使用带有grails spring安全核心2.0RC4的Requestmap重定向循环

时间:2015-02-20 11:55:11

标签: grails grails-plugin

我一直面对Failed to load resource: net::ERR_TOO_MANY_REDIRECTS grails 2.4.4。我在User包中有RoleRequestmapcom.usermanagement.auth(这些是s2-quickstart生成的)。 Requestmaps,用户和角色似乎存储在数据库中(我使用的是mysql)。

BuildConfig.groovy

编译“:spring-security-core:2.0-RC4”

BootStrap.groovy中 在init方法

        User admin = new User(username:'admin', password:'secret', enabled:true).save()
        User john = new User(username:'john', password:'secret', enabled:true).save()
        User jane = new User(username:'jane', password:'secret', enabled:true).save()
        Role royalty = new Role(authority: 'ROLE_ROYALTY').save()
        Role common = new Role(authority: 'ROLE_COMMON').save()
        UserRole.create(admin, royalty)
        UserRole.create(admin, common)
        UserRole.create(john, common)

        for (String url in [
                '/', '/index', '/index.gsp', '/**/favicon.ico',
                '/assets/**', '/**/js/**', '/**/css/**', '/**/images/**',
                '/login', '/login.*', '/login/*',
                '/logout', '/logout.*', '/logout/*']) {
            new Requestmap(url: url, configAttribute: 'permitAll').save()
        }

        new Requestmap(url: '/*', configAttribute: 'IS_AUTHENTICATED_ANONYMOUSLY').save();
        new Requestmap(url: '/dbconsole/**', configAttribute: 'permitAll').save();
        new Requestmap(url: '/logout/**', configAttribute: 'IS_AUTHENTICATED_REMEMBERED,IS_AUTHENTICATED_FULLY').save();
        new Requestmap(url: '/login/**', configAttribute: 'IS_AUTHENTICATED_ANONYMOUSLY').save();
        new Requestmap(url: '/index/**', configAttribute: 'IS_AUTHENTICATED_ANONYMOUSLY').save();
        new Requestmap(url: '/', configAttribute: 'permitAll').save();

Config.groovy中 

// Added by the Spring Security Core plugin:
grails.plugin.springsecurity.userLookup.userDomainClassName = 'com.usermanagement.auth.User'
grails.plugin.springsecurity.userLookup.authorityJoinClassName = 'com.usermanagement.auth.UserRole'
grails.plugin.springsecurity.authority.className = 'com.usermanagement.auth.Role'
grails.plugin.springsecurity.requestMap.className = 'com.usermanagement.auth.Requestmap'
grails.plugin.springsecurity.securityConfigType = 'Requestmap'
grails.plugin.springsecurity.rejectIfNoRule = true

每当我尝试访问localhost:8080 / appname /时,重定向到http://localhost:8080/appname/login/auth后会导致重定向错误太多。可能导致此问题的原因是什么?我甚至无法访问dbconsole。

2 个答案:

答案 0 :(得分:4)

事实证明,这是https://jira.grails.org/browse/GPSPRINGSECURITYCORE-312中提到的一个错误。 Spring Security Core无法加载Grails 2.4.4中存储在数据库中的RequestMaps。我跟着链接中提到的工作;我基本上将hibernate插件从4.3.6.1降级到4.3.5.5。还有其他提到的解决方法。但这对我有用。

// runtime ":hibernate4:4.3.6.1" // or ":hibernate:3.6.10.18"
runtime ":hibernate4:4.3.5.5" // or ":hibernate:3.6.10.17"

答案 1 :(得分:0)

它适合我...... 

    if (!Requestmap.count()) {

        for (String url in [
                '/' , '/error', '/index', '/index.gsp', '/**/favicon.ico', '/shutdown',
                '/**/js/**', '/**/css/**', '/**/images/**',
                '/login', '/login.*', '/login/*',
                '/logout', '/logout.*', '/logout/*', '/assets/**','/home/repopulate']) {
            new Requestmap(url: url, configAttribute: 'permitAll').save(flush:true)
        }

        new Requestmap(url: "/**", configAttribute: 'ROLE_ADMIN').save(flush:true)

        //TODO: eliminar para cerrar por roles el request
        //new Requestmap(url: '/**', configAttribute: 'IS_AUTHENTICATED_FULLY').save(flush:true)

    }
    springSecurityService.clearCachedRequestmaps()
相关问题
最新问题