Grails Spring Security 和 CAS 问题

Posted 2023-02-27

【中文标题】Grails Spring Security 和 CAS 问题

【英文标题】：Grails Spring Security and CAS issue

【发布时间】：2013-05-25 08:31:54

【问题描述】：

我已经使用 s2-quickstart 和 Spring Security CAS 插件安装了 Spring Security。我正确设置了 CAS 插件（我相信），但是当我尝试访问 localhost:8080/caslogin/j_spring_security_check 页面以强制进行 CAS 登录时，我被重定向到默认的 Spring Security 登录页面而不是 CAS 登录页面我们公司已经成立。有谁知道可能导致这种行为的原因是什么？这是我当前在 Config.groovy 中的 CAS 设置：

grails.plugins.springsecurity.cas.loginUri = '/login'
grails.plugins.springsecurity.cas.serverUrlPrefix = 'https://cas-server/cas'
grails.plugins.springsecurity.cas.key = 'grails-spring-security-cas'
grails.plugins.springsecurity.cas.filterProcessUrl = '/j_spring_security_check'
grails.plugins.springsecurity.cas.serverName = 'http://localhost:8080'
grails.plugins.springsecurity.cas.serviceUrl = 'http://localhost:8080/caslogin/j_spring_security_check'
grails.plugins.springsecurity.cas.proxyCallbackUrl = 'http://localhost:8080/caslogin/secure/receptor'
grails.plugins.springsecurity.cas.proxyReceptorUrl = '/secure/receptor'
grails.plugins.springsecurity.cas.active = true

grails.plugins.springsecurity.providerNames = ['casAuthenticationProvider']

// Added by the Spring Security Core plugin:
grails.plugins.springsecurity.userLookup.userDomainClassName = 'com.mycompany.caslogin.User'
grails.plugins.springsecurity.userLookup.authorityJoinClassName = 'com.mycompany.caslogin.UserRole'
grails.plugins.springsecurity.authority.className = 'com.mycompany.caslogin.Role'

【参考方案1】：

我们已经在 Grails 应用程序中成功使用了 CAS，请查看下面的 Config.groovy：

在我的情况下，当我尝试访问 localhost:8080/MyApp/j_spring_cas_security_check 时，我得到一个拒绝访问 404。

grails.serverURL = "http://192.168.10.12:8080/MyApp"

plugins 

    springsecurity 

        active = true
        rejectIfNoRule = false

        password.algorithm = 'SHA-256'
        securityConfigType = grails.plugins.springsecurity.SecurityConfigType.Requestmap //url permission
        apf.filterProcessesUrl = '/j_spring_security_check'

        auth 
            forceHttps = false
            loginFormUrl = '/access/login'
            ajaxLoginFormUrl = '/access/login?remote=true'
        
        adh 
            errorPage = '/access/denied'
            ajaxErrorPage = '/acesso/denied?remote=true'
        
        ajaxHeader = 'X-Requested-With'
        failureHandler 
            ajaxAuthFailUrl = '/access/fail?remote=true'
            defaultFailureUrl = '/access/fail?login_error=1' //TODO
        
        successHandler 
            defaultTargetUrl = '/'
            alwaysUseDefault = false
        

        // Configuracao do CAS
        providerNames = ['casAuthenticationProvider']

        cas 
            serverUrlPrefix = 'https://mycompany.com.br:8443/cas'
            loginUri = '/login'
            proxyReceptorUrl = '/secure/receptor'
            serviceUrl = "$grails.serverURL/j_spring_cas_security_check"
            proxyCallbackUrl = "$grails.serverURL/secure/receptor"
        

        logout.afterLogoutUrl = 'https://mycompany.com.br:8443/cas/logout?service=$grails.serverURL/'

        // Customizacao de Entidades
        userLookup.userDomainClassName = 'br.com.mycompany.app.access.User'
        userLookup.authoritiesPropertyName = 'permissions'
        authority.className = 'br.com.mycompany.app.access.Permission'
        requestMap.className = 'br.com.mycompany.app.access.UrlAccess'
        requestMap.configAttributeField = 'ruleExpression'