我正在为我的项目使用grails 2.3.3和groovy 2.2.0版本.我工作正常,直到我决定将spring security core 1.2.7.3,ui 0.2和acl 1.1.1升级到spring security core 2.0,ui 1.0和acl 2.0.我成功升级了.但是当我尝试登录时,我收到"抱歉,您无权查看此页面." 拒绝访问消息.
我在bootstrap.groovy文件中创建了用户,如下所示.
BootStrap.groovy中
import com.vproc.member.Address; import com.vproc.member.Profile; import com.vproc.member.Role ; class BootStrap { def init = { servletContext -> def userRole = Role.findByAuthority('ROLE_USER') ?: new Role(authority: 'ROLE_USER').save(failOnError: true) def adminRole = Role.findByAuthority('ROLE_COMPANY_ADMIN') ?: new Role(authority: 'ROLE_COMPANY_ADMIN').save(failOnError: true) def guestRole = Role.findByAuthority('ROLE_GUEST') ?: new Role(authority: 'ROLE_GUEST').save(failOnError: true) def csrRole = Role.findByAuthority('ROLE_CSR') ?: new Role(authority: 'ROLE_CSR').save(failOnError: true) //PersonRole.create adminUser, adminRole def address = new Address( city : 'Pune' , stateCode : 'MH' , countryCode : 'IN' ) def adminProfile = Profile.findByEmailAddress('sachin.jha@gmail.com' )?: new Profile( //privacyLevel: ProfilePrivacyLevelEnum.Private, emailAddress: "sachin.jha@gmail.com" , phoneNumber: "9325507992", //status : 'Active' ) //.save( failOnError: true) def adminPerson = Person.findByUsername( 'admin') ?: new Person( username : 'admin' , password : 'passw0rd' , enabled: true , firstName: 'admin' , lastName : 'user' , profile: adminProfile , status: StatusEnum.Active ).save( failOnError: true) ; def vprocOrganization = Organization.findByOrgName('VPROCURE') ?: new Organization ( orgName: 'VPROCURE' , orgSize : 100 , mailingAddress: address, contact: adminPerson ).save( failOnError: true) def vprocCustomer = Customer.findByParty( vprocOrganization) ?: new Customer ( party: vprocOrganization, status: StatusEnum.Active ).save(failOnError: true) ; def adminUser = Subscriber.findByParty(adminPerson) ?: new Subscriber( party: adminPerson, customer: vprocCustomer , status: StatusEnum.Active ).save( failOnError: true) if ( !adminUser.authorities.contains(adminRole)){ SubscriberRole.create adminUser, adminRole } JSON.registerObjectMarshaller(Date) { return it?.format("MM/dd/yyyy") } def userProfile = Profile.findByEmailAddress( 'sachin.jha.user@gmail.com') ?: new Profile( //privacyLevel: ProfilePrivacyLevelEnum.Private, emailAddress: "sachin.jha.user@gmail.com", phoneNumber : "9325507992", //status : 'Active' ) //.save( failOnError: true) def userPerson = Person.findByUsername( 'plainuser') ?: new Person(username: 'plainuser', password : 'passw0rd' , enabled: true , firstName: 'plain' , lastName : 'user' , profile: userProfile , status: StatusEnum.Active).save( failOnError: true) ; def plainUser = Subscriber.findByParty(userPerson) ?: new Subscriber( party: userPerson, customer: vprocCustomer , status: StatusEnum.Active ).save( failOnError : true ) if ( !plainUser.authorities.contains(userRole)){ SubscriberRole.create plainUser, userRole } Category electornicsCat = Category.findByName('Electronics') ?: new Category( name:"Electronics" , description: "Electronics market").save(failOnError: true); Category realEstateCat = Category.findByName('Real Estate') ?: new Category( name:"Real Estate" , description: "Real Estate market").save(failOnError: true); SubCategory subcatServices = SubCategory.findByNameAndCategory( 'Services' , electornicsCat ) ?: new SubCategory( name: 'Services', category: electornicsCat).save(failOnError: true); SubCategory subcatConsumerGoods = SubCategory.findByNameAndCategory( 'Consumer Goods' , electornicsCat ) ?: new SubCategory( name: 'Consumer Goods', category: electornicsCat).save(failOnError: true); SubCategory subcatFlate= SubCategory.findByNameAndCategory('Flate',realEstateCat) ?: new SubCategory(name: 'Flate', category: realEstateCat).save(failOnError: true) SubCategory subcatHousing = SubCategory.findByNameAndCategory('House',realEstateCat) ?: new SubCategory(name: 'House', category: realEstateCat).save(failOnError: true) /*vprocCustomer.addToSubscribers(amdinUser) vprocCustomer.addToSubscribers(plainUser) vprocCustomer.save( failOnError : true);*/ } def destroy = { } }
Config.groovy中
