intellij에서 새로운 Grails (2.4.4) 프로젝트를 시작했고 compile ":spring-security-core:2.0.0"
을 추가하여 스프링 보안을 설치했습니다. 그런 다음 s2-quickstart io.mylife.feedmyface User Role
을 실행하여 도메인 클래스 인 User, Role 및 UserRole을 생성했습니다.이 작업도 정상적으로 수행되었으며 두 개의 역할과 사용자로 성공적으로 부트 스트랩되었습니다. 다음으로 로그인 & 로그 아웃 컨트롤러와 로그인보기 (target/work/plugins/spring-security-core-2.0.0/grails-app/controllers/grails/plugin/springsecurity
및 target/work/plugins/spring-security-core-2.0.0/grails-app/views/login
)를 각각 복사했습니다. 여기서 문제가 발생합니다. 다른 키워드와 마찬가지로 많은 수입품이 intellij에 의해 빨간색으로 표시되어 팝업창을 cannot resolve symbol 'Secured'
으로 표시합니다. 뷰에서 몇 가지 유사한 오류가 발생합니다 (예 : <div class='errors'><g:message code="springSecurity.denied.message" /></div>
이면 springSecurity.denied.message
은 빨간색으로 표시되고 cannot resolve property key
팝업으로 표시됩니다. 과거에는 코드를 생성 할 때 때로는 실제 문제가 발생하지 않는 것으로 나타 났지만 coz는보기에 덜 걱정합니다. 컨트롤러를 수정하는 방법을 알고 싶습니다. 내 기지를 커버하기 위해 내가 PostgreSQL db를 사용하고 있다고 언급 할 것이지만, 그것이 차이를 만들지는 모르겠다. 추가 정보를 제공해야하는지 알려주세요. 여기에 contollers '코드입니다 :Grails, spring security - 로그인 컨트롤러의 가져 오기가 작동하지 않음
인 LoginController :
/* Copyright 2013-2015 the original author or authors.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package io.mylife.feedmyface
import grails.converters.JSON
import javax.servlet.http.HttpServletResponse
/* 'security is red on all of the below imports'*/
import org.springframework.security.access.annotation.Secured
import org.springframework.security.authentication.AccountExpiredException
import org.springframework.security.authentication.CredentialsExpiredException
import org.springframework.security.authentication.DisabledException
import org.springframework.security.authentication.LockedException
import org.springframework.security.core.context.SecurityContextHolder as SCH
import org.springframework.security.web.WebAttributes
@Secured('permitAll') // 'Secured' is red
class LoginController {
/**
* Dependency injection for the authenticationTrustResolver.
*/
def authenticationTrustResolver
/**
* Dependency injection for the springSecurityService.
*/
def springSecurityService
/**
* Default action; redirects to 'defaultTargetUrl' if logged in, /login/auth otherwise.
*/
def index() {
if (springSecurityService.isLoggedIn()) {
redirect uri: SpringSecurityUtils.securityConfig.successHandler.defaultTargetUrl
}
else {
redirect action: 'auth', params: params
}
}
/**
* Show the login page.
*/
def auth() {
def config = SpringSecurityUtils.securityConfig
if (springSecurityService.isLoggedIn()) {
redirect uri: config.successHandler.defaultTargetUrl
return
}
String view = 'auth'
String postUrl = "${request.contextPath}${config.apf.filterProcessesUrl}"
render view: view, model: [postUrl: postUrl,
rememberMeParameter: config.rememberMe.parameter]
}
/**
* The redirect action for Ajax requests.
*/
def authAjax() {
response.setHeader 'Location', SpringSecurityUtils.securityConfig.auth.ajaxLoginFormUrl
response.sendError HttpServletResponse.SC_UNAUTHORIZED
}
/**
* Show denied page.
*/
def denied() {
if (springSecurityService.isLoggedIn() &&
authenticationTrustResolver.isRememberMe(SCH.context?.authentication)) {
// have cookie but the page is guarded with IS_AUTHENTICATED_FULLY
redirect action: 'full', params: params
}
}
/**
* Login page for users with a remember-me cookie but accessing a IS_AUTHENTICATED_FULLY page.
*/
def full() {
def config = SpringSecurityUtils.securityConfig
render view: 'auth', params: params,
model: [hasCookie: authenticationTrustResolver.isRememberMe(SCH.context?.authentication),
postUrl: "${request.contextPath}${config.apf.filterProcessesUrl}"]
}
/**
* Callback after a failed login. Redirects to the auth page with a warning message.
*/
def authfail() {
String msg = ''
def exception = session[WebAttributes.AUTHENTICATION_EXCEPTION]
if (exception) {
if (exception instanceof AccountExpiredException) { // 'AccountExpiredException' is red
msg = g.message(code: "springSecurity.errors.login.expired")
}
else if (exception instanceof CredentialsExpiredException) { // 'CredentialsExpiredException' is red
msg = g.message(code: "springSecurity.errors.login.passwordExpired")
}
else if (exception instanceof DisabledException) { // 'DisabledException' is red
msg = g.message(code: "springSecurity.errors.login.disabled")
}
else if (exception instanceof LockedException) { // 'LockedException' is red
msg = g.message(code: "springSecurity.errors.login.locked")
}
else {
msg = g.message(code: "springSecurity.errors.login.fail")
}
}
if (springSecurityService.isAjax(request)) {
render([error: msg] as JSON)
}
else {
flash.message = msg
redirect action: 'auth', params: params
}
}
/**
* The Ajax success redirect url.
*/
def ajaxSuccess() {
render([success: true, username: springSecurityService.authentication.name] as JSON)
}
/**
* The Ajax denied redirect url.
*/
def ajaxDenied() {
render([error: 'access denied'] as JSON)
}
}
LogoutController : 그것은 로그인과 로그 아웃 컨트롤러를 복사 할 필요는 없습니다
/* Copyright 2013-2015 the original author or authors.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package io.mylife.feedmyface
import javax.servlet.http.HttpServletResponse
/* Again, 'security' is red */
import org.springframework.security.access.annotation.Secured
import org.springframework.security.web.RedirectStrategy
@Secured('permitAll') // 'Secured' is red
class LogoutController {
/** Dependency injection for RedirectStrategy. */
RedirectStrategy redirectStrategy // 'RedirectStrategy' is red
/**
* Index action. Redirects to the Spring security logout uri.
*/
def index() {
if (!request.post && SpringSecurityUtils.getSecurityConfig().logout.postOnly) {
response.sendError HttpServletResponse.SC_METHOD_NOT_ALLOWED // 405
return
}
// TODO put any pre-logout code here
redirectStrategy.sendRedirect request, response, SpringSecurityUtils.securityConfig.logout.filterProcessesUrl // '/j_spring_security_logout'
response.flushBuffer()
}
}
먼저 로그인 및 로그 아웃 컨트롤러를 복사 할 필요가 없습니다. 보기 "auth.gsp"만 복사하면됩니다. 플러그인을 추가 한 후 두 번째로 애플리케이션을 컴파일하십시오. –