[英]Securing URL mapping with grails spring security core plugin
Just what the title says, I am trying to secure pages using Spring's security core. 正如标题所说的那样,我正在尝试使用Spring的安全核心保护页面。 Consider the following URL mapping (suppose that home.gsp
, page1.gsp
, and page2.gsp
exists) : 考虑以下URL映射(假设home.gsp
, page1.gsp
和page2.gsp
存在):
"/"(view:'/home')
"/page1"(view:'/page1')
"/page2"(view:'/page2')
Now, consider the following settings inside the Config.groovy
: 现在,请考虑Config.groovy
的以下设置:
grails.plugin.springsecurity.interceptUrlMap = [
'/': ['IS_AUTHENTICATED_ANONYMOUSLY'],
'/**': ['IS_AUTHENTICATED_FULLY']
]
If I understand correctly, I should be able to access home without any security and I should be directed to the login page when I try to access /page1
or /page2
. 如果我理解正确,我应该能够在没有任何安全性的情况下访问家庭,当我尝试访问/page1
或/page2
时,我应该被引导到登录页面。 Unfortunately, this doesn't seem to be the case. 不幸的是,情况似乎并非如此。 I can still access page1 and page2 directly (eg http://localhost:8080/MyGrailsProject/page1 ). 我仍然可以直接访问page1和page2(例如http:// localhost:8080 / MyGrailsProject / page1 )。
However, if I try and use @Secured
annotations through a controller's actions, the security kicks in (ie the request is redirected to the login page). 但是,如果我尝试通过控制器的操作使用@Secured
注释,安全性就会启动(即请求被重定向到登录页面)。 What seems to be the problem with my configuration? 我的配置似乎有什么问题? How do I secure URL maps? 如何保护URL地图?
You have: 你有:
grails.plugin.springsecurity.interceptUrlMap
It should be 它应该是
grails.plugins.springsecurity.interceptUrlMap
Note the s on plugins. 注意插件上的s。
顺序很重要,你应该在顶部interceptUrlMap中拥有最严格的一个。
It's default approach, to use annotations. 这是默认方法,使用注释。 But if you prefer to use url map, you have to set up: 但是如果你更喜欢使用url map,你必须设置:
grails.plugins.springsecurity.securityConfigType = "InterceptUrlMap"
See docs: http://grails-plugins.github.com/grails-spring-security-core/docs/manual/guide/single.html#5.2%20Simple%20Map%20in%20Config.groovy 请参阅文档: http : //grails-plugins.github.com/grails-spring-security-core/docs/manual/guide/single.html#5.2%20Simple%20Map%20in%20Config.groovy
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.