grails.project.groupId = appName // change this to alter the default package name and Maven publishing destination grails.mime.file.extensions = true // enables the parsing of file extensions from URLs into the request format grails.views.default.codec = "none" // none, html, base64 grails.resources.modules = { 'custom-bootstrap' { dependsOn 'bootstrap' resource url:[dir: 'less', file: 'custom-bootstrap.less'], attrs:[rel: "stylesheet/less", type:'css'] } } // set per-environment serverURL stem for creating absolute links environments { development { grails.logging.jul.usebridge = true } production { grails.logging.jul.usebridge = false // TODO: grails.serverURL = "http://www.changeme.com" } } // log4j configuration log4j = { // Example of changing the log pattern for the default console // appender: // appenders { console name:'stdout', layout:pattern(conversionPattern: '%c{2} %m%n') } error 'org.codehaus.groovy.grails.web.servlet', // controllers 'org.codehaus.groovy.grails.web.pages', // GSP 'org.codehaus.groovy.grails.web.sitemesh', // layouts 'org.codehaus.groovy.grails.web.mapping.filter', // URL mapping 'org.codehaus.groovy.grails.web.mapping', // URL mapping 'org.codehaus.groovy.grails.commons', // core / classloading 'org.codehaus.groovy.grails.plugins', // plugins 'org.codehaus.groovy.grails.orm.hibernate', // hibernate integration 'org.springframework', 'org.hibernate', 'net.sf.ehcache.hibernate' error 'grails.app' /* root { error 'stdout' info 'stdout' warn 'stdout' debug 'stdout' additivity = true }*/ } // Added by the Spring Security Core plugin: /*grails.plugins.springsecurity.userLookup.userDomainClassName = 'com.vproc.member.Person' grails.plugins.springsecurity.userLookup.authorityJoinClassName = 'com.vproc.member.PersonRole' grails.plugins.springsecurity.authority.className = 'com.vproc.member.Role'*/ grails.plugin.springsecurity.securityConfigType = SecurityConfigType.InterceptUrlMap grails.plugin.springsecurity.interceptUrlMap = [ '/login/selectOrg' : [], '/enquiry2/**': ['ROLE_USER', 'ROLE_COMPANY_ADMIN'], '/subscriber/**': ['ROLE_USER', 'ROLE_COMPANY_ADMIN'], '/contact/*': ['ROLE_USER', 'ROLE_COMPANY_ADMIN'], '/**': ['IS_AUTHENTICATED_ANONYMOUSLY'] ]
//由Spring Security Core插件添加:
grails.attachmentable.poster.evaluator = {getPrincipal()}
// twitter boot strap
grails.plugins.twitterbootstrap.fixtaglib = true grails.plugins.twitterbootstrap.defaultBundle ='bundle_bootstrap'grails.plugin.springsecurity.securityConfigType ="Annotation"grails.plugin.springsecurity.password.algorithm ='bcrypt'
BuildConfig.groovy
plugins { build ':tomcat:7.0.47' runtime ':hibernate:3.6.10.4' runtime ":jquery:1.10.2" compile ":class-diagram:0.5.2" compile ':spring-security-core:2.0-RC2' runtime ':resources:1.2' runtime ":prototype:1.0" compile ":webxml:1.4.1" runtime ":cached-resources:1.0" runtime ":zipped-resources:1.0" compile ":cache-headers:1.1.5" compile ":attachmentable:0.3.0" compile ":avatar:0.6.3" runtime ':spring-security-acl:2.0-RC1' compile ":cloud-bees:0.6.2" compile ":jquery-datatables:1.7.5" compile ":jquery-validation:1.9" compile ":jquery-validation-ui:1.4.7" compile ":twitter-bootstrap:2.3.2" compile ":lesscss-resources:1.3.3" compile ":fields:1.3" compile ":scaffolding:2.0.1" compile ":jquery-ui:1.10.3" compile ":spring-security-ui:1.0-RC1" compile ":mail:1.0.1" compile ":famfamfam:1.0.1" compile ":burning-image:0.5.1" } }
注意:使用以前版本的spring security core,我能够使用bootstrap创建的用户登录.但现在我面临访问被拒绝的问题.任何对此的看法!
我尝试使用来自grails邮件线程的@ burt-beckwith建议的以下解决方案,并像魅力一样为我工作,并且正在关注.
grails.plugin.springsecurity.rejectIfNoRule = false grails.plugin.springsecurity.fii.rejectPublicInvocations = false grails.plugin.springsecurity.securityConfigType = 'InterceptUrlMap' grails.plugin.springsecurity.interceptUrlMap = [ '/': ['permitAll'], '/index': ['permitAll'], '/index.gsp': ['permitAll'], '/**/js/**': ['permitAll'], '/**/css/**': ['permitAll'], '/**/images/**': ['permitAll'], '/**/favicon.ico': ['permitAll'], '/login/**': ['permitAll'], '/logout/**': ['permitAll'] ]
我只做了一个与线程不同的更改,因为什么线程说,对我来说不起作用.所以我做了一些改动,其中包括:
grails.plugin.springsecurity.fii.rejectPublicInvocations = false
非常感谢@ burt-beckwith.