arjangch opened a new issue, #1184: URL: https://github.com/apache/grails-spring-security/issues/1184
### Expected Behavior I stop the app and remove Admin user from BootStrap, i expect Admin user has no access any more. ### Actual Behaviour Even Admin user does exist anymore. I can verify that from H2-DB and in grails-spring-security-ui:7.0.0-RC2 console. Admin user still has access to the app. You can go page to page no problem. You are still Amin. Even admin user doesn't exist. ### Steps To Reproduce 1. create an app with 'grails-spring-security:7.0.0-RC2' or 'grails-spring-security-ui:7.0.0-RC2'. 2. add Admin user and role from BootStrap.groovy 3. Create an GSP page with tags <sec:username/> or <sec:loggedInUserInfo field='username'/> 4. start the app. 5. login with Remember Me checked. 6. All work correctly 7. Don't close browser 8. turn OFF the app 9. remove Admin from BootStrap.groovy 10. Start app 11. go back to browser 12. Shift-Reload browser, 13. tags <sec:username/> or <sec:loggedInUserInfo field='username'/> still think you are login as Admin You can go page to page no problem. You are still Amin. Even admin user doesn't exist. ### Environment Information java=21.0.8-zulu gradle=8.14.3 groovy=4.0.28 grails=7.0.0-RC2 ### Example Application https://github.com/arjangch/grails-project-helper/tree/main/example3 ### Version 7.0.0-RC2 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected]
