拦截grails中的springsecurity行为 [英] Intercepting springsecurity behavior in grails

问题描述

我在使用Grails 2.5的spring-security-core-2.0-RC5(SSC)中走了很长一段距离，但仍然有很多不足之处.我想知道如何完成两项任务.到目前为止，在将SSC集成到我的项目中之后，我构建了一个调度程序，该调度程序负责根据用户的角色将用户路由到不同的登录页面.此链接显示了我的操作方式.我想知道其他人的情况是这两个任务:

I have gone a good distance in spring-security-core-2.0-RC5 (SSC) with Grails 2.5, but still a lot to cover. I am wondering how to achieve two tasks. So far and after integrating SSC in my project, I built a dispatcher that takes care of routing users to different landing pages according to their roles. This link shows how I do it. What I am wondering how others are doing is these two tasks:

1. 如何自定义目标网页.例如，除了典型的请登录"外，我需要说请使用您提供的用户名和密码登录"以及图片或其他内容.这意味着我必须覆盖(或覆盖)现有的登录页面.最好的方法是什么?
2. 更重要.用户登录后，我会根据他们的角色将他们路由到不同的页面，或者，如果他们的帐户已启用！enabled ，甚至将其注销.但是，当用户完全没有凭据时，我无法控制.我想做的不是显示典型的对不起，我们无法找到具有该用户名和密码的用户."，我想在将用户重定向到注销/登录之前拦截该行为并执行一些操作.页面(例如，类似Web服务请求的操作).请问我该如何实现-能够代表未经授权的用户执行某些任务?

1. How to customize the landing page. For example, instead of the typical "Please Login", I need to say "Please login using your provided username and password" plus an image or something. This means I have to override (or overwrite) the existing login page. What is the best way to do this?
2. The more important. When a user is logged in, I route them to different pages based on their roles, or even log them out if their account is !enabled. However, what I can't do is be in control when the user has no credentials at all. What I would like to do is instead of displaying the typical "Sorry, we were not able to find a user with that username and password.", I would like to intercept the behaviour and perform some actions before redirecting users to the logout/login page (actions like a web service request for example). How can I achieve this please - to be able to make certain tasks on behalf of non-authorized users?

推荐答案

对于Task1(自定义登录页面)，您只需将auth.gsp页面放置在"app/views/login/auth.gsp"中

For Task1 (custom login page) you Just have to place a auth.gsp page in 'app/views/login/auth.gsp'

这篇关于拦截grails中的springsecurity行为的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！