Grails Spring Security 身份验证 - 未显示 GSP 错误
我是 Grails Spring Security 的新手,正在努力显示登录错误消息。
该插件已安装并针对我的数据库正确配置。当提供错误的用户名/密码时,LoginController 将接管并执行 auth > 操作。 authfail 被调用。这是正确的默认行为。
不过,当我配置 Config.groovy 时,LoginController 接管仅调用 auth(而不调用 authfail),因此错误消息不会添加到 flash,以便显示在 auth.gsp 中。
下面是我与 Spring Security 相关的 Config.groovy 配置:
grails.plugins.springsecurity.successHandler.defaultTargetUrl = '/组织/summaryLandingPage' grails.plugins.springsecurity.logout.afterLogoutUrl = '/登录/authfail'
grails.plugins.springsecurity.securityConfigType = "InterceptUrlMap" grails.plugins.springsecurity.interceptUrlMap = [ '/login/auth': ['IS_AUTHENTICATED_ANONYMOUSLY'], '/**': ['IS_AUTHENTICATED_FULLY'] ]
grails.plugins.springsecurity.userLookup.userDomainClassName = '用户' grails.plugins.springsecurity.userLookup.authorityJoinClassName = UserRole' grails.plugins.springsecurity.authority.className = 'lookups.Role' grails.plugins.springsecurity.authority.nameField = '值' grails.plugins.springsecurity.password.algorithm = 'MD5'
grails.plugins.springsecurity.useSessionFixationPrevention = true
任何帮助将不胜感激!
I am new to Grails Spring Security and am struggling to show the login error message.
The plugin is installed and correctly configured against my DB. When a wrong username/password is provided, LoginController takes over and actions auth > authfail are invoked. That's the correct default behaviour.
THOUGH, when I configure Config.groovy, LoginController takes over calling only auth (without invoking authfail), therefore the error message is not added to flash so to be shown in auth.gsp.
Bellow is my Config.groovy configuration related to Spring Security:
grails.plugins.springsecurity.successHandler.defaultTargetUrl =
'/organisation/summaryLandingPage'
grails.plugins.springsecurity.logout.afterLogoutUrl =
'/login/authfail'grails.plugins.springsecurity.securityConfigType = "InterceptUrlMap"
grails.plugins.springsecurity.interceptUrlMap = [
'/login/auth': ['IS_AUTHENTICATED_ANONYMOUSLY'],
'/**': ['IS_AUTHENTICATED_FULLY']
]grails.plugins.springsecurity.userLookup.userDomainClassName = 'User'
grails.plugins.springsecurity.userLookup.authorityJoinClassName = UserRole'
grails.plugins.springsecurity.authority.className = 'lookups.Role'
grails.plugins.springsecurity.authority.nameField = 'value'
grails.plugins.springsecurity.password.algorithm = 'MD5'grails.plugins.springsecurity.useSessionFixationPrevention = true
Any help would be much appreciated!
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(1)
看起来该行只允许向匿名用户提供
/login/auth(即LoginController.auth)。尝试将'/login/authFail': ['IS_AUTHENTICATED_ANONYMOUSLY']或'/login/**': ['IS_AUTHENTICATED_ANONYMOUSLY']添加到您的 InterceptUrlMap 中。It looks like that line is allowing only
/login/auth(i.e.LoginController.auth) to be served up to anonymous users. Try adding'/login/authFail': ['IS_AUTHENTICATED_ANONYMOUSLY']or'/login/**': ['IS_AUTHENTICATED_ANONYMOUSLY']to your interceptUrlMap.