使用Spring Security保护对插件URL的访问
[英]Securing access to plugin URL with spring security
问题描述
I want to install JavaMelody grails plugin, although that is only possible if I can secure access to it. 
我想安装JavaMelody grails插件,尽管只有在我可以安全访问它的情况下才有可能。 There are a lot of people having this problem, the only applicable solution I found was using interceptUrlMap but that does not work either. 有很多人有这个问题,我发现唯一适用的解决方案是使用interceptUrlMap,但这也不起作用。 This is what I have in my Config.groovy 这就是我的Config.groovy中的内容
// Added by the Spring Security Core plugin:
grails.plugins.springsecurity.userLookup.userDomainClassName = 'com.auth.User'
grails.plugins.springsecurity.userLookup.authorityJoinClassName = 'com.auth.UserRole'
grails.plugins.springsecurity.userLookup.usernamePropertyName='username'
grails.plugins.springsecurity.authority.className = 'com.auth.Role'
// grails.plugins.springsecurity.securityConfigType = "Annotation"
grails.plugin.springsecurity.securityConfigType = 'InterceptUrlMap'
ograils.plugin.springsecurity.interceptUrlMap = [
'/monitoring': ['ROLE_ADMIN','IS_AUTHENTICATED_FULLY']
]
The application is using annotation for security, although I disabled only to test if thats whats causing the problem, but without success. 该应用程序使用注解来提高安全性,尽管我仅禁用了测试是否是引起问题的原因,但未成功。
What other options do I have for securing a URL? 我还可以使用其他哪些方法来保护URL? It has to be something that can be controlled from the application, and not any setting that is not contained in the grails application package. 它必须是可以从应用程序控制的东西,而不是grails应用程序包中未包含的任何设置。
1 个解决方案
解决方案1
0 2014-10-02 11:33:02
It appears it is working if I use the following: 如果使用以下命令,它似乎可以正常工作:
grails.plugins.springsecurity.controllerAnnotations.staticRules = [
'/monitoring/**': ['ROLE_ADMIN']
]
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.