我将Siteminder与应用程序一起使用,但使用Spring安全核心插件来管理安全性的所有其他方面。我没有被某些需要特定角色的资源阻止,但如果我尝试点击该网址,我是被踢到requestHeaderAuthenticationFilter。
Config.groovy中
...
grails.plugin.springsecurity.securityConfigType = grails.plugin.springsecurity.SecurityConfigType.InterceptUrlMap
grails.plugin.springsecurity.providerNames = ['preauthAuthProvider', 'anonymousAuthenticationProvider']
grails.plugin.springsecurity.filterNames = ['anonymousAuthenticationFilter','requestHeaderAuthenticationFilter']
grails.plugin.springsecurity.filterChain.filterNames = ['anonymousAuthenticationFilter','requestHeaderAuthenticationFilter']
grails.plugin.springsecurity.filterChain.chainMap = [
'/assets/**': 'anonymousAuthenticationFilter',
'/public/**': 'anonymousAuthenticationFilter',
'/auth/**': 'requestHeaderAuthenticationFilter'
]
grails.plugin.springsecurity.x509.checkForPrincipalChanges = 'true'
grails.plugin.springsecurity.logout.afterLogoutUrl='/public/'
grails.plugin.springsecurity.successHandler.defaultTargetUrl = '/auth/home'
grails.plugin.springsecurity.interceptUrlMap = [
'/auth/admin': ['ROLE_SYSTEM_ADMIN'],
'/auth/constant/**': ['ROLE_SYSTEM_ADMIN'],
'/assets/**': ['IS_AUTHENTICATED_ANONYMOUSLY'],
'/public/**': ['IS_AUTHENTICATED_ANONYMOUSLY'],
'/auth/**': ['IS_AUTHENTICATED_FULLY']
]
当我使用taglib来显示是否有链接时,它按预期工作:
<sec:ifAnyGranted roles="ROLE_SYSTEM_ADMIN">
<g:link uri="/auth/admin">Admin</g:link>
</sec:ifAnyGranted>
我在URLMappings中拥有组中的所有内容:
static mappings = {
group("/auth") {
"/constant/$action?/$id?(.${format})?"(controller: 'constant')
"/admin"(view:'/admin')
"/"(controller:'index',action:'home')
"/home"(controller:'index',action:'home')
}
group("/public") {
"/"(controller:'index',action:'public')
"/index"(controller:'index',action:'public')
}
}
所以,标签似乎工作正常,但我仍然可以去那个链接就好了,这意味着我的设置必须搞砸到某个地方。
Grails 2.4.3
Spring Security Core 2.0-RC4
答案 0 :(得分:0)
<?php
use Doctrine\ORM\Mapping as ORM;
class Student
{
/**
* @ORM\ManyToOne(targerEntity="myBundle\Entity\Responsible")
* @ORM\JoinColumn(name="first_responsible_id", referencedColumnName="id")
*/
private $firstResponsible;
/**
* @ORM\ManyToOne(targerEntity="myBundle\Entity\Responsible")
* @ORM\JoinColumn(name="second_responsible_id", referencedColumnName="id")
*/
private $secondResponsible;
/**
* Set first responsible
*
* @param Responsible $responsible
* @return self
*/
public function setFirstResponsible(Responsible $responsible)
{
$this->firstResponsible = $responsible;
return $this;
}
/**
* Get first responsible
*
* @return Responsible
*/
public function getFirstResponsible()
{
return $this->firstResponsible;
}
/**
* Set second responsible
*
* @param Responsible $responsible
* @return self
*/
public function setSecondResponsible(Responsible $responsible)
{
$this->secondResponsible = $responsible;
return $this;
}
/**
* Get second responsible
*
* @return Responsible
*/
public function getSecondResponsible()
{
return $this->secondResponsible;
}
/**
* Get student responsibles
*
* @return array
*/
public function getResponsibles()
{
$responsibles = array();
if(isset($this->firstResponsible)){
$responsibles[] = $this->firstResponsible;
}
if(isset($this->secondResponsible)){
$responsibles[] = $this->secondResponsible;
}
return $responsibles;
}
}
通过在config.groovy中编辑此行可以帮助我思考