Grails 3.2.9/Sec 3.1.2 got "too many redirects" and unable to access /dbconsole

[ppazos]

I've been using the sec plugin for grails 2.x projects without problem, now trying to do a new project on Grails 3 I'm blocked on Sec config and not sure if this is a bug.

Here describes a similar problem, seems to be an issue with the hibernate plugin: http://stackoverflow.com/questions/28628398/redirect-loop-with-requestmap-with-grails-spring-security-core-2-0rc4

My case:

Created a new app, added compile 'org.grails.plugins:spring-security-core:3.1.2' at the end of my dependencies, and did:

grails s2-quickstart com.cabolabs.security User Role RequestMap

Then grails run-app.

Trying to access the /dbconsole, redirects to /login/auth /login/auth got "localhost redirected you too many times." ERR_TOO_MANY_REDIRECTS

Added this on bootstrap, no change to the redirect problem:

for (String url in [
      '/', '/error', '/index', '/index.gsp', '/**/favicon.ico', '/shutdown',
      '/**/js/**', '/**/css/**', '/**/images/**',
      '/login', '/login.*', '/login/*',
      '/logout', '/logout.*', '/logout/*']) {
   new Requestmap(url: url, configAttribute: 'permitAll').save()
}

application.groovy generated from the quickstart script:

// Added by the Spring Security Core plugin:
grails.plugin.springsecurity.userLookup.userDomainClassName = 'com.cabolabs.security.User'
grails.plugin.springsecurity.userLookup.authorityJoinClassName = 'com.cabolabs.security.UserRole'
grails.plugin.springsecurity.authority.className = 'com.cabolabs.security.Role'
grails.plugin.springsecurity.requestMap.className = 'com.cabolabs.security.RequestMap'
grails.plugin.springsecurity.securityConfigType = 'Requestmap'
grails.plugin.springsecurity.controllerAnnotations.staticRules = [
    [pattern: '/',               access: ['permitAll']],
    [pattern: '/error',          access: ['permitAll']],
    [pattern: '/index',          access: ['permitAll']],
    [pattern: '/index.gsp',      access: ['permitAll']],
    [pattern: '/shutdown',       access: ['permitAll']],
    [pattern: '/assets/**',      access: ['permitAll']],
    [pattern: '/**/js/**',       access: ['permitAll']],
    [pattern: '/**/css/**',      access: ['permitAll']],
    [pattern: '/**/images/**',   access: ['permitAll']],
    [pattern: '/**/favicon.ico', access: ['permitAll']]
]

grails.plugin.springsecurity.filterChain.chainMap = [
    [pattern: '/assets/**',      filters: 'none'],
    [pattern: '/**/js/**',       filters: 'none'],
    [pattern: '/**/css/**',      filters: 'none'],
    [pattern: '/**/images/**',   filters: 'none'],
    [pattern: '/**/favicon.ico', filters: 'none'],
    [pattern: '/**',             filters: 'JOINED_FILTERS']
]

build.gradle

buildscript {
    repositories {
        mavenLocal()
        maven { url "https://repo.grails.org/grails/core" }
    }
    dependencies {
        classpath "org.grails:grails-gradle-plugin:$grailsVersion"
        classpath "com.bertramlabs.plugins:asset-pipeline-gradle:2.14.1"
        classpath "org.grails.plugins:hibernate5:${gormVersion-".RELEASE"}"
    }
}

version "0.1"
group "notes2"

apply plugin:"eclipse"
apply plugin:"idea"
apply plugin:"war"
apply plugin:"org.grails.grails-web"
apply plugin:"org.grails.grails-gsp"
apply plugin:"asset-pipeline"

repositories {
    mavenLocal()
    maven { url "https://repo.grails.org/grails/core" }
}

dependencies {
    compile "org.springframework.boot:spring-boot-starter-logging"
    compile "org.springframework.boot:spring-boot-autoconfigure"
    compile "org.grails:grails-core"
    compile "org.springframework.boot:spring-boot-starter-actuator"
    compile "org.springframework.boot:spring-boot-starter-tomcat"
    compile "org.grails:grails-dependencies"
    compile "org.grails:grails-web-boot"
    compile "org.grails.plugins:cache"
    compile "org.grails.plugins:scaffolding"
    compile "org.grails.plugins:hibernate5"
    compile "org.hibernate:hibernate-core:5.1.3.Final"
    compile "org.hibernate:hibernate-ehcache:5.1.3.Final"
    console "org.grails:grails-console"
    profile "org.grails.profiles:web"
    runtime "com.bertramlabs.plugins:asset-pipeline-grails:2.14.1"
    runtime "com.h2database:h2"
    testCompile "org.grails:grails-plugin-testing"
    testCompile "org.grails.plugins:geb"
    testRuntime "org.seleniumhq.selenium:selenium-htmlunit-driver:2.47.1"
    testRuntime "net.sourceforge.htmlunit:htmlunit:2.18"
    compile 'org.grails.plugins:spring-security-core:3.1.2'
}

bootRun {
    jvmArgs('-Dspring.output.ansi.enabled=always')
    addResources = true
}

assets {
    minifyJs = true
    minifyCss = true
}

[sdelamo]

Tr to call clearCachedRequestMaps() after saving the request maps

springSecurityService.clearCachedRequestmaps()

Check http://grails-plugins.github.io/grails-spring-security-core/v3/index.html#requestmap-cache

If it does not help, please provide a sample project in github.

[ppazos]

Yes! that broke the too many redirects. Maybe this should be added to the docs:

Bootstrap:

       for (String url in [
              '/', '/error', '/index', '/index.gsp', '/**/favicon.ico', '/shutdown',
              '/**/js/**', '/**/css/**', '/**/images/**',
              '/login', '/login.*', '/login/*',
              '/logout', '/logout.*', '/logout/*']) {
           new RequestMap(url: url, configAttribute: 'permitAll').save(failOnError:true)
        }

        springSecurityService.clearCachedRequestmaps()

I also needed to add this to access the dbconsole

new RequestMap(url: '/dbconsole/**', configAttribute: 'ROLE_ADMIN').save(failOnError:true)

Thanks!

[ppazos]

@sdelamo please consider to update the status of this issue.

The solution you proposed should be included on the docs. Should I create another issue for that?

[sdelamo]

Thanks @ppazos I will updated the docs in the next release. Don't need to create a new issue.