Grails Spring Security Core插件无法正常工作
[英]grails spring security core plugin not working
问题描述
我正在尝试将grails 3.3.5的spring安全插件3.2.1。
以下是我在应用程序常规中的静态规则
[pattern: '/error', access: ['permitAll']],
[pattern: '/index', access: ['permitAll']],
[pattern: '/index.gsp', access: ['permitAll']],
[pattern: '/shutdown', access: ['permitAll']],
[pattern: '/assets/**', access: ['permitAll']],
[pattern: '/fonts/**', access: ['permitAll']],
[pattern: '/**/js/**', access: ['permitAll']],
[pattern: '/**/css/**', access: ['permitAll']],
[pattern: '/**/images/**', access: ['permitAll']],
[pattern: '/**/favicon.ico', access: ['permitAll']],
[pattern: '/user/**', access: 'ROLE_USER'],
[pattern: '/admin/**', access:['ROLE_ADMIN','isFullyAuthenticated()']],
[pattern: '/inputParam/chipInput/', access: 'isAuthenticated()',httpMethod: 'PUT']
grails.plugin.springsecurity.filterChain.chainMap = [
[pattern: '/assets/**', filters: 'none'],
[pattern: '/**/js/**', filters: 'none'],
[pattern: '/**/css/**', filters: 'none'],
[pattern: '/**/images/**', filters: 'none'],
[pattern: '/**/favicon.ico', filters: 'none']
但它仍然允许用户和/ inputParam / chipInput /页面无需登录。 我已经在两个控制器中都有安全的批注@Secured('ROLE_USER')。 我究竟做错了什么?
1 个解决方案
解决方案1
0 2018-05-24 23:30:53
在我看来,该模式可能不正确和/或访问表达式不正确。 尝试将规则更改为:
[pattern: '/inputParam/chipInput', access: ["isAuthenticated() and request.getMethod().equals('PUT')"]
grails 2.3.5 + redis-gorm插件+ spring安全核心插件
[英]grails 2.3.5 + redis-gorm plugin + spring security core plugin
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.
相关问题
Spring Security Core Grails插件问题
Grails Spring Security Facebook插件不起作用
grails 2.3.5 + redis-gorm插件+ spring安全核心插件
Grails 3 Spring安全性插件
Spring Security Grails插件
Grails Spring核心安全插件 - 无法解析类
Grails Spring Security插件和dbconsole
Grails和Spring Security CAS插件
grails spring安全休息插件
Grails Spring Security插件-插件目录在哪里?
相关标签