Grails 1.3.5和Spring Security Core [英] Grails 1.3.5 and Spring Security Core
问题描述
我构建了一个grails应用程序,它在登录时根据用户角色(在角色域中定义的自定义角色)将用户重定向到不同的URL。现在我正试图将Spring Security Core Grails插件集成到应用程序中,因此计划使用插件的域模型。
据我所知,LoginController中的auth动作会执行用户登录验证,并且用户是否登录重定向到默认目标URI。
我的问题是如何知道登录用户的类型是ROLE_ADMIN还是ROLE_USER还是其他ROLE?我如何在这里检查权限,然后重定向到不同的URI?
我也想知道用户验证是如何完成的,在春季安全中,用户名和密码是否针对数据库进行了验证?
谢谢。
Jay Chandran。
重定向发生在 org.springframework.security.web中。 authentication.SavedRequestAwareAuthenticationSuccessHandler ,但该插件在 org.codehaus.groovy.grails.plugins.springsecurity.AjaxAwareAuthenticationSuccessHandler 中扩展该类以支持Ajax登录。 p>
如果你想基于角色自定义重定向位置,我会继承 AjaxAwareAuthenticationSuccessHandler 并覆盖 onAuthenticationSuccess()。您将可以访问身份验证,因此您可以检查授予的权限并根据这些权限确定去哪里。
import org.codehaus.groovy.grails.plugins.springsecurity.SpringSecurityUtils
beans = {
authenticationSuccessHandler(MyAuthenticationSuccessHandler){
def conf = SpringSecurityUtils.securityConfig
requestCache = ref('requestCache')
redirectStrategy = ref('redirectStrategy')
defaultTargetUrl = conf.successHandler.defaultTargetUrl
alwaysUseDefaultTargetUrl = conf.successHandler.alwaysUseDefault
targetUrlParameter = conf.successHandler.targetUrlParameter
ajaxSuccessUrl = conf.successHandler.ajaxSuccessUrl
useReferer = conf。
$
$I have build a grails application, which on login redirects users to different URLs based on User's role (custom roles defined in roles domain). Now I am trying to integrate Spring Security Core Grails Plugin to the application, so plan to use the plugin's domain model.
I understand the auth action in LoginController does the user login validation and if the user is logged in the redirects to default target URI.
My question is how can I know if the logging in user is of type ROLE_ADMIN or ROLE_USER or any other ROLE? How can I check the authority here and then redirect to different URIs?
I would also like to know how the user validation is done i.e. how & where the username and password are validated against the database in spring security?
Thank You.
Jay Chandran.
解决方案 The redirect happens in org.springframework.security.web.authentication.SavedRequestAwareAuthenticationSuccessHandler but the plugin extends this class in org.codehaus.groovy.grails.plugins.springsecurity.AjaxAwareAuthenticationSuccessHandler to support Ajax logins.
If you want to customize the redirect location based on roles, I'd subclass AjaxAwareAuthenticationSuccessHandler and override onAuthenticationSuccess(). You'll have access to the Authentication, so you can inspect the granted authorities and determine where to go based on those.
Then replace the plugin's bean with yours in resources.groovy:
import org.codehaus.groovy.grails.plugins.springsecurity.SpringSecurityUtils
beans = {
authenticationSuccessHandler(MyAuthenticationSuccessHandler) {
def conf = SpringSecurityUtils.securityConfig
requestCache = ref('requestCache')
redirectStrategy = ref('redirectStrategy')
defaultTargetUrl = conf.successHandler.defaultTargetUrl
alwaysUseDefaultTargetUrl = conf.successHandler.alwaysUseDefault
targetUrlParameter = conf.successHandler.targetUrlParameter
ajaxSuccessUrl = conf.successHandler.ajaxSuccessUrl
useReferer = conf.successHandler.useReferer
}
}
这篇关于Grails 1.3.5和Spring Security Core的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
