[英]Grails Spring Security Core Plugin redirect issue
I'm using the "Spring Security Core Plugin" for Grails and am using a simple map in my Config.groovy file to restrict access based on authentication type. 我正在使用Grails的“ Spring Security Core插件”,并在Config.groovy文件中使用了一个简单的映射来限制基于身份验证类型的访问。
For example, I want to prevent users from going to the "user/create" page because obviously you wouldn't want people to be able to create other users when they're logged in (I'm ignoring for now that managers/mods would be able to have this functionality). 例如,我要阻止用户进入“用户/创建”页面,因为显然您不希望人们在登录后能够创建其他用户(我现在忽略了经理/ mods将能够具有此功能)。 To accomlish this, I have
为了做到这一点,我有
grails.plugins.springsecurity.interceptUrlMap = [
'/user/create': ['IS_AUTHENTICATED_ANONYMOUSLY']
]
The only problem is, it seems to be acting like the action: 唯一的问题是,它的行为似乎与操作类似:
redirect uri: SpringSecurityUtils.securityConfig.successHandler.defaultTargetUrl
I want it to redirect to the page it was previously on though. 我希望它重定向到以前的页面 。
ie user/list, attempt to call action create from user controller, if logged in, would reidirect back to user/list. 即用户/列表,尝试从用户控制器调用操作创建,如果登录,将重定向回用户/列表。
Any help is GREATLY appreciated. 任何帮助是极大的赞赏。
I might be wrong, but I don't think you can do what you want using ['IS_AUTHENTICATED_ANONYMOUSLY']
, it won't restrict logged in user since per documentation 我可能是错的,但我认为您无法使用
['IS_AUTHENTICATED_ANONYMOUSLY']
来完成您想做的事情,因为根据文档,它不会限制登录用户
The token accepts any authentication, even anonymous.
令牌接受任何身份验证,甚至匿名身份验证。
Why not just put something like 为什么不只是放一些东西
//in user controller
def create() {
if(springSecurityService.currentUser) {
//let them know they're already logged in
flash.message = message(code: 'your.....message')
redirect(action: "list")
}
//else take them to create form
...
}
Also change 'IS_AUTHENTICATED_ANONYMOUSLY' to 'permitAll'. 还将“ IS_AUTHENTICATED_ANONYMOUSLY”更改为“ permitAll”。 and use the if statement.
并使用if语句。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.