春季安全注销处理程序不起作用 [英] spring security logout handler not working

问题描述

我有Grails插件spring-security-core-1.2.1

我在grails-app / conf / spring / resources中注册了安全事件监听器作为spring bean .groovy：

  securityEventListener（LoggingSecurityEventListener）
  

并为grails-app / conf / Config.groovy添加两个：

  grails .plugins.springsecurity.useSecurityEventListener = true 
 grails.plugins.springsecurity.logout.handlerNames = 
 ['rememberMeServices'，$ b $'securityContextLogoutHandler'，$ b $'securityEventListener'] 
  

我的日志/注销侦听器

  class LoggingSecurityEventListener实现ApplicationListener< AbstractAuthenticationEvent>，LogoutHandler {
 
 void onApplicationEvent（AbstractAuthenticationEvent event）{
 System.out.println（'appEvent'）
} 
 
 
 void logout（HttpServletRequest请求，HttpServletResponse响应，
身份验证身份验证）{
 System.out.println（'logout'）
} 
 
} 
  

对ApplicationEvent有效，但注销无效
可能是什么问题？

或者您可以告诉如何获取所有日志记录用户

解决方案

当您设置

  grails.plugins.springsecurity.useSecurityEventListener = true 
  

spring安全插件将注册它自己的事件侦听器，名为 securityEventListener 。从 handlerNames 查找到的处理程序可能会让插件注册一个而不是您的。尝试将你的bean重命名为：

  loggingSecurityEventListener（LoggingSecurityEventListener）
  

并用

替换 handlerNames

  grails.plugins.springsecurity.logout.handlerNames = 
 ['rememberMeServices'，$ b $'securityContextLogoutHandler'，
'loggingSecurityEventListener'] 
  plugins   - > <$ c $> $ c $> 
 $ b> 
 
 
 C>插件）。如果您使用grails spring-security插件2.0或更高版本，请使用以下命令： 
 
 
  grails.plugin.springsecurity.logout .handlerNames 
  
 
i have grails pluggin spring-security-core-1.2.1


I registered security event listener as a spring bean in grails-app/conf/spring/resources.groovy:
securityEventListener(LoggingSecurityEventListener)
and make two additions to grails-app/conf/Config.groovy:
grails.plugins.springsecurity.useSecurityEventListener = true
grails.plugins.springsecurity.logout.handlerNames =
    ['rememberMeServices',
            'securityContextLogoutHandler',
            'securityEventListener']
my logging/logout listener
class LoggingSecurityEventListener implements ApplicationListener<AbstractAuthenticationEvent>, LogoutHandler {

            void onApplicationEvent(AbstractAuthenticationEvent event) {
                System.out.println('appEvent')
            }


            void logout(HttpServletRequest request, HttpServletResponse response,
                            Authentication authentication) {
                System.out.println('logout')
            }

}
on ApplicationEvent works good, but logout not working
what could be the problem?

or you can tell how to get all logging users
解决方案
When you set
grails.plugins.springsecurity.useSecurityEventListener = true
the spring security plugin will register it's own event listener called securityEventListener.  The handler looked up from handlerNames is probably getting the plugin registered one instead of yours.  Try renaming your bean to something like:
loggingSecurityEventListener(LoggingSecurityEventListener)
and replacing the handlerNames with
grails.plugins.springsecurity.logout.handlerNames = 
    ['rememberMeServices',
     'securityContextLogoutHandler',
     'loggingSecurityEventListener']
NOTE: the configuration property names have changed (plugins -> plugin).  If you're using the grails spring-security plugin version 2.0 or later, use this:
grails.plugin.springsecurity.logout.handlerNames


                        
这篇关于春季安全注销处理程序不起作用的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！