CODEWITHSUNDEEP
springgrails
fsi
fsi

Reputation: 1367

Grails spring security defaultTargetUrl going wrong path

Grails 2.4 with Spring security 2 3RC

I have this on my Config.groovy

grails.plugin.springsecurity.controllerAnnotations.staticRules = [
    '/':                              ['permitAll'],
    '/index':                         ['permitAll'],
    '/index.gsp':                     ['permitAll'],
    '/**/js/**':                      ['permitAll'],
    '/**/css/**':                     ['permitAll'],
    '/**/images/**':                  ['permitAll'],
    '/**/favicon.ico':                ['permitAll']
]
grails.plugin.springsecurity.successHandler.defaultTargetUrl = "/home/index"

But this keeping me redirecting to

assets/favicon.ico

And my HomeController is like that

@Secured(['ROLE_ADMIN', 'ROLE_USER'])
def index() {
    if (SpringSecurityUtils.ifAllGranted('ROLE_ADMIN')) {
        redirect controller: 'admin', action: 'index'
        return
    }
}

And I modify this in my UrlMapping: 

"/"(controller: 'home', action:'index')

Why it keeps me sending wrong path?

Update: using another computer, it redirects me to /asset/grails_logo.png

Upvotes: 3

Views: 1151

Answers (1)

dspies
dspies

Reputation: 1543

It sounds like you are having a similar problem to the one I experienced upgrading a Grails 1.x application to 2.4.2. When you attempt to access a URL/page that is protected by Spring Security authorization rules and you are not logged in, it redirects you to the login page. Upon successful login, it redirects you to the URL you requested. In this case, your favicon.ico and grails_logo.png are being protected by authorization rules, unintentionally I'm guessing, so it redirects you to the login page. Upon successful login, it redirects you to the favicon.ico or grails_logo.png URL because that is protected URL that was being requested when authorization failed. Change your authorization rules accordingly (may want to do both if you have assets in both locations):

If you are using the Asset Pipeline Plugin, use:

'/assets/**':     ['permitAll']

If you are using something like the Resources Plugin, use:

'/css/**':     ['permitAll'],
'/js/**':      ['permitAll'],
'/images/**':  ['permitAll']

Upvotes: 1

Related Questions