问题陈述
信封:
JDK 1.7
Grails 3.1.4
Spring 证券3.0.3
我们有以下项目结构
Grails应用
-我的自定义安全插件
-Grails Spring Security 3.0.3
我在自定义安全插件中定义了以下YML
应用程序
grails:
plugin:
springsecurity:
active: true
password.algorithm: 'bcrypt'
userLookup.userDomainClassName: 'com.etorient.products.smeerp.User'
userLookup.userAuthorityGroupsPropertyName: 'activeRightGroups'
userLookup.userGroupPropertyName: 'activeUserGroups'
userLookup.userGroupAuthoritiesPropertyName: 'activeAccessRights'
userLookup.userGroupAuthorityGroupsPropertyName: 'activeRightGroups'
userLookup.groupAuthoritiesPropertyName: 'activeAccessRights'
userLookup.enabledPropertyName: "active"
authority.className: 'com.etorient.products.smeerp.AccessRight'
authority.nameField: 'rightText'
authority.userLookup.authoritiesPropertyName: 'activeAccessRights'
authority.userLookup.authorityJoinClassName: 'com.etorient.products.smeerp.SecUserAccessRight'
useRoleGroups: true
logout.postOnly: false
rejectIfNoRule: false
fii.rejectPublicInvocations: false
successHandler.defaultTargetUrl: '/admin'
securityConfigType: 'Annotation'
controllerAnnotations.staticRules:
- pattern: '/'
access: ['permitAll']
- pattern: '/error'
access: ['permitAll']
- pattern: '/index'
access: ['permitAll']
- pattern: '/index.gsp'
access: ['permitAll']
- pattern: '**/assets**/**'
access: ['permitAll']
- pattern: '/assets/**'
access: ['permitAll']
- pattern: '/**/js/**'
access: ['permitAll']
- pattern: '/error'
access: ['permitAll']
- pattern: '/**/css/**'
access: ['permitAll']
- pattern: '/**/images/**'
access: ['permitAll']
- pattern: '/**/fonts/**'
access: ['permitAll']
- pattern: '/**/favicon.ico'
access: ['permitAll']
- pattern: '/**/resources**/**'
access: ['permitAll']
- pattern: '/login'
access: ['permitAll']
- pattern: '/login.*'
access: ['permitAll']
- pattern: '/login/*'
access: ['permitAll']
- pattern: '/logout'
access: ['permitAll']
- pattern: '/logout.*'
access: ['permitAll']
- pattern: '/logout/*'
access: ['permitAll']
问题:
Grails从不采用YML静态规则。要求对所有资源进行身份验证。
YML定义是否有问题或其错误?
最佳答案
您可以在/ conf目录中创建文件application.groovy,并且该文件可以包含规则,例如:
grails {
plugin {
springsecurity {
.
.
.
interceptUrlMap = [
[pattern: '/', access: ['permitAll']],
[pattern: '/error', access: ['permitAll']]
.
.
.
]
}
}
}
关于grails - Spring Security 3.0.3-如果在插件或子插件中定义YML安全配置将不起作用,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/36816417/