranslationFilter  - Access is denied (user is anonymous); redirecting to authentication entry point
org.springframework.security.access.AccessDeniedException: Access is denied
    at grails.plugin.springsecurity.access.vote.AuthenticatedVetoableDecisionManager.decide(AuthenticatedVetoableDecisionManager.java:47)
    at com.odobo.grails.plugin.springsecurity.rest.RestTokenValidationFilter.processFilterChain(RestTokenValidationFilter.groovy:108)
    at com.odobo.grails.plugin.springsecurity.rest.RestTokenValidationFilter.doFilter(RestTokenValidationFilter.groovy:77)
    at grails.plugin.springsecurity.web.filter.GrailsAnonymousAuthenticationFilter.doFilter(GrailsAnonymousAuthenticationFilter.java:53)
    at com.odobo.grails.plugin.springsecurity.rest.RestAuthenticationFilter.doFilter(RestAuthenticationFilter.groovy:122)
    at grails.plugin.springsecurity.web.authentication.RequestHolderAuthenticationFilter.doFilter(RequestHolderAuthenticationFilter.java:49)
    at grails.plugin.springsecurity.web.authentication.logout.MutableLogoutFilter.doFilter(MutableLogoutFilter.java:82)
    at com.odobo.grails.plugin.springsecurity.rest.RestLogoutFilter.doFilter(RestLogoutFilter.groovy:63)
    at com.brandseye.cors.CorsFilter.doFilter(CorsFilter.java:82)
    at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145)
    at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615)
    at java.lang.Thread.run(Thread.java:745)
2014-11-27 08:59:47,081 [http-bio-8080-exec-10] DEBUG savedrequest.HttpSessionRequestCache  - DefaultSavedRequest added to Session: DefaultSavedRequest[http://localhost:8080/shark/login/auth]
2014-11-27 08:59:47,082 [http-bio-8080-exec-10] DEBUG access.ExceptionTranslationFilter  - Calling Authentication entry point.
2014-11-27 08:59:47,082 [http-bio-8080-exec-10] DEBUG web.DefaultRedirectStrategy  - Redirecting to 'http://localhost:8080/shark/login/auth'
2014-11-27 08:59:47,082 [http-bio-8080-exec-10] DEBUG access.ExceptionTranslationFilter  - Chain processed normally
2014-11-27 08:59:47,082 [http-bio-8080-exec-10] DEBUG context.SecurityContextPersistenceFilter  - SecurityContextHolder now cleared, as request processing completed

[alvarosanchez]

This is an implementation question, not an issue specifically with the plugin, so I'm sorry but I have to close this issue as I don't have enough bandwidth to support you.

I suggest you to try on StackOverflow.com, there are much more users there that can help you implementing your provider.

Cheers.