Grails Spring安全插件授权
[英]grails spring security plugin authorization
问题描述
I were using spring security plugin for authorization. 
我正在使用Spring Security插件进行授权。 Now I wanted to use jasper plugin for generating reports. 现在,我想使用jasper插件生成报告。 But, instead of generating the reports it shows Sorry, you're not authorized to view this page. 但是,您没有生成显示“ 对不起”的报告,而是无权查看此页面。 error. 错误。
Config.groovy: Config.groovy:
grails.plugin.springsecurity.controllerAnnotations.staticRules = [
'/' : ['permitAll'],
'/index' : ['permitAll'],
'/index.gsp' : ['permitAll'],
'/assets/**' : ['permitAll'],
'/**/js/**' : ['permitAll'],
'/**/css/**' : ['permitAll'],
'/**/images/**' : ['permitAll'],
'/**/fonts/**' : ['permitAll'],
'/**/favicon.ico' : ['permitAll'],
'/**/font-awesome/**': ['permitAll'],
'/**/reports/' : ['permitAll']
] ]
environments {
development {
jasper.dir.reports = '../src/reports'
}
production {
jasper.dir.reports = '/home/Sample-Reports'
// TODO: grails.serverURL = "http://www.changeme.com"
}
} }
How can I solve this problem? 我怎么解决这个问题?
EDIT: grails version 2.4.4 spring security version 2.0 编辑:grails版本2.4.4春季安全版本2.0
2 个解决方案
解决方案1
0 2015-06-16 10:47:15
in Config.groovy try to add the following: 在Config.groovy中尝试添加以下内容:
grails.plugins.springsecurity.interceptUrlMap = [ grails.plugins.springsecurity.interceptUrlMap = [
'/pathToActionThatGeneratesDocument/**': ['IS_AUTHENTICATED_ANONYMOUSLY'], '/ pathToActionThatGeneratesDocument / **':['IS_AUTHENTICATED_ANONYMOUSLY'],
] ]
解决方案2
0 2017-02-22 13:19:43
had a similar problem in dev with grails 3.2.6 and spring-security 3.1.1. grails 3.2.6和spring-security 3.1.1在开发人员中也有类似的问题。
i was trying to accessing /debconsole and couldnt. 我试图访问/ debconsole并无法。 even after updating the staticRules. 即使更新了staticRules。
its not elegant nor right but whilst in dev what you can do is add this to your /init/application.groovy 它不是很优雅也不正确,但是在开发过程中,您可以将其添加到/init/application.groovy
//added to avoid login screens for dbconsole
grails.plugin.springsecurity.rejectIfNoRule = false
grails.plugin.springsecurity.fii.rejectPublicInvocations = false
when you do it effectively turns the checking off whilst your looking at the dbconsole or console to check stuff and you dont get bounced by spring security. 当您执行此操作时,在查看dbconsole或控制台以检查内容的同时有效地关闭了检查,并且不会因spring security而退缩。
need to set back to true when you want the validation turned back on - but this was a quick fix that allowed me to get to the resource without getting bogged down on how to get to the h2 console when i needed it 当您需要重新启用验证时,需要将其设置为true-但这是一个快速修复,它使我能够访问资源而不会陷入需要使用h2控制台的麻烦
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.