拒绝访问和获取对不起,在将插件升级到grails中的2.0版本之后,您没有权限查看此页面
拒绝访问和获取对不起,在将插件升级到grails中的2.0版本之后,您没有权限查看此页面
提问于 2013-12-20 04:20:26
我在我的项目中使用grails2.3.3和groovy2.2.0版本。在我决定将spring安全核心1.2.7.3、ui 0.2和acl 1.1.1升级到spring安全核心2.0、ui 1.0和acl 2.0之前,我一直工作得很好。我成功升级了。但是当我尝试登录时,我得到了“对不起,您没有权限查看此页面”。拒绝访问消息。
我在bootstrap.groovy文件中创建了用户,如下所示。
Bootstrap.groovy
import com.vproc.member.Address;
import com.vproc.member.Profile;
import com.vproc.member.Role ;
class BootStrap {
def init = { servletContext ->
def userRole = Role.findByAuthority('ROLE_USER') ?: new Role(authority: 'ROLE_USER').save(failOnError: true)
def adminRole = Role.findByAuthority('ROLE_COMPANY_ADMIN') ?: new Role(authority: 'ROLE_COMPANY_ADMIN').save(failOnError: true)
def guestRole = Role.findByAuthority('ROLE_GUEST') ?: new Role(authority: 'ROLE_GUEST').save(failOnError: true)
def csrRole = Role.findByAuthority('ROLE_CSR') ?: new Role(authority: 'ROLE_CSR').save(failOnError: true)
//PersonRole.create adminUser, adminRole
def address = new Address( city : 'Pune' , stateCode : 'MH' , countryCode : 'IN' )
def adminProfile = Profile.findByEmailAddress('sachin.jha@gmail.com' )?: new Profile(
//privacyLevel: ProfilePrivacyLevelEnum.Private,
emailAddress: "sachin.jha@gmail.com" ,
phoneNumber: "9325507992",
//status : 'Active'
) //.save( failOnError: true)
def adminPerson = Person.findByUsername( 'admin') ?: new Person( username : 'admin' , password : 'passw0rd' , enabled: true , firstName: 'admin' , lastName : 'user' , profile: adminProfile , status: StatusEnum.Active ).save( failOnError: true) ;
def vprocOrganization = Organization.findByOrgName('VPROCURE') ?: new Organization ( orgName: 'VPROCURE' , orgSize : 100 , mailingAddress: address, contact: adminPerson ).save( failOnError: true)
def vprocCustomer = Customer.findByParty( vprocOrganization) ?: new Customer ( party: vprocOrganization, status: StatusEnum.Active ).save(failOnError: true) ;
def adminUser = Subscriber.findByParty(adminPerson) ?: new Subscriber( party: adminPerson, customer: vprocCustomer , status: StatusEnum.Active ).save( failOnError: true)
if ( !adminUser.authorities.contains(adminRole)){
SubscriberRole.create adminUser, adminRole
}
JSON.registerObjectMarshaller(Date) {
return it?.format("MM/dd/yyyy")
}
def userProfile = Profile.findByEmailAddress( 'sachin.jha.user@gmail.com') ?: new Profile(
//privacyLevel: ProfilePrivacyLevelEnum.Private,
emailAddress: "sachin.jha.user@gmail.com",
phoneNumber : "9325507992",
//status : 'Active'
) //.save( failOnError: true)
def userPerson = Person.findByUsername( 'plainuser') ?: new Person(username: 'plainuser', password : 'passw0rd' , enabled: true , firstName: 'plain' , lastName : 'user' , profile: userProfile , status: StatusEnum.Active).save( failOnError: true) ;
def plainUser = Subscriber.findByParty(userPerson) ?: new Subscriber( party: userPerson, customer: vprocCustomer , status: StatusEnum.Active ).save( failOnError : true )
if ( !plainUser.authorities.contains(userRole)){
SubscriberRole.create plainUser, userRole
}
Category electornicsCat = Category.findByName('Electronics') ?: new Category( name:"Electronics" , description: "Electronics market").save(failOnError: true);
Category realEstateCat = Category.findByName('Real Estate') ?: new Category( name:"Real Estate" , description: "Real Estate market").save(failOnError: true);
SubCategory subcatServices = SubCategory.findByNameAndCategory( 'Services' , electornicsCat ) ?: new SubCategory( name: 'Services', category: electornicsCat).save(failOnError: true);
SubCategory subcatConsumerGoods = SubCategory.findByNameAndCategory( 'Consumer Goods' , electornicsCat ) ?: new SubCategory( name: 'Consumer Goods', category: electornicsCat).save(failOnError: true);
