Grails 2.4 spring security & Asset pipeline

2019-08-23 22:52发布

问题:

This is what request map table contains:

'/', '/index', '/index.gsp', '/**/favicon.ico',
  '/assets/**', '/**/js/**', '/**/css/**', '/**/images/**',
  '/login', '/login.*', '/login/*',
  '/logout', '/logout.*', '/logout/*']

But no static resources are loaded in login page. every request to static resource redirects to login/auth.

回答1:

In my (Spring Security 2.0-RC4) application I have:

grails.plugin.springsecurity.controllerAnnotations.staticRules = [
    '/'                 : ['permitAll'],
    '/searchable/**'    : ['permitAll'],
    '/index'            : ['permitAll'],
    '/index.gsp'        : ['permitAll'],
    '/assets/**'        : ['permitAll'],
    '/**/js/**'         : ['permitAll'],
    '/**/css/**'        : ['permitAll'],
    '/**/images/**'     : ['permitAll'],
    '/**/favicon.ico'   : ['permitAll']
]

and that is working without problems. Note that I use annotations.

It looks as if you use request mappings, and from the documentation I read that you probably create request mappings like this:

for (String url in [
  '/', '/index', '/index.gsp', '/**/favicon.ico',
  '/assets/**', '/**/js/**', '/**/css/**', '/**/images/**',
  '/login', '/login.*', '/login/*',
  '/logout', '/logout.*', '/logout/*']) {
       new Requestmap(url: url, configAttribute: 'permitAll').save()
   }

Perhaps you should consider to make a save(failOnError: true) to make sure, that you actually have data in your requestmap table.



回答2:

Obviously you use request mappings. So have a look to Using Spring Security and Requestmap fails in Grails

In addition to be sure your requestmap is ok you may flush your requestmap, e.g.:

new Requestmap(url: '/login/**', configAttribute: 'permitAll').save(flush: true, failOnError: true)