Grails Shiro plugin, unauthorized redirect missing context path

1
votes

Just started working with the Grails Shiro plugin for Grails 4.0.2 and have hit a little problem which I suspect is probably a config error on my part. The unauthorized redirect, i.e., the URL the user is redirected to if not authorized, does not appear to take account of the context path defined for the application (in server.servlet.context-path in application.groovy). So, for example, for my 'myapp' app, it's coming up with http://localhost:8090/auth/login?targetUri=/myapp/mycontroller/myaction instead of http://localhost:8090/myapp/auth/login?targetUri=/myapp/mycontroller/myaction. I can work round this, I'm sure, but is there somewhere I can configure this so it works correctly?

1
grailsshiro
It looks like it should do that - github.com/nerdErg/grails-shiro/blob/… - Set a break point there and see whats going on. - erichelgeson
At the risk of seeming like a complete idiot, I have to ask where the code for this plugin is stored? I can't find AccessControl.groovy anywhere in my Grails application directory, nor in .grails or .gradle in my home directory. - John Moore
You would not need the compiled jar location on the file system is to debug - your IDE should know where it is and allow you to set a break point. Either way it'd be under ~/.gradle or ~/.m2 - erichelgeson
Tried this. It doesn't hit that breakpoint. Trying to work out what the execution path is here. The problem isn't to do with my app, unfortunately. I created a new completely minimal test app and it occurs there too. I'm not sure how easy this is in fact to work around, at least in development mode, as the redirect URL is, of course, not handled by my Grails app so can't be dealt with there. Easy enough with an nginx rewrite rule for production, though. - John Moore
OK, the problem is occurring in the resolveViewOrRedirect method of ShiroGrailsExceptionResolver.groovy. This line is not taking into account the context path: String forwardUrl = UrlMappingUtils.buildDispatchUrlForMapping(info). - John Moore

1 Answers

0
votes

The problem is a bug in the ShiroGrailsExceptionResolver which relies on the UrlMappingUtils to create the "forwardUrl". If we were doing a forward this would work, but we're doing a redirect which relies on the context-path.

This should be fixed shortly thanks to, I presume your, bug report https://github.com/nerdErg/grails-shiro/issues/16

(and sorry for the delay)

I have just release v4.3 an 3.3 which fix this problem.