我希望任何用戶能夠將自己的名字提交給志願者表單,但只有管理員才能查看任何其他URL。不幸的是,我似乎無法得到這個正確的。我的resources.xml如下所示;Spring Security 3.0 - 攔截URL - 所有頁面都需要身份驗證,但只有一個
<?xml version="1.0" encoding="UTF-8"?>
<beans:beans xmlns="http://www.springframework.org/schema/security"
xmlns:beans="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-3.0.xsd
http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-3.0.xsd">
<http realm = "BumBumTrain Personnel list requires you to login" auto-config="true" use-expressions="true">
<http-basic/>
<intercept-url pattern="/person/volunteer*" access=""/>
<intercept-url pattern="/**" access="isAuthenticated()" />
</http>
<authentication-manager alias="authenticationManager">
<authentication-provider>
<user-service>
<user name="admin" password="admin" authorities="ROLE_ADMIN"/>
</user-service>
</authentication-provider>
</authentication-manager>
</beans:beans>
具體而言,我試圖實現我所描述的訪問設置;
<intercept-url pattern="/person/volunteer*" access=""/>
<intercept-url pattern="/**" access="isAuthenticated()" />
難道有人請描述如何使用攔截url來實現我描述的結果嗎?
感謝
GAV株系
對於一個Grails應用程序,我需要什麼理由;
<intercept-url pattern="/person/volunteer/**" access="" filters="none"/>
<intercept-url pattern="/images/**" access="" filters="none"/>
<intercept-url pattern="/css/**" access="" filters="none"/>
<intercept-url pattern="/js/**" access="" filters="none"/>
<intercept-url pattern="/**" access="ROLE_ADMIN" />
爲了得到這個工作,請注意第一條規則的差異。
從3.1開始,應該使用' '。 –
2016-08-20 05:16:16