Grails 3 + Rest API + Spring Security
Может ли кто-нибудь помочь мне со ссылками на справочную реализацию Grails 3 + REST API и Spring Security и как мне получить к нему доступ из клиента API, такого как Postman?
Домен Объект
import grails.rest.*
@Resource(readOnly = false, formats = ['json', 'xml'])
class Contact {
String firstName
String lastName
String gender
String email
String birthDT
String comments
static constraints = {
birthDT (blank:true, nullable:true)
}
}
Контроллер установлен как
import grails.rest.*
import grails.converters.*
import grails.plugin.springsecurity.annotation.Secured
@Secured(['ROLE_USER'])
class ContactController extends RestfulController {
static responseFormats = ['json', 'xml']
ContactController() {
super(Contact)
}
}
Когда я захожу в браузер с http://localhost:8080/contact/, он работает
Как я могу проверить это на отдыхе клиента, такого как "Почтальон"? Я первый таймер с REST и Spring Security. Кроме того, я обновил свой Application.groovy, и я не уверен, что здесь тоже нужно исправить
>>
grails.plugin.springsecurity.filterChain.chainMap = [
//Stateless chain
[
pattern: '/**',
filters: 'JOINED_FILTERS,-anonymousAuthenticationFilter,-exceptionTranslationFilter,-authenticationProcessingFilter,-securityContextPersistenceFilter,-rememberMeAuthenticationFilter'
],
//Traditional, stateful chain
[
pattern: '/stateful/**',
filters: 'JOINED_FILTERS,-restTokenValidationFilter,-restExceptionTranslationFilter'
]
]
// Added by the Spring Security Core plugin:
grails.plugin.springsecurity.userLookup.userDomainClassName = 'com.myapp.User'
grails.plugin.springsecurity.userLookup.authorityJoinClassName = 'com.myapp.UserRole'
grails.plugin.springsecurity.authority.className = 'com.myapp.Role'
grails.plugin.springsecurity.controllerAnnotations.staticRules = [
[pattern: '/', access: ['permitAll']],
[pattern: '/error', access: ['permitAll']],
[pattern: '/index', access: ['permitAll']],
[pattern: '/index.gsp', access: ['permitAll']],
[pattern: '/shutdown', access: ['permitAll']],
[pattern: '/assets/**', access: ['permitAll']],
[pattern: '/**/js/**', access: ['permitAll']],
[pattern: '/**/css/**', access: ['permitAll']],
[pattern: '/**/images/**', access: ['permitAll']],
[pattern: '/dbconsole/**', access: ['permitAll']],
[pattern: '/**/favicon.ico', access: ['permitAll']]
]
grails.plugin.springsecurity.filterChain.chainMap = [
[pattern: '/assets/**', filters: 'none'],
[pattern: '/**/js/**', filters: 'none'],
[pattern: '/**/css/**', filters: 'none'],
[pattern: '/**/images/**', filters: 'none'],
[pattern: '/**/favicon.ico', filters: 'none'],
[pattern: '/**', filters: 'JOINED_FILTERS']
]
environments {
development {
grails.dbconsole.enabled = true
}
}
grails.plugin.springsecurity.rememberMe.persistent = true
grails.plugin.springsecurity.rememberMe.persistentToken.domainClassName = 'com.myapp.PersistentLogin'
graills.plugin.springsecurity.rest.login.active=true
grails.plugin.springsecurity.rest.login.endpointUrl='/login'
grails.plugin.springsecurity.rest.login.failureStatusCode=401
grails.plugin.springsecurity.rest.login.useJsonCredentials=true
grails.plugin.springsecurity.rest.login.usernamePropertyName='username'
grails.plugin.springsecurity.rest.login.passwordPropertyName='password'
grails.plugin.springsecurity.rest.logout.endpointUrl='/auth/logout'
grails.plugin.springsecurity.rest.token.generation.useSecureRandom=true
grails.plugin.springsecurity.rest.token.validation.headerName='X-Auth-Token'
grails.plugin.springsecurity.rest.token.generation.useUUID=false
grails.plugin.springsecurity.rest.token.validation.active=true
grails.plugin.springsecurity.rest.token.validation.endpointUrl='/auth/validate'
>>
URL-сопоставления являются стандартными
package contactsdb
class UrlMappings {
static mappings = {
"/$controller/$action?/$id?(.$format)?"{
constraints {
// apply constraints here
}
}
"/"(view: '/index')
"500"(view: '/error')
"404"(view: '/notFound')
}
}