我正在使用Grails开发一个Web应用程序,我正在尝试使用Predicate Format String Syntax: String Comparisons。出于测试目的,我使用以下代码行从BootStrap.groovy创建了一个管理员用户:
if(adminUser.authorities.any { it.authority == Roles.ROLE_ADMIN }) println "Admin role added."我还添加了以下语句来检查用户是否获得了该角色:
grails.plugin.springsecurity.rejectIfNoRule = true
grails.plugin.springsecurity.fii.rejectPublicInvocations = false
grails.plugin.springsecurity.interceptUrlMap = [
'/': ['permitAll'],
'/home': ['permitAll'],
'/home.gsp': ['permitAll'],
'/assets/**': ['permitAll'],
...
...
'/**/js/**': ['permitAll'],
'/**/css/**': ['permitAll'],
'/**/images/**': ['permitAll'],
'/**/favicon.ico': ['permitAll'],
'/admin/**': ['ROLE_ADMIN']
]
此检查通过,并添加了“管理员角色”。打印到控制台。 这是我对Spring Security的配置:
grails.plugin.admin.accessRoot = "/admin"
grails.plugin.admin.domains."Users" = [ "mypackage.User" ]
grails.plugin.admin.domains."My Groups" = [ "mypackage.Group" ]
grails.plugin.admin.domains."Security Groups" = [ 'mypackage.Authority', 'mypackage.UserAuthority' ]
grails.plugin.springsecurity.active = true
grails.plugin.springsecurity.useBasicAuth = true
grails.plugin.admin.security.role = "ROLE_ADMIN"
以下是我对Admin Interface Plugin的配置:
Secure object: FilterInvocation: URL: /admin; Attributes: [ROLE_ADMIN]
Previously Authenticated: org.springframework.security.authentication.UsernamePasswordAuthenticationToken@5ff53bc5: Principal: grails.plugin.springsecurity.userdetails.GrailsUser@d7469d37: Username: [PROTECTED]; Password: [PROTECTED]; Enabled: true; AccountNonExpired: true; credentialsNonExpired: true; AccountNonLocked: true; Granted Authorities: ROLE_NO_ROLES; Credentials: [PROTECTED]; Authenticated: true; Details: org.springframework.security.web.authentication.WebAuthenticationDetails@957e: RemoteIpAddress: [PROTECTED]; SessionId: null; Granted Authorities: ROLE_NO_ROLES
但是,当我以新管理员用户身份登录并导航到“/ admin”时,我得到Apache Tomcat“HTTP状态403 - 访问被拒绝”页面,并将以下调试信息记录到控制台:
ROLE_NO_ROLES如果您在该调试信息上横向滚动,您会看到Spring Security将“授权机构”视为ROLE_ADMIN。
将角色添加到用户时,我做错了什么?为什么Spring Security不会看到我已授予此用户{{1}}?
我花了好几个小时试图调试它,我无法理解我的代码有什么问题。
答案 0 :(得分:0)
我明白了;我从修复我的问题的配置文件中删除了以下行:
grails.plugin.springsecurity.useRoleGroups = true