我需要我的网址在/api/test/blabla中公开访问,这会返回给我一个JSON。但是我无法访问该网址,因为它让我回到/login/auth和/或如果我登录警告信息是sorry, you're not authorized to view this page
grails.plugin.springsecurity.controllerAnnotations.staticRules = [
'/' : ['permitAll'],
'/**/smart/**' : ['permitAll'],
'/index' : ['permitAll'],
'/index.gsp' : ['permitAll'],
'/assets/**' : ['permitAll'],
'/**/js/**' : ['permitAll'],
'/**/css/**' : ['permitAll'],
'/**/images/**' : ['permitAll'],
'/**/favicon.ico': ['permitAll']
]
grails.plugin.springsecurity.logout.postOnly = false
grails.plugin.springsecurity.userLookup.usernamePropertyName = 'email'
grails.plugin.springsecurity.logout.afterLogoutUrl = '/'
grails.app.context = "/"
我试图添加新的staticRules,但没有成功。
'/api/test/*' : ['permitAll'],
我的UrlMapping是这样的:
"/api/test/$code" {
controller = "testRest"
action = [POST: "create", PUT: "update", GET: "get"]
}
我的方法/类没有@Secured注释。有什么方法可以为所有人免费提供网址吗?
答案 0 :(得分:1)
在Spring Security插件的2.X版中,默认情况下无法访问URL。要默认情况下可以公开访问网址,请将以下内容添加到Config.groovy
grails.plugin.springsecurity.rejectIfNoRule = false
grails.plugin.springsecurity.fii.rejectPublicInvocations = false
但是,在进行此更改之前,您应该确保至少了解其含义read this。