我正在使用 grails 5.2.5 和 spring security 5.6.0。当发生 403 时,访问拒绝消息会写入浏览器文档中。我想显示 403 特定的视图页面。但它不起作用。我的代码如下:
URL映射:
'403'(controller: 'error', action: 'denied')
错误控制器拒绝操作:
def denied() {
render(view: '/error/denied', model: [errorMessage: "403 sample error"])
}
拒绝查看错误目录下的页面:
<section class="content">
<h1 style="color: red">${errorMessage}</h1>
</section>
但这不起作用。相反,它会向浏览器写入以下消息:
Access to localhost was denied
You don't have authorization to view this page.
HTTP ERROR 403
application.groovy>>
// Added by the Spring Security Core plugin:
grails.plugin.springsecurity.userLookup.userDomainClassName = 'com.org.auth.User'
grails.plugin.springsecurity.userLookup.authorityJoinClassName = 'com.org.auth.UserRole'
grails.plugin.springsecurity.authority.className = 'com.org.auth.Role'
grails.plugin.springsecurity.requestMap.className = 'com.org.auth.Requestmap'
grails.plugin.springsecurity.securityConfigType = 'Requestmap'
grails.plugin.springsecurity.controllerAnnotations.staticRules = [
[pattern: '/', access: ['permitAll']],
[pattern: '/error', access: ['permitAll']],
[pattern: '/index', access: ['permitAll']],
[pattern: '/index.gsp', access: ['permitAll']],
[pattern: '/shutdown', access: ['permitAll']],
[pattern: '/assets/**', access: ['permitAll']],
[pattern: '/**/js/**', access: ['permitAll']],
[pattern: '/**/css/**', access: ['permitAll']],
[pattern: '/**/images/**', access: ['permitAll']],
[pattern: '/**/favicon.ico', access: ['permitAll']]
]
grails.plugin.springsecurity.filterChain.chainMap = [
[pattern: '/assets/**', filters: 'none'],
[pattern: '/**/js/**', filters: 'none'],
[pattern: '/**/css/**', filters: 'none'],
[pattern: '/**/images/**', filters: 'none'],
[pattern: '/**/favicon.ico', filters: 'none'],
[pattern: '/**', filters: 'JOINED_FILTERS']
]
grails.plugin.springsecurity.logout.postOnly = false // just for test
该怎么办?!!
我通过 stackoverflow.com 链接找到了一个锻炼方法:在 application.groovy 中配置。
我必须在 application.groovy 文件中添加这一行:
grails.plugin.springsecurity.adh.errorPage = null