如何为Grails 3.x配置Spring Security Rest [英] How to Configure Spring Security Rest for Grails 3.x
问题描述
如何为Grails 3.x配置 Spring Security Rest Plugin (目前为I使用Grails 3.1.0 RC2)。
$ b $
插件页面对添加编译 :spring-security-rest:$ {version} 到您的 BuildConfig.groovy ,但是 BuildConfig.groovy 已经从Grails 3.x中移除
编辑:插件页面上的文档已更新
所以我得到了这个工作。首先,位于[这里] [1]的文档更新。您需要将以下内容添加到 build.gradle
build.gradle
依赖项{
//其他依赖项
compileorg.grails。插件:spring-security-rest:2.0.0.M2
接下来,您需要运行Spring Security快速入门
grails s2-quickstart com.yourapp人员角色
最后,您需要配置过滤器链,但将以下内容添加到 application.groovy 。
application.groovy
grails.plugin.springsecurity.filterChain.chainMap = [
//无状态链
[
pattern:'/ api / **',
filters:'JOINED_FILTERS,-anonymousAuthenticationFilter, -exceptionTranslationFilter,-authenticationProcessingFilter,-securityContextPersistenceFilter,-rememberMeAuthenticationFilter'
],
//传统连锁
[
图案:'/ **',
过滤器:'JOINED_FILTERS,-restTokenValidationFilter,-restExceptionTranslationFilter'
]
]
替代选项:
我决定将配置移动到 application.yml ,所以我没有使用两种不同的配置语法。
$ b
替代配置#1:
使用 application.yml code> 标准默认设置
grails:
#其他配置值
plugin.springsecurity:
userLookup.userDomainClassName:'com.company.product.Person'
userLookup.authorityJoinClassName:'com.company.product.PersonRole'
authority.className:'com.company.product.Role'
controllerAnnotations.staticRules:
- {pattern:'/',access:['permitAll']}
- {pattern:'/ error',access:['permitAll']}
- {pattern:'/ index',access:['permitAll']}
- {pattern:'/index.gsp ',access:['permitAll']}
- {pattern:'/ shutdown',access:['permitAll']}
- {pattern:'/ assets / **',access:[ 'permitAll']}
- {pattern:'/ ** / js / **',access:['permitAll']}
- {pattern:'/ ** / css / **',access:['permitAll']}
- {pattern: '/ ** / images / **',access:['permitAll']}
- {pattern:'/**/favicon.ico',access:['permitAll']}
filterChain .chainMap:
- {pattern:'/ assets / **',filters:'none'}
- {pattern:'/ ** / js / **',过滤器:'none'}
- {pattern:'/ ** / css / **',过滤器:'none'}
- {pattern:'/ ** / images / **',过滤器:'none'}
- {pattern:'/**/favicon.ico',filters:'none'}
#Stateless链
- {pattern:'/ api / **',filters:' JOINED_FILTERS,-anonymousAuthenticationFilter,-exceptionTranslationFilter,-authenticationProcessingFilter,-securityContextPersistenceFilter,-rememberMeAuthenticationFilter'}
#Traditional链
- {pattern:'/ ** ,过滤器:'JOINED_FILTERS,-restTokenValidationFilter,-restExceptionTranslationFilter'}
我也是完全可选)
- 删除了所有与服务GSP相关的生成配置,因为我的应用只是一个API >
- 配置插件以使用GORM持久化授权令牌
- 用X-Auth-Token配置替换默认持票人令牌配置
所以我最终得到了这个
其他配置#2: $使用 application.yml 与仅使用GORM令牌存储和X-Auth令牌而不使用承载的API(无GSP)令牌
grails:
#其他配置值
plugin.springsecurity:
userLookup.userDomainClassName:'com.company.product.Person'
userLookup.authorityJoinClassName:'com.company.product.PersonRole'
authority.className:'com.company.product.Role'
filterChain.chainMap:
#Stateless链
- {pattern:'/ **',过滤器:'JOINED_FILTERS,-anonymousAuthenticationFilter, -exceptionTranslationFilter,-authenticationProcessingFilter,-securityContextPersistenceFilter,-rememberMeAuthenticationFilter'}
rest.token:
storage.gorm.tokenDomainClassName:'com.company.product.AuthenticationToken'
验证:
useBearerToken:false
headerName:'X-Auth-Token'
How do you configure Spring Security Rest Plugin for Grails 3.x (currently I'm using Grails 3.1.0 RC2).
