1. 首頁
  2. 問答
  3. Grails - Spring Security Plugin - 添加'ROLE_ADMIN'後用戶有'ROLE_NO_ROLES'

Grails - Spring Security Plugin - 添加'ROLE_ADMIN'後用戶有'ROLE_NO_ROLES'

2017-03-30 40 views
0

我正在開發一個使用Grails的Web應用程序,並且我正在嘗試使用Admin Interface PluginGrails - Spring Security Plugin - 添加'ROLE_ADMIN'後用戶有'ROLE_NO_ROLES'

def init = { servletContext -> 
    def adminUser = User.findByUsername("episo_admin_root") 
     if(!adminUser){ 
      print "Creating admin user... " 
      adminUser = new User(username: username, emailAddress: emailAddress, password: password, birthDate: new Date(1, 1, 1), 
        sex: Sex.AGENDER, enabled: true, accountConfirmed: true, accountCreationDate: new Date()) 
      adminUser.save(flush: true, failOnError: true) 
      def auth = adminUser.addAuthority(Roles.ROLE_ADMIN) 
      auth.save(flush: true, failOnError: true) 
     } 
}

我還添加以下語句來檢查用戶是否被越來越作用:

if(adminUser.authorities.any { it.authority == Roles.ROLE_ADMIN }) println "Admin role added."出於測試目的,我使用下面的代碼行創建一個管理員用戶從BootStrap.groovy中

此檢查通過,並添加「管理員角色」。被打印到控制檯。 這裏是我的春季安全配置:

grails.plugin.springsecurity.rejectIfNoRule = true 
grails.plugin.springsecurity.fii.rejectPublicInvocations = false 
grails.plugin.springsecurity.interceptUrlMap = [ 
       '/':      ['permitAll'], 
       '/home':     ['permitAll'], 
       '/home.gsp':    ['permitAll'], 
       '/assets/**':    ['permitAll'], 
       ... 
       ... 
       '/**/js/**':    ['permitAll'], 
       '/**/css/**':    ['permitAll'], 
       '/**/images/**':   ['permitAll'], 
       '/**/favicon.ico':  ['permitAll'], 
       '/admin/**':    ['ROLE_ADMIN'] 
     ]

這裏是我的管理界面插件配置:

grails.plugin.admin.accessRoot = "/admin" 
grails.plugin.admin.domains."Users" = [ "mypackage.User" ] 
grails.plugin.admin.domains."My Groups" = [ "mypackage.Group" ] 
grails.plugin.admin.domains."Security Groups" = [ 'mypackage.Authority', 'mypackage.UserAuthority' ] 
grails.plugin.springsecurity.active = true 
grails.plugin.springsecurity.useBasicAuth = true 
grails.plugin.admin.security.role = "ROLE_ADMIN"

然而,當我登錄使用新的管理員用戶,並導航到「/管理」我得到的Apache Tomcat‘HTTP狀態403 - 訪問被拒絕’頁面,下面的調試信息被記錄到控制檯:

Secure object: FilterInvocation: URL: /admin; Attributes: [ROLE_ADMIN] 
Previously Authenticated: org.springframew[email protected]5ff53bc5: Principal: [email protected]: Username: [PROTECTED]; Password: [PROTECTED]; Enabled: true; AccountNonExpired: true; credentialsNonExpired: true; AccountNonLocked: true; Granted Authorities: ROLE_NO_ROLES; Credentials: [PROTECTED]; Authenticated: true; Details: org.sprin[email protected]957e: RemoteIpAddress: [PROTECTED]; SessionId: null; Granted Authorities: ROLE_NO_ROLES

如果滾動sidew在這個調試信息上,你會看到Spring Security認爲「授予權限」爲ROLE_NO_ROLES

我在向用戶添加角色時做錯了什麼? Spring Security爲什麼不能看到我已授予此用戶ROLE_ADMIN

我花了幾個小時試圖調試這個,我不明白我的代碼有什麼問題。

來源

2017-03-30 mjones.udri

回答

0

我想通了;我從解決我的問題的配置文件中刪除了以下行:

grails.plugin.springsecurity.useRoleGroups = true

來源

2017-03-30 19:54:38

相關問題

 相關問題