Grails Spring Security UI,用户和角色管理访问
sfg*_*ups 7 grails spring-security
我已经安装了spring-security-core和spring-security-ui.还在roleadmin中添加了testuser.
当我运行应用程序时,我得到所有控制器列表,登录控制器使用用户名和密码.但当点击其他控制器时它说
"抱歉,您无权查看此页面."
我是否需要添加任何其他角色才能获得用户和角色管理UI访问权限?
插件版本.
compile':spring-security-core:2.0-RC2'compile":spring-security-ui:1.0-RC1"
访问此URL://127.0.0.1:8080/sec-test/role/search
登录后,这是我的屏幕.
首先在BootStrap.groovy中创建角色并测试用户:
import springsecurity.User
import springsecurity.Role
import springsecurity.UserRole
class BootStrap {
def init = { servletContext ->
def adminRole = new Role(authority: 'ROLE_ADMIN').save(flush: true)
def userRole = new Role(authority: 'ROLE_USER').save(flush: true)
def testUser = new User(username: 'testusername', password: '1234')
testUser.save(flush: true)
UserRole.create testUser, adminRole, true
assert User.count() == 1
assert Role.count() == 2
assert UserRole.count() == 1
}
def destroy = {
}
}
然后按建议覆盖:
grails s2ui-override auth
grails s2ui-override layout
grails s2ui-override user package.name
grails s2ui-override role package.name
最后将安全注释添加到您的控制器,即:
package springsecurity
import grails.plugin.springsecurity.annotation.Secured
@Secured(['ROLE_ADMIN'])
class RoleController extends grails.plugin.springsecurity.ui.RoleController {
}
小智 5
更好的方法是通过这些指令进行无法注册:
grails s2ui-override auth,grails s2ui-override layout,grails s2ui-override user com.myApp,grails s2ui-override role com.myApp,grails s2ui-override register com.myApp
并将其添加到Register控制器:
import grails.plugin.springsecurity.annotation.Secured
@Secured(['ROLE_ANONYMOUS'])
class RegisterController extends grails.plugin.springsecurity.ui.RegisterController {
}