开发者

Using @Secured Annotation causes IS_FULLY_AUTHENTICATED problem in grails

开发者 https://www.devze.com 2022-12-30 18:33 出处:网络
I\'m using Acegi/Spring Security in grails and when i use the annotations like @Secured([\'ROLE_ADMIN\']) it denies my login even though the user is part of开发者_如何学编程 ROLE_ADMIN.

I'm using Acegi/Spring Security in grails and when i use the annotations like @Secured(['ROLE_ADMIN']) it denies my login even though the user is part of开发者_如何学编程 ROLE_ADMIN.

In looking through the login is it seems that it's getting an IS_AUTHENTICATED_FULLY role also but I have never added that to a page so i'm not sure how to bypass that. I read somewhere to preauthorize the user, but i'm not sure how to do that with grails.


Have you enabled annotations based authentication in the security config?

E.g.

useRequestMapDomainClass = false

useControllerAnnotations = true

Also, triple check that the role is assigned (GORM might be silently failing your save).

You could printout the authorities assigned to the user just to make sure.

E.g.

user.authorities.each { it.authority }

0

精彩评论

暂无评论...
验证码 换一张
取 消