I use the spring -security-core plugin and I created a custom denied.gsp page in /views/login/denied.gsp. If I go to the page directly through / login / denied, I see that the layout has been applied. However, if I try to access a page with limited access, and I am redirected to denied.gsp , it just displays the exact html without processing the layout.
<html><head>
<title>Denied</title>
<meta name="layout" content="main">
</head>
<body>
<section class="breadcrumb p07">
<p><a href="/">Home</a> Denied</p>
</section>
<section class="content">
<p>Sorry, you're not authorized to view this page.</p>
</section>
</body></html>
I have set this to false, so everything is not locked by default:
grails.plugin.springsecurity.rejectIfNoRule = false
grails.plugin.springsecurity.fii.rejectPublicInvocations = false
AdminController:
@Secured(['ROLE_ADMIN'])
class AdminController {
def index() {
}
}
So, for example, I am registered as ROLE_USER, and then go to / admin, it denies me correctly. However, it does not have a style on the page.
There are no additional rules regarding css, js, etc.
, . ?