在 grails 中使用外部 Web 服务对用户进行身份验证 [英] Authenticate user using external webservice in grails

问题描述

在我的 grails 应用程序中，我使用 spring 安全插件来处理使用用户电子邮件和密码的身份验证.

In my grails application I'm using spring security plugin to handle authentication using email and password of a user.

现在我需要将我的应用程序与处理会员号和密码的外部系统集成.

Now I need to integrate my application with an external system which works on membership number and password.

在第二种情况下，我想通过询问他们的会员号和密码来验证用户身份，调用外部网络服务获取他们的信息(如电子邮件)并在我当前的应用程序中对他们进行身份验证.

In 2nd scenario I want to authenticate user by asking them their membership number and password call an external web-service fetch their information like email and authenticate them in my current application.

如此有效的用户可以直接使用他们的电子邮件地址和密码组合或会员号和密码组合来验证他们自己.

So effectively user can either use directly their email address and password combination or membership number and password combination to authenticate them selves.

关于如何实现这一目标的任何建议......提前致谢:-)

Any suggestion how I can achieve this ... thanks in advance :-)

推荐答案

请看我对 Spring 安全和外部应用程序认证(单点登录) 和 将 Spring Security 3.x 配置为具有多个入口点.您需要创建两个令牌(一个可以是默认的 UsernamePasswordAuthenticationToken，第二个可以是您自定义的 MembershipPasswordAuthenticationToken(基本上是 UsernamePasswordAuthenticationToken 的副本，扩展 >AbstractAuthenticationToken).由于一个身份验证提供程序可以支持多个令牌，您可以在提供程序中编写逻辑来检查令牌的类别并进行适当的身份验证.例如，如果传入的令牌属于 MembershipPasswordAuthenticationToken 然后调用网络服务以获取电子邮件.

Please see my answers to Spring Security and External Application for Authentication (Single-sign-on) and Configuring Spring Security 3.x to have multiple entry points. You need to create two tokens (one can be the default UsernamePasswordAuthenticationToken and second could be your custom MembershipPasswordAuthenticationToken (basically a duplicate of UsernamePasswordAuthenticationToken extending AbstractAuthenticationToken). Since one authentication provider can support more than one token, you can write logic in your provider to check class of token and do appropriate authentication. For example, if incoming token is of class MembershipPasswordAuthenticationToken then call webservice to get email.

这篇关于在 grails 中使用外部 Web 服务对用户进行身份验证的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！