我可以在 ZKGrails 编辑器中使用 Spring Security 注释吗?
我可以在 ZKGrails 编写器中使用 Spring Security 注释来保护 ajax 回调,还是可以/必须注入 springSecurityService (并在每个方法中手动检查主体的权限)?
更新:根据http://felipecypriano.com/2009/10/26/tweak-zk-to-make-event-processing-call-groovys-invokemethod/ ,注释应该有效,我在当前的ZKGrails插件版本(1.0.4)中发现了这篇文章中提到的修改。尽管如此,当我尝试保护我的作曲家中的方法时,它们仍然完全可以访问。
Can I use Spring Security annotations in my ZKGrails composers to secure the ajax-callbacks, or can/do i have to inject springSecurityService (and check the principal's authorities, in every method manually)?
Update: According to http://felipecypriano.com/2009/10/26/tweak-zk-to-make-event-processing-call-groovys-invokemethod/ , the annotations should work, and I found the modification mentioned in this post in the current ZKGrails plugin version (1.0.4). Still, when I try to secure methods in my composer, they remain fully accessible.
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(1)
因为spring security插件不支持“@Secured”注解。我认为你应该根据 http://felipecypriano.com/2009/10/19/enable-secured-annotation-with-grails-spring-security-plugin/ 启用 它。
Because "@Secured" annotation is not supported by spring security plug-in. I think you should implement your own method interceptor according http://felipecypriano.com/2009/10/19/enable-secured-annotation-with-grails-spring-security-plugin/ to enable it.