Grails Spring Security插件和dbconsole

时间:2014-09-11 22:25:28

标签: spring grails spring-security grails-plugin

我使用grails 2.4.3并安装了官方grails安全插件

compile ":spring-security-core:2.0-RC4"

在安装插件之前,我可以使用url

访问数据库控制台页面 
http://localhost:8080/tobu/dbconsole

但是,安装插件后,我无法这样做。当我尝试访问上面提到的URl并通过任何用户帐户登录时,我得到默认登录屏幕显示“访问被拒绝”页面。我该如何解决这个问题?

grails.project.groupId = appName 

grails.mime.disable.accept.header.userAgents = ['Gecko', 'WebKit', 'Presto', 'Trident']
grails.mime.types = [ // the first one is the default format
all:           '*/*', // 'all' maps to '*' or the first available format in withFormat
atom:          'application/atom+xml',
css:           'text/css',
csv:           'text/csv',
form:          'application/x-www-form-urlencoded',
html:          ['text/html','application/xhtml+xml'],
js:            'text/javascript',
json:          ['application/json', 'text/json'],
multipartForm: 'multipart/form-data',
rss:           'application/rss+xml',
text:          'text/plain',
hal:           ['application/hal+json','application/hal+xml'],
xml:           ['text/xml', 'application/xml']
]

grails.views.default.codec = "html"

grails.controllers.defaultScope = 'singleton'

grails {
views {
    gsp {
        encoding = 'UTF-8'
        htmlcodec = 'xml' // use xml escaping instead of HTML4 escaping
        codecs {
            expression = 'html' // escapes values inside ${}
            scriptlet = 'html' // escapes output from scriptlets in GSPs
            taglib = 'none' // escapes output from taglibs
            staticparts = 'none' // escapes output from static template parts
        }
    }
    // escapes all not-encoded output at final stage of outputting
    // filteringCodecForContentType.'text/html' = 'html'
}
}


grails.converters.encoding = "UTF-8"
grails.scaffolding.templates.domainSuffix = 'Instance'

grails.json.legacy.builder = false
grails.enable.native2ascii = true
grails.spring.bean.packages = []
grails.web.disable.multipart=false

grails.exceptionresolver.params.exclude = ['password']

grails.hibernate.cache.queries = false

grails.hibernate.osiv.readonly = false

environments {
development {
    grails.logging.jul.usebridge = true
}
production {
    grails.logging.jul.usebridge = false
    // TODO: grails.serverURL = "http://www.changeme.com"
}
}

log4j.main = {
// Example of changing the log pattern for the default console appender:
//
//appenders {
//    console name:'stdout', layout:pattern(conversionPattern: '%c{2} %m%n')
//}

error  'org.codehaus.groovy.grails.web.servlet',        // controllers
       'org.codehaus.groovy.grails.web.pages',          // GSP
       'org.codehaus.groovy.grails.web.sitemesh',       // layouts
       'org.codehaus.groovy.grails.web.mapping.filter', // URL mapping
       'org.codehaus.groovy.grails.web.mapping',        // URL mapping
       'org.codehaus.groovy.grails.commons',            // core / classloading
       'org.codehaus.groovy.grails.plugins',            // plugins
       'org.codehaus.groovy.grails.orm.hibernate',      // hibernate integration
       'org.springframework',
       'org.hibernate',
       'net.sf.ehcache.hibernate'
}


// Added by the Spring Security Core plugin:
grails.plugin.springsecurity.userLookup.userDomainClassName = 'tobu.Actor'
grails.plugin.springsecurity.userLookup.authorityJoinClassName = 'tobu.ActorRole'
grails.plugin.springsecurity.authority.className = 'tobu.Role'
grails.plugin.springsecurity.controllerAnnotations.staticRules = [
'/':                              ['permitAll'],
'/dbconsole':                     ['permitAll'],
'/index':                         ['permitAll'],
'/index.gsp':                     ['permitAll'],
'/assets/**':                     ['permitAll'],
'/**/js/**':                      ['permitAll'],
'/**/css/**':                     ['permitAll'],
'/**/images/**':                  ['permitAll'],
'/**/favicon.ico':                ['permitAll']
 ]

3 个答案:

答案 0 :(得分:7)

我必须对配置文件中的静态规则进行以下更改。

'/dbconsole/**':                  ['ROLE_USER'],

答案 1 :(得分:0)

2019更新

我需要调整Shashank的答案,以使其对我有用。我正在使用Grails 3.3.9和spring-security-core 3.2.3。

我必须将此行添加到文件grails-app / conf / application.groovy 

grails.plugin.springsecurity.controllerAnnotations.staticRules = [
    //.......
    [pattern: '/dbconsole/**',   access: ['ROLE_USER']] 
]

答案 2 :(得分:0)

我希望在没有使用Spring Security Core插件进行自定义身份验证的情况下访问 dbconsole dbconsole 有其自己的登录页面,并且已为{{ 1}}环境)。最初,我尝试在dev文件中使用以下静态规则:

grails-app/conf/application.groovy

...没有任何效果。我一直都被重定向到Spring Security Core的登录页面。

在阅读了该问题的其他答案之后,我设法创建了一个有效的静态规则,因此grails.plugin.springsecurity.controllerAnnotations.staticRules = [ [pattern: '/dbconsole', access: ['permitAll']], 不再受Spring Security Core插件的保护:

http://localhost:8080/dbconsole

诀窍是为grails.plugin.springsecurity.controllerAnnotations.staticRules = [ [pattern: '/dbconsole/**', access: ['permitAll']], 和所有子路径创建一条静态规则(访问 dbconsole 时,它将重定向到位于/dbconsole的登录页面),这就是为什么需要双星的原因。

相关问题
最新问题