Just what the title says, I am trying to secure pages using Spring's security core. Consider the following URL mapping (suppose that home.gsp
, page1.gsp
, and page2.gsp
exists) :
"/"(view:'/home')
"/page1"(view:'/page1')
"/page2"(view:'/page2')
Now, consider the following settings inside the Config.groovy
:
grails.plugin.springsecurity.interceptUrlMap = [
'/': ['IS_AUTHENTICATED_ANONYMOUSLY'],
'/**': ['IS_AUTHENTICATED_FULLY']
]
If I understand correctly, I should be able to access home without any security and I should be directed to the login page when I try to access /page1
or /page2
. Unfortunately, this doesn't seem to be the case. I can still access page1 and page2 directly (eg http://localhost:8080/MyGrailsProject/page1 ).
However, if I try and use @Secured
annotations through a controller's actions, the security kicks in (ie the request is redirected to the login page). What seems to be the problem with my configuration? How do I secure URL maps?
You have:
grails.plugin.springsecurity.interceptUrlMap
It should be
grails.plugins.springsecurity.interceptUrlMap
Note the s on plugins.
顺序很重要,你应该在顶部interceptUrlMap中拥有最严格的一个。
It's default approach, to use annotations. But if you prefer to use url map, you have to set up:
grails.plugins.springsecurity.securityConfigType = "InterceptUrlMap"
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.