SubCategory subcatFlate= SubCategory.findByNameAndCategory('Flate',realEstateCat) ?: new SubCategory(name: 'Flate', category: realEstateCat).save(failOnError: true)
SubCategory subcatHousing = SubCategory.findByNameAndCategory('House',realEstateCat) ?: new SubCategory(name: 'House', category: realEstateCat).save(failOnError: true)
/*vprocCustomer.addToSubscribers(amdinUser)
vprocCustomer.addToSubscribers(plainUser)
vprocCustomer.save( failOnError : true);*/
}
def destroy = {
}
}Config.groovy
grails.project.groupId = appName // change this to alter the default package name and Maven publishing destination
grails.mime.file.extensions = true // enables the parsing of file extensions from URLs into the request format
grails.views.default.codec = "none" // none, html, base64
grails.resources.modules = {
'custom-bootstrap' {
dependsOn 'bootstrap'
resource url:[dir: 'less', file: 'custom-bootstrap.less'], attrs:[rel: "stylesheet/less", type:'css']
}
}
// set per-environment serverURL stem for creating absolute links
environments {
development {
grails.logging.jul.usebridge = true
}
production {
grails.logging.jul.usebridge = false
// TODO: grails.serverURL = "http://www.changeme.com"
}
}
// log4j configuration
log4j = {
// Example of changing the log pattern for the default console
// appender:
//
appenders {
console name:'stdout', layout:pattern(conversionPattern: '%c{2} %m%n')
}
error 'org.codehaus.groovy.grails.web.servlet', // controllers
'org.codehaus.groovy.grails.web.pages', // GSP
'org.codehaus.groovy.grails.web.sitemesh', // layouts
'org.codehaus.groovy.grails.web.mapping.filter', // URL mapping
'org.codehaus.groovy.grails.web.mapping', // URL mapping
'org.codehaus.groovy.grails.commons', // core / classloading
'org.codehaus.groovy.grails.plugins', // plugins
'org.codehaus.groovy.grails.orm.hibernate', // hibernate integration
'org.springframework',
'org.hibernate',
'net.sf.ehcache.hibernate'
error 'grails.app'
/* root {
error 'stdout'
info 'stdout'
warn 'stdout'
debug 'stdout'
additivity = true
}*/
}
// Added by the Spring Security Core plugin:
/*grails.plugins.springsecurity.userLookup.userDomainClassName = 'com.vproc.member.Person'
grails.plugins.springsecurity.userLookup.authorityJoinClassName = 'com.vproc.member.PersonRole'
grails.plugins.springsecurity.authority.className = 'com.vproc.member.Role'*/
grails.plugin.springsecurity.securityConfigType = SecurityConfigType.InterceptUrlMap
grails.plugin.springsecurity.interceptUrlMap = [
'/login/selectOrg' : [],
'/enquiry2/**': ['ROLE_USER', 'ROLE_COMPANY_ADMIN'],
'/subscriber/**': ['ROLE_USER', 'ROLE_COMPANY_ADMIN'],
'/contact/*': ['ROLE_USER', 'ROLE_COMPANY_ADMIN'],
'/**': ['IS_AUTHENTICATED_ANONYMOUSLY']
]//由Spring安全核心插件添加:
grails.attachmentable.poster.evaluator ={ getPrincipal() }
// twitter引导带
grails.plugin.springsecurity.securityConfigType =“注释”grails.plugin.springsecurity.password.algorithm='bcrypt‘=“bundle_bootstrap”
BuildConfig.groovy
plugins {
build ':tomcat:7.0.47'
runtime ':hibernate:3.6.10.4'
runtime ":jquery:1.10.2"
compile ":class-diagram:0.5.2"
compile ':spring-security-core:2.0-RC2'
runtime ':resources:1.2'
runtime ":prototype:1.0"
compile ":webxml:1.4.1"
runtime ":cached-resources:1.0"
runtime ":zipped-resources:1.0"
compile ":cache-headers:1.1.5"
compile ":attachmentable:0.3.0"
compile ":avatar:0.6.3"
runtime ':spring-security-acl:2.0-RC1'
compile ":cloud-bees:0.6.2"
compile ":jquery-datatables:1.7.5"
compile ":jquery-validation:1.9"
compile ":jquery-validation-ui:1.4.7"
compile ":twitter-bootstrap:2.3.2"
compile ":lesscss-resources:1.3.3"
compile ":fields:1.3"
compile ":scaffolding:2.0.1"
compile ":jquery-ui:1.10.3"
compile ":spring-security-ui:1.0-RC1"
compile ":mail:1.0.1"
compile ":famfamfam:1.0.1"
compile ":burning-image:0.5.1"
}
}注意:使用以前版本的spring安全核心,我能够与通过引导创建的用户登录。但现在我面临着访问被拒绝的问题。任何关于这个的事情!
