[英]Grails Spring Security plugin and dbconsole
I use grails 2.4.3 and have installed the official grails security plugin 我使用grails 2.4.3并安装了官方grails安全插件
compile ":spring-security-core:2.0-RC4"
Before installing the plugin, i was able to access the Database console page in using the url 在安装插件之前,我可以使用url访问数据库控制台页面
http://localhost:8080/tobu/dbconsole
However, after installing the plugin, i am not able to do so. 但是,安装插件后,我无法这样做。 I get the default login screen when i try to access the above mentioned URl and logging in through any user account shows the "access denied" page. 当我尝试访问上面提到的URl并通过任何用户帐户登录时,我得到默认登录屏幕显示“访问被拒绝”页面。 How do i resolve this issue? 我该如何解决这个问题?
grails.project.groupId = appName
grails.mime.disable.accept.header.userAgents = ['Gecko', 'WebKit', 'Presto', 'Trident']
grails.mime.types = [ // the first one is the default format
all: '*/*', // 'all' maps to '*' or the first available format in withFormat
atom: 'application/atom+xml',
css: 'text/css',
csv: 'text/csv',
form: 'application/x-www-form-urlencoded',
html: ['text/html','application/xhtml+xml'],
js: 'text/javascript',
json: ['application/json', 'text/json'],
multipartForm: 'multipart/form-data',
rss: 'application/rss+xml',
text: 'text/plain',
hal: ['application/hal+json','application/hal+xml'],
xml: ['text/xml', 'application/xml']
]
grails.views.default.codec = "html"
grails.controllers.defaultScope = 'singleton'
grails {
views {
gsp {
encoding = 'UTF-8'
htmlcodec = 'xml' // use xml escaping instead of HTML4 escaping
codecs {
expression = 'html' // escapes values inside ${}
scriptlet = 'html' // escapes output from scriptlets in GSPs
taglib = 'none' // escapes output from taglibs
staticparts = 'none' // escapes output from static template parts
}
}
// escapes all not-encoded output at final stage of outputting
// filteringCodecForContentType.'text/html' = 'html'
}
}
grails.converters.encoding = "UTF-8"
grails.scaffolding.templates.domainSuffix = 'Instance'
grails.json.legacy.builder = false
grails.enable.native2ascii = true
grails.spring.bean.packages = []
grails.web.disable.multipart=false
grails.exceptionresolver.params.exclude = ['password']
grails.hibernate.cache.queries = false
grails.hibernate.osiv.readonly = false
environments {
development {
grails.logging.jul.usebridge = true
}
production {
grails.logging.jul.usebridge = false
// TODO: grails.serverURL = "http://www.changeme.com"
}
}
log4j.main = {
// Example of changing the log pattern for the default console appender:
//
//appenders {
// console name:'stdout', layout:pattern(conversionPattern: '%c{2} %m%n')
//}
error 'org.codehaus.groovy.grails.web.servlet', // controllers
'org.codehaus.groovy.grails.web.pages', // GSP
'org.codehaus.groovy.grails.web.sitemesh', // layouts
'org.codehaus.groovy.grails.web.mapping.filter', // URL mapping
'org.codehaus.groovy.grails.web.mapping', // URL mapping
'org.codehaus.groovy.grails.commons', // core / classloading
'org.codehaus.groovy.grails.plugins', // plugins
'org.codehaus.groovy.grails.orm.hibernate', // hibernate integration
'org.springframework',
'org.hibernate',
'net.sf.ehcache.hibernate'
}
// Added by the Spring Security Core plugin:
grails.plugin.springsecurity.userLookup.userDomainClassName = 'tobu.Actor'
grails.plugin.springsecurity.userLookup.authorityJoinClassName = 'tobu.ActorRole'
grails.plugin.springsecurity.authority.className = 'tobu.Role'
grails.plugin.springsecurity.controllerAnnotations.staticRules = [
'/': ['permitAll'],
'/dbconsole': ['permitAll'],
'/index': ['permitAll'],
'/index.gsp': ['permitAll'],
'/assets/**': ['permitAll'],
'/**/js/**': ['permitAll'],
'/**/css/**': ['permitAll'],
'/**/images/**': ['permitAll'],
'/**/favicon.ico': ['permitAll']
]
我不得不对配置文件中的静态规则进行以下更改。
'/dbconsole/**': ['ROLE_USER'],
2019 UPDATE 2019年更新
I needed to tweak Shashank's answer a bit for it to work for me. 我需要调整Shashank的答案,因为它适合我。 I'm using Grails 3.3.9 and spring-security-core 3.2.3. 我使用的是Grails 3.3.9和spring-security-core 3.2.3。
I had to add this line to the file grails-app/conf/application.groovy 我不得不将此行添加到文件grails-app / conf / application.groovy中
grails.plugin.springsecurity.controllerAnnotations.staticRules = [
//.......
[pattern: '/dbconsole/**', access: ['ROLE_USER']]
]
I wanted to have the dbconsole accessible without my custom authentication made using the Spring Security Core plugin (the dbconsole has its own login page and it's enabled for the dev
environment only). 我想有没有我的自定义验证可以使用Spring Security的核心插件(在DBCONSOLE有它自己的登录页面,它的启用作出DBCONSOLE访问dev
唯一环境)。 Originally, I was trying the following static rule in the grails-app/conf/application.groovy
file: 最初,我在grails-app/conf/application.groovy
文件中尝试以下静态规则:
grails.plugin.springsecurity.controllerAnnotations.staticRules = [
[pattern: '/dbconsole', access: ['permitAll']],
...which didn't have any effect. ......没有任何影响。 I have always been redirected to Spring Security Core's login page. 我一直被重定向到Spring Security Core的登录页面。
After reading other answers of this question, I have managed to create a working static rule so http://localhost:8080/dbconsole
is not secured by the Spring Security Core plugin anymore: 在阅读了这个问题的其他答案后,我设法创建了一个有效的静态规则,因此Spring Security Core插件不再保护http://localhost:8080/dbconsole
:
grails.plugin.springsecurity.controllerAnnotations.staticRules = [
[pattern: '/dbconsole/**', access: ['permitAll']],
The trick is to create a static rule for /dbconsole
and all sub-paths (when dbconsole is accessed, it redirects to a login page located at dbconsole/login.jsp
), that's why the double-stars are needed. 诀窍是为/dbconsole
和所有子路径创建静态规则(当访问dbconsole时,它会重定向到位于dbconsole/login.jsp
的登录页面),这就是需要双星的原因。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.