Securing URL mapping with grails spring security core plugin
Question
Just what the title says, I am trying to secure pages using Spring's security core. Consider the following URL mapping (suppose that home.gsp , page1.gsp , and page2.gsp exists) :
"/"(view:'/home')
"/page1"(view:'/page1')
"/page2"(view:'/page2')
Now, consider the following settings inside the Config.groovy :
grails.plugin.springsecurity.interceptUrlMap = [
'/': ['IS_AUTHENTICATED_ANONYMOUSLY'],
'/**': ['IS_AUTHENTICATED_FULLY']
]
If I understand correctly, I should be able to access home without any security and I should be directed to the login page when I try to access /page1 or /page2 . Unfortunately, this doesn't seem to be the case. I can still access page1 and page2 directly (eg http://localhost:8080/MyGrailsProject/page1 ).
However, if I try and use @Secured annotations through a controller's actions, the security kicks in (ie the request is redirected to the login page). What seems to be the problem with my configuration? How do I secure URL maps?
3 answers
solution1
2 ACCPTED 2013-01-18 17:11:39
You have:
grails.plugin.springsecurity.interceptUrlMap
It should be
grails.plugins.springsecurity.interceptUrlMap
Note the s on plugins.
solution2
1 2013-01-18 16:59:39
顺序很重要,你应该在顶部interceptUrlMap中拥有最严格的一个。
solution3
1 2012-03-13 08:36:14
It's default approach, to use annotations. But if you prefer to use url map, you have to set up:
grails.plugins.springsecurity.securityConfigType = "InterceptUrlMap"
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.