回答 3
Stack Overflow用户
回答已采纳
发布于 2013-12-21 06:08:34
我试着用来自grails邮件线程的@Burt-贝克特推荐的解决方案,并为我工作,就像魅力一样,这就是我所遵循的。
grails.plugin.springsecurity.rejectIfNoRule = false
grails.plugin.springsecurity.fii.rejectPublicInvocations = false
grails.plugin.springsecurity.securityConfigType = 'InterceptUrlMap'
grails.plugin.springsecurity.interceptUrlMap = [
'/': ['permitAll'],
'/index': ['permitAll'],
'/index.gsp': ['permitAll'],
'/**/js/**': ['permitAll'],
'/**/css/**': ['permitAll'],
'/**/images/**': ['permitAll'],
'/**/favicon.ico': ['permitAll'],
'/login/**': ['permitAll'],
'/logout/**': ['permitAll']
]我只做了一个与线程不同的更改,因为线程所说的对我不起作用。所以我做了一些修改,如下所示:
grails.plugin.springsecurity.fii.rejectPublicInvocations =假
多亏了@伯特-贝克威。
Stack Overflow用户
发布于 2013-12-20 04:31:31
您需要添加登录和注销规则:
grails.plugins.springsecurity.interceptUrlMap = [
// === THIS TWO LINES, for logout and login
'/logout/**' : ['IS_AUTHENTICATED_REMEMBERED,IS_AUTHENTICATED_FULLY'],
'/login/**' : ['IS_AUTHENTICATED_ANONYMOUSLY'],
'/login/selectOrg' : [],
'/login/selectOrg' : [],
'/enquiry2/**': ['ROLE_USER', 'ROLE_COMPANY_ADMIN'],
'/subscriber/**': ['ROLE_USER', 'ROLE_COMPANY_ADMIN'],
'/contact/*': ['ROLE_USER', 'ROLE_COMPANY_ADMIN'],
'/**': ['IS_AUTHENTICATED_ANONYMOUSLY']
]Stack Overflow用户
发布于 2014-02-10 10:27:43
安全插件的新更新使用了一种对url锁定的悲观方法,这意味着除非显式指定,否则默认情况下它会锁定对所有url的访问。那么,在您的情况下可能发生的情况是,在成功身份验证之后,默认的成功url可能会被插件的新版本锁定。对此有三种解决办法:
1)使用@Burt-贝克威溶液并在rejectPublicInvocations下更改config.groovy参数。
grails.plugin.springsecurity.fii.rejectPublicInvocations =假
2)解除默认成功的障碍,例如:
‘/’:'ROLE_ADMIN'**
或
‘/主页/’:'permitAll'**
( 3)在成功的控制者或行动中明确定义许可,例如:
控制器:@Secured(‘角色_ADMIN’,'ROLE_USER')
类用户{
--
}
操作:
@Secured('permitAll')
def首页(){
--
}
希望这能有所帮助。
页面原文内容由Stack Overflow提供。腾讯云小微IT领域专用引擎提供翻译支持
原文链接:
https://stackoverflow.com/questions/20696211
复制相关文章
相似问题
腾讯云开发者
Copyright © 2013 - 2026 Tencent Cloud. All Rights Reserved. 腾讯云 版权所有
深圳市腾讯计算机系统有限公司 ICP备案/许可证号:粤B2-20090059 
粤公网安备44030502008569号
腾讯云计算(北京)有限责任公司 京ICP证150476号 | 京ICP备11018762号