在Grails 3实验(https://github.com/davebrown1975/grails-multientrypoint-security)中,我难以正确配置Spring Security以利用2个不同的用户域,在本例中为Montagues&Capulets。每种类型的用户都应该有自己的登录页面,并限制他们可以或不能访问的内容。即登录的Capulet应该无法查看Montagues的页面,反之亦然。
因此,要建立这些规则,我有2种不同的用户类型,不同的视图和身份验证页面以及自定义过滤器,身份验证提供程序和入口点。
但是,根据我的GebSpec的当前行为,尝试调用受保护的Montague页面不会重定向到预期的Montague登录页面,而是重定向到插件默认的Login。所以也许问题出在下面的过滤器配置:
grails.plugin.springsecurity.filterChain.filterNames = [ 'securityContextPersistenceFilter', 'logoutFilter', 'authenticationProcessingFilter', 'rememberMeAuthenticationFilter', 'anonymousAuthenticationFilter', 'exceptionTranslationFilter', 'filterInvocationInterceptor' ] grails.plugin.springsecurity.filterChain.chainMap = [ [pattern: '/assets/**', filters: 'none'], [pattern: '/**/js/**', filters: 'none'], [pattern: '/**/css/**', filters: 'none'], [pattern: '/**/images/**', filters: 'none'], [pattern: '/**/favicon.ico', filters: 'none'], [pattern: '/capulets/**', filters: 'securityContextPersistenceFilter,logoutFilter,capuletsAuthenticationFilter,' + 'authenticationProcessingFilter,rememberMeAuthenticationFilter,anonymousAuthenticationFilter,' + 'exceptionTranslationFilter,filterInvocationInterceptor'], [pattern: '/montagues/**', filters: 'securityContextPersistenceFilter,logoutFilter,montaguesAuthenticationFilter,' + 'authenticationProcessingFilter,rememberMeAuthenticationFilter,anonymousAuthenticationFilter,' + 'exceptionTranslationFilter,filterInvocationInterceptor'], [pattern: '/**', filters: 'JOINED_FILTERS,-montaguesAuthenticationFilter,-capuletsAuthenticationFilter'] ]
对此将提供任何帮助。
谢谢