Spring security 3.0.3 - 如果在插件或子插件

时间:2016-04-23 21:05:01

标签: grails spring-security yaml

问题陈述

ENVT: JDK 1.7 Grails 3.1.4 Spring Securty 3.0.3

我们有以下项目结构 Grails App        - 我的自定义安全插件             - Grails Spring Security 3.0.3

我在Custom Security Plugin中定义了YML Application.YML 

grails:
    plugin:
        springsecurity:
            active: true
            password.algorithm: 'bcrypt'
            userLookup.userDomainClassName: 'com.etorient.products.smeerp.User'
            userLookup.userAuthorityGroupsPropertyName: 'activeRightGroups'
            userLookup.userGroupPropertyName: 'activeUserGroups'
            userLookup.userGroupAuthoritiesPropertyName: 'activeAccessRights'
            userLookup.userGroupAuthorityGroupsPropertyName: 'activeRightGroups'
            userLookup.groupAuthoritiesPropertyName: 'activeAccessRights'
            userLookup.enabledPropertyName: "active"
            authority.className: 'com.etorient.products.smeerp.AccessRight'
            authority.nameField: 'rightText'
            authority.userLookup.authoritiesPropertyName: 'activeAccessRights'
            authority.userLookup.authorityJoinClassName: 'com.etorient.products.smeerp.SecUserAccessRight'
            useRoleGroups: true
            logout.postOnly: false
            rejectIfNoRule: false
            fii.rejectPublicInvocations: false
            successHandler.defaultTargetUrl: '/admin'
            securityConfigType: 'Annotation'
            controllerAnnotations.staticRules: 
                - pattern: '/'
                  access: ['permitAll']
                - pattern: '/error'
                  access: ['permitAll']
                - pattern: '/index'
                  access: ['permitAll']
                - pattern: '/index.gsp'
                  access: ['permitAll']
                - pattern: '**/assets**/**'
                  access: ['permitAll']
                - pattern: '/assets/**'
                  access: ['permitAll']
                - pattern: '/**/js/**'
                  access: ['permitAll']
                - pattern: '/error'
                  access: ['permitAll']
                - pattern: '/**/css/**'
                  access: ['permitAll']
                - pattern: '/**/images/**'
                  access: ['permitAll']
                - pattern: '/**/fonts/**'
                  access: ['permitAll']
                - pattern: '/**/favicon.ico'
                  access: ['permitAll']
                - pattern: '/**/resources**/**'
                  access: ['permitAll']
                - pattern: '/login'
                  access: ['permitAll']
                - pattern: '/login.*'
                  access: ['permitAll']
                - pattern: '/login/*'
                  access: ['permitAll']
                - pattern: '/logout'
                  access: ['permitAll']
                - pattern: '/logout.*'
                  access: ['permitAll']
                - pattern: '/logout/*'
                  access: ['permitAll']

问题:

Grails永远不会选择YML静态规则。要求对所有资源进行身份验证。 是否存在YML定义问题或其错误?

1 个答案:

答案 0 :(得分:0)

您可以在/ conf目录中创建文件application.groovy,该文件可以包含以下规则:

usr/lib/hadoop/client
相关问题
最新问题