Unauthorized redirect missing context path #16
Comments
|
I don't know whether this is part of the same issue, but setting |
|
The good news is that using accessControl() from an Interceptor doesn't exhibit this problem, so I have a workaround. This appears to be restricted to using annotations. (EDITED: Removed extra comments here which turned out to be wrong) |
|
You can tell the ShiroGrailsExceptionResolver where to redirect via URL mapping for 403/401 see https://nerderg.com/docs/shiro/guide.html#redirecting-unauthenticated-and-unauthorized That should "just work". Thanks for the feedback. We have tested the |
|
I think Seems the documentation fell fowl of YAML indentation. |
|
Thanks, I'll give that a go. There are a couple of problems with the documentation, incidentally, in this area. In AccessControl.loginRedirect(), there is this: |
|
pushed fixes to guide.adoc will get them online today |
|
Is that a commit to fix the docs, or to address the issue with the context path? |
|
docs |
|
Sorry to take so long looking at context path issue again. |
|
It looks like it's possibly a Grails 4 issue where the context-path isn't added to the DefaultUrlMapping Info - investigating. |
|
latest commit upgrade to 4.3 of the plugin fixes the context-path issue and removes the use of the URL mapping as a separate configuration for Annotations. See the guide update for info. |
|
Thanks very much! I'll give it a go as soon as I get the chance. |
|
Also updated the grails 3 version (grails 3 branch). |
|
What am I missing?
`| Error Error initializing classpath: Could not find org.grails.plugins:grails-shiro:4.3. |
|
you need to install the plugin locally from source to test it out - I haven't published it yet :-) See the README.adoc for details. I'm just implementing a few more tests before publishing (found a bug already!) |
|
I have now published the plugins, both v3.3 and v4.3 they may take a while to show up on the grails plugin portal but you can see them at https://bintray.com/beta/#/nerderg/plugins/grails-shiro?tab=overview |
|
I can confirm this is now working. Thanks! |
In a Grails 4.0.2 app, with version 4.1 of the plugin, the unauthorized redirect, i.e., the URL the user is redirected to if not authorized, does not take account of the context path defined for the application (in server.servlet.context-path in application.groovy). So, for example, for my 'myapp' app, it comes up with http://localhost:8090/auth/login?targetUri=/myapp/mycontroller/myaction instead of http://localhost:8090/myapp/auth/login?targetUri=/myapp/mycontroller/myaction. The problem is in the resolveViewOrRedirect method of ShiroGrailsExceptionResolver.groovy. This line does not take into account the context path: `String forwardUrl = UrlMappingUtils.buildDispatchUrlForMapping(info).
Not sure whether a workaround for this is possible via settings? Bit of a showstopper as it is (as the redirect URL is not handled by my Grails app).
Small app attached which demonstrates the issue.
myapp.zip
`
The text was updated successfully, but these errors were encountered: