我决定重写这个问题,因为最初的描述是错误的。
在生产模式下运行我的应用程序或尝试在生产模式下构建战争时,我在浏览器中面临太多重定向。
在开发模式下一切正常。
以下是演示的链接。
这是我的build.gradle
buildscript {
ext {
grailsVersion = project.grailsVersion
}
repositories {
mavenLocal()
maven { url "https://repo.grails.org/grails/core" }
}
dependencies {
classpath "org.grails:grails-gradle-plugin:$grailsVersion"
classpath "com.bertramlabs.plugins:asset-pipeline-gradle:2.8.2"
classpath "org.grails.plugins:hibernate4:6.0.1"
classpath 'org.grails.plugins:database-migration:2.0.0.RC4'
}
}
version "0.1"
group "ikariera3"
apply plugin:"eclipse"
apply plugin:"idea"
apply plugin:"war"
apply plugin:"org.grails.grails-web"
apply plugin:"org.grails.grails-gsp"
apply plugin:"asset-pipeline"
ext {
grailsVersion = project.grailsVersion
gradleWrapperVersion = project.gradleWrapperVersion
}
repositories {
mavenLocal()
maven { url "https://repo.grails.org/grails/core" }
}
dependencyManagement {
imports {
mavenBom "org.grails:grails-bom:$grailsVersion"
}
applyMavenExclusions false
}
final SELENIUM_VERSION = "2.53.0"
dependencies {
compile "org.springframework.boot:spring-boot-starter-logging"
compile "org.springframework.boot:spring-boot-autoconfigure"
compile "org.grails:grails-core"
compile "org.springframework.boot:spring-boot-starter-actuator"
compile "org.springframework.boot:spring-boot-starter-tomcat"
compile "org.grails:grails-dependencies"
compile "org.grails:grails-web-boot"
compile "org.grails.plugins:cache"
compile "org.grails.plugins:scaffolding"
compile "org.grails.plugins:hibernate4"
compile "org.hibernate:hibernate-ehcache"
compile 'org.grails:grails-datastore-rest-client:5.0.0.RC2'
compile 'org.grails.plugins:spring-security-core:3.1.1'
compile 'org.grails.plugins:mail:2.0.0.RC6'
compile 'org.grails.plugins:quartz:2.0.9'
compile 'org.grails.plugins:cookie:2.0.5'
compile 'org.imgscalr:imgscalr-lib:4.2'
compile group: 'com.itextpdf', name: 'itextpdf', version: '5.0.6'
console "org.grails:grails-console"
profile "org.grails.profiles:web"
runtime 'org.grails.plugins:database-migration:2.0.0.RC4'
runtime 'mysql:mysql-connector-java:5.1.24'
runtime "com.bertramlabs.plugins:asset-pipeline-grails:2.8.2"
runtime "com.h2database:h2"
testCompile "org.grails:grails-plugin-testing"
testCompile "org.grails.plugins:geb"
testCompile "org.seleniumhq.selenium:selenium-support:$SELENIUM_VERSION"
testCompile "org.seleniumhq.selenium:selenium-firefox-driver:$SELENIUM_VERSION"
}
assets {
minifyJs = true
minifyCss = true
}
sourceSets {
main {
resources {
srcDir 'grails-app/migrations'
}
}
}
这是我的弹簧配置:
grails.plugin.springsecurity.securityConfigType = 'Requestmap'
grails.plugin.springsecurity.auth.loginFormUrl = '/login/auth' // '/'
grails.plugin.springsecurity.successHandler.defaultTargetUrl = '/'
grails.plugin.springsecurity.logout.filterProcessesUrl = '/logout/index'
grails.plugin.springsecurity.apf.filterProcessesUrl = '/security/login_acccess_check' //Login form post URL, intercepted by Spring Security filter.
grails.plugin.springsecurity.apf.usernameParameter = 'security_username' // Login form username parameter.
grails.plugin.springsecurity.apf.passwordParameter = 'security_password' // Login form password parameter.
grails.plugin.springsecurity.useSecurityEventListener = true
grails.plugin.springsecurity.useBasicAuth = false
grails.plugin.springsecurity.basic.realmName = "iKariera"
grails.plugin.springsecurity.onInteractiveAuthenticationSuccessEvent = { e, appCtx ->
cz.ikariera.security.User.withTransaction {
def user = cz.ikariera.security.User.get(appCtx.springSecurityService.principal.id)
user.lastLoginDate = new Date()
user.save(flush: true, failOnError: true)
}
}
grails.plugin.springsecurity.userLookup.userDomainClassName = 'cz.ikariera.security.User'
grails.plugin.springsecurity.userLookup.authorityJoinClassName = 'cz.ikariera.security.UserRole'
grails.plugin.springsecurity.authority.className = 'cz.ikariera.security.Role'
grails.plugin.springsecurity.requestMap.className = 'cz.ikariera.security.Requestmap'
grails.plugin.springsecurity.dao.reflectionSaltSourceProperty = 'username'
grails.plugin.springsecurity.adh.errorPage = null
grails.plugin.springsecurity.controllerAnnotations.staticRules = [
[pattern: '/', access: ['permitAll']],
[pattern: '/error', access: ['permitAll']],
[pattern: '/index', access: ['permitAll']],
[pattern: '/index.gsp', access: ['permitAll']],
[pattern: '/shutdown', access: ['permitAll']],
[pattern: '/assets/**', access: ['permitAll']],
[pattern: '/**/js/**', access: ['permitAll']],
[pattern: '/**/css/**', access: ['permitAll']],
[pattern: '/**/images/**', access: ['permitAll']],
[pattern: '/**/fonts/**', access: ['permitAll']],
[pattern: '/**/favicon.ico', access: ['permitAll']],
[pattern: '/check', access: ['permitAll']],
[pattern: '/**', access: ["ROLE_ADMIN"]]
]
grails.plugin.springsecurity.filterChain.chainMap = [
[pattern: '/assets/**', filters: 'none'],
[pattern: '/**/js/**', filters: 'none'],
[pattern: '/**/css/**', filters: 'none'],
[pattern: '/**/images/**', filters: 'none'],
[pattern: '/**/fonts/**', filters: 'none'],
[pattern: '/**/favicon.ico', filters: 'none'],
[pattern: '/**', filters: 'JOINED_FILTERS'],
]
方法实现应该是Spring Security的默认方法。
我的生产特定配置应该没有问题。我在开发模式下尝试了我的生产配置,但它确实有效。我尝试了多个hibernate4版本以及hibernate5。我尝试降低弹簧安全性,但也没有帮助。