Unprotecting spring-security-saml endpoint using controllerAnnotations staticRules in Grails 3 -

January 15, 2013

i'm trying configure grails-spring-security-saml (https://github.com/jeffwils/grails-spring-security-saml) plugin in grails 3.2.6 application. using local openam identity provider. original doc shows configuration sample using intercepturlmap securityconfigtype protect controllers @secured annotations set securityconfigtype annotation. saw there rule in intercepturlmap permit access /spring-security-saml/** copied rule controllerannotations.staticrules

here resulting section in application.yml

grails: plugin:     springsecurity:         userlookup:             userdomainclassname: unbox.sso.user             authorityjoinclassname: unbox.sso.userrole             attributeclassname: unbox.sso.attribute         authority:             classname: unbox.sso.role         securityconfigtype: annotation         logout:           postonly: false         controllerannotations:             staticrules:                 - pattern: '/spring-security-saml/**'                   access: ['permitall']                 - pattern: '/'                   access: ['permitall']                 - pattern: '/index'                   access: ['permitall']                 - pattern: '/index.gsp'                   access: ['permitall']                 - pattern: '/error'                   access: ['permitall']                 - pattern: '/shutdown'                   access: ['permitall']                 - pattern: '/assets/**'                   access: ['permitall']                 - pattern: '/**/js/**'                   access: ['permitall']                 - pattern: '/**/css/**'                   access: ['permitall']                 - pattern: '/**/images/**'                   access: ['permitall']                 - pattern: '/**/favicon.ico'                   access: ['permitall']         intercepturlmap:             - pattern: '/public/**'               access: ['permitall']             - pattern: '/index'               access: ['permitall']             - pattern: '/index.gsp'               access: ['permitall']             - pattern: '/error'               access: ['permitall']             - pattern: '/assets/**'               access: ['permitall']             - pattern: '/**/js/**'               access: ['permitall']             - pattern: '/**/css/**'               access: ['permitall']             - pattern: '/**/images/**'               access: ['permitall']             - pattern: '/**/favicon.ico'               access: ['permitall']             - pattern: '/favicon.ico'               access: ['permitall']             - pattern: '/login'               access: ['permitall']             - pattern: '/login.*'               access: ['permitall']             - pattern: '/login/**'               access: ['permitall']             - pattern: '/logout'               access: ['permitall']             - pattern: '/logout.*'               access: ['permitall']             - pattern: '/logout/**'               access: ['permitall']             - pattern: '/public/**'               access: ['permitall']             - pattern: '/spring-security-saml/**'               access: ['permitall']             - pattern: '/**'               access: ['permitall']

but doesn't appear work, after log in openam , openam redirects me /spring-security-saml/saml/sso/alias/myapp, endpoint seems require authentication, redirects openam , i'm stuck in infinite redirection loop.

can me figure out endpoint configured and/or how can unprotect it?

Search This Blog

TY

Unprotecting spring-security-saml endpoint using controllerAnnotations staticRules in Grails 3 -

Comments

Post a Comment

Popular posts from this blog

html - How to set bootstrap input responsive width? -

javascript - Highchart x and y axes data from json -

javascript - Get js console.log as python variable in QWebView pyqt -