使用多个数据库时，Grails 2无法使用Spring Security登录 [英] Grails 2 can't login with spring security when using multiple databases

问题描述

在Grails 2.0.3上，我按照以下教程安装了Spring Security Core并创建了User，UserRole和Role对象:

On Grails 2.0.3, I installed Spring Security Core and created the User, UserRole and Role objects as per the tutorial: http://blog.springsource.org/2010/08/11/simplified-spring-security-with-grails/

一切顺利，直到我决定添加第二个数据源以准备从其他数据库访问对象. DataSource.groovy看起来像这样:

All went fine until I decided to add a second datasource in preparation for accessing objects from a different database. DataSource.groovy looks like this:

test {
    dataSource_product {
        dbCreate = "update"
        url = "jdbc:mysql://localhost/products"
        pooled = true
        driverClassName = "com.mysql.jdbc.Driver"
        username = "blah"
        password = "blah"
        loggingSql = true
        dialect = 'org.hibernate.dialect.MySQL5InnoDBDialect'
    }
    dataSource {
        dbCreate = "update"
        url = "jdbc:mysql://localhost/core"
        pooled = true
        driverClassName = "com.mysql.jdbc.Driver"
        username = "blah"
        password = "blah"
        loggingSql = true
        dialect = 'org.hibernate.dialect.MySQL5InnoDBDialect'
    }
}

现在我无法登录-即使我所做的只是添加datasource_product.如果我将其注释掉并重新创建用户(在Bootstrap.groovy中)，则可以再次登录. Bootstrap.groovy包含:

Now I can't log in - even though all I have done is add datasource_product. If I comment this out and recreating the users (in Bootstrap.groovy) then I can log in again. Bootstrap.groovy contains:

def init =
{ servletContext ->

    // Add in roles
    Role.withTransaction { 
        def adminRole = Role.findByAuthority ( Role.ROLE_ADMIN ) ?: new Role ( authority: Role.ROLE_ADMIN ).save ( failOnError: true )

        def adminUser = User.findByUsername ( 'admin' ) ?: new User (
                username: 'blah',
                password: 'blah',
                enabled: true ).save ( failOnError: true )
        if ( !adminUser.authorities.contains ( adminRole ) ) UserRole.create ( adminUser, adminRole )
}

有什么想法吗?

推荐答案

Gaaaahh.找到了这个: http://jira.grails.org/browse/GRAILS-8237 -显然，对于每个数据源，在每个域上都会调用beforeInsert.这意味着，在我的User对象中，encodePassword被调用了两次-我对密码进行了双重编码:

Gaaaahh. Found this: http://jira.grails.org/browse/GRAILS-8237 - apparently, beforeInsert gets called on each domain for every datasource. This means that, in my User object encodePassword is getting called twice - I'm double-encoding the password:

def beforeInsert() {
    encodePassword()
}

def beforeUpdate() {
    if (isDirty('password'))
        encodePassword()
}

protected void encodePassword() {
    password = springSecurityService.encodePassword(password)
}

我在JIRA中看到了一个补丁，但是直到发布该补丁之前，我使用isPasswordEncoded标志创建了一种变通方法，以防止用户中进行多种编码:

I saw a patch in the JIRA, but until it gets into the release, I created a workaround using an isPasswordEncoded flag to prevent multiple encodes in User:

class User {
    boolean isPasswordEncoded = false
....snip....
    def beforeInsert() {
        if ( !isPasswordEncoded )
        {
            isPasswordEncoded = true
            encodePassword ()
        }
    }

    def beforeUpdate() {
        if (isDirty('password')) {
            isPasswordEncoded = false
            encodePassword()
        }
    }
....snip....
}

这篇关于使用多个数据库时，Grails 2无法使用Spring Security登录的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！