The plugin page says to "Add compile :spring-security-rest:${version} to your BuildConfig.groovy," but BuildConfig.groovy has been removed from Grails 3.x
edit: the docs on the plugin page have been updated
SO I got this working. First off, the documentation located [here][1] is much more up to date. You need to add the following to build.gradle
build.gradle
dependencies {
//Other dependencies
compile "org.grails.plugins:spring-security-rest:2.0.0.M2"
}
Next, you need to run Spring Security quickstart
grails s2-quickstart com.yourapp Person Role
Finally, you need to configure the filter chain but adding the following into your application.groovy.
application.groovy
grails.plugin.springsecurity.filterChain.chainMap = [
//Stateless chain
[
pattern: '/api/**',
filters: 'JOINED_FILTERS,-anonymousAuthenticationFilter,-exceptionTranslationFilter,-authenticationProcessingFilter,-securityContextPersistenceFilter,-rememberMeAuthenticationFilter'
],
//Traditional chain
[
pattern: '/**',
filters: 'JOINED_FILTERS,-restTokenValidationFilter,-restExceptionTranslationFilter'
]
]
Alternatives:
I decided to move the configuration to application.yml, so I'm not using two different configuration syntaxes.
Alternative config #1:
using application.yml with standard default settings
grails:
# other config values
plugin.springsecurity:
userLookup.userDomainClassName: 'com.company.product.Person'
userLookup.authorityJoinClassName: 'com.company.product.PersonRole'
authority.className: 'com.company.product.Role'
controllerAnnotations.staticRules:
- {pattern: '/', access: ['permitAll']}
- {pattern: '/error', access: ['permitAll']}
- {pattern: '/index', access: ['permitAll']}
- {pattern: '/index.gsp', access: ['permitAll']}
- {pattern: '/shutdown', access: ['permitAll']}
- {pattern: '/assets/**', access: ['permitAll']}
- {pattern: '/**/js/**', access: ['permitAll']}
- {pattern: '/**/css/**', access: ['permitAll']}
- {pattern: '/**/images/**', access: ['permitAll']}
- {pattern: '/**/favicon.ico', access: ['permitAll']}
filterChain.chainMap:
- {pattern: '/assets/**', filters: 'none'}
- {pattern: '/**/js/**', filters: 'none'}
- {pattern: '/**/css/**', filters: 'none'}
- {pattern: '/**/images/**', filters: 'none'}
- {pattern: '/**/favicon.ico', filters: 'none'}
#Stateless chain
- {pattern: '/api/**', filters: 'JOINED_FILTERS,-anonymousAuthenticationFilter,-exceptionTranslationFilter,-authenticationProcessingFilter,-securityContextPersistenceFilter,-rememberMeAuthenticationFilter'}
#Traditional chain
- {pattern: '/**', filters: 'JOINED_FILTERS,-restTokenValidationFilter,-restExceptionTranslationFilter'}
I also (this is totally optional)
- removed all of the generated config that pertains to serving GSPs since my app is just an API
- configured the plugin to persist the authorization token using GORM
- replaced the default bearer tokens config with the X-Auth-Token config
so I ended up with this
Alternative config #2:
using application.yml with API only (No GSPs) with GORM token storage and X-Auth-Tokens instead of Bearer Tokens
grails:
# other config values
plugin.springsecurity:
userLookup.userDomainClassName: 'com.company.product.Person'
userLookup.authorityJoinClassName: 'com.company.product.PersonRole'
authority.className: 'com.company.product.Role'
filterChain.chainMap:
#Stateless chain
- {pattern: '/**', filters: 'JOINED_FILTERS,-anonymousAuthenticationFilter,-exceptionTranslationFilter,-authenticationProcessingFilter,-securityContextPersistenceFilter,-rememberMeAuthenticationFilter'}
rest.token:
storage.gorm.tokenDomainClassName: 'com.company.product.AuthenticationToken'
validation:
useBearerToken: false
headerName: 'X-Auth-Token'
这篇关于如何为Grails 3.x配置Spring Security Rest的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
