1、
注意:下图版本会报错
需要在下图文件中添加这句话
grails.plugin.springsecurity.rest.token.storage.jwt.useSignedJwt = false
或
grails.plugin.springsecurity.rest.token.storage.jwt.secret = 'qrD6h8K6S9503Q06Y6Rfk21TErImPYqa'
2、默认使用JWT,refresh_token永不过期,access_token:一个小时后过期
grails.plugin.springsecurity.rest.token.storage.jwt.expiration = 3600
3、访问方法 header: {
Authorization: token_type+空格+access_token / refresh_token
}
4、安全策略的3中访问方式:
如果你的角色是允许客户自行添加的话,建议使用RequestMap,具体使用方式如下:
1、使用命令添加:
grails s2-quickstart com.yourapp Person Authority Requestmap
2、在bootStrap初始化中添加:
for (String url in [
'/', '/error', '/index', '/index.gsp', '/**/favicon.ico', '/shutdown',
'/assets/**', '/**/js/**', '/**/css/**', '/**/images/**',
'/login', '/login.*', '/login/*',
'/logout', '/logout.*', '/logout/*']) {
new Requestmap(url: url, configAttribute: 'permitAll').save()
}
new Requestmap(url: '/profile/**', configAttribute: 'ROLE_USER').save()
new Requestmap(url: '/admin/**', configAttribute: 'ROLE_ADMIN').save()
new Requestmap(url: '/admin/role/**', configAttribute: 'ROLE_SUPERVISOR').save()
new Requestmap(url: '/admin/user/**',
configAttribute: 'ROLE_ADMIN,ROLE_SUPERVISOR').save()
new Requestmap(url: '/login/impersonate',
configAttribute: 'ROLE_SWITCH_USER,isFullyAuthenticated()').save()
springSecurityService.clearCachedRequestmaps()
注意:
否则不生效