Grails 1.3.5和Spring Security Core [英] Grails 1.3.5 and Spring Security Core
问题描述
我构建了一个grails应用程序,它在登录时根据用户角色(在角色域中定义的自定义角色)将用户重定向到不同的URL。现在我正试图将Spring Security Core Grails插件集成到应用程序中,因此计划使用插件的域模型。
据我所知,LoginController中的auth动作会执行用户登录验证,并且用户是否登录重定向到默认目标URI。
我的问题是如何知道登录用户的类型是ROLE_ADMIN还是ROLE_USER还是其他ROLE?我如何在这里检查权限,然后重定向到不同的URI?
我也想知道用户验证是如何完成的,在春季安全中,用户名和密码是否针对数据库进行了验证?
谢谢。
Jay Chandran。
重定向发生在 org.springframework.security.web中。 authentication.SavedRequestAwareAuthenticationSuccessHandler
,但该插件在 org.codehaus.groovy.grails.plugins.springsecurity.AjaxAwareAuthenticationSuccessHandler
中扩展该类以支持Ajax登录。 p>
如果你想基于角色自定义重定向位置,我会继承 AjaxAwareAuthenticationSuccessHandler
并覆盖 onAuthenticationSuccess()
。您将可以访问身份验证,因此您可以检查授予的权限并根据这些权限确定去哪里。
import org.codehaus.groovy.grails.plugins.springsecurity.SpringSecurityUtils
beans = {
authenticationSuccessHandler(MyAuthenticationSuccessHandler){
def conf = SpringSecurityUtils.securityConfig
requestCache = ref('requestCache')
redirectStrategy = ref('redirectStrategy')
defaultTargetUrl = conf.successHandler.defaultTargetUrl
alwaysUseDefaultTargetUrl = conf.successHandler.alwaysUseDefault
targetUrlParameter = conf.successHandler.targetUrlParameter
ajaxSuccessUrl = conf.successHandler.ajaxSuccessUrl
useReferer = conf。
$
$I have build a grails application, which on login redirects users to different URLs based on User's role (custom roles defined in roles domain). Now I am trying to integrate Spring Security Core Grails Plugin to the application, so plan to use the plugin's domain model.
I understand the auth action in LoginController does the user login validation and if the user is logged in the redirects to default target URI.
My question is how can I know if the logging in user is of type ROLE_ADMIN or ROLE_USER or any other ROLE? How can I check the authority here and then redirect to different URIs?
I would also like to know how the user validation is done i.e. how & where the username and password are validated against the database in spring security?
Thank You.
Jay Chandran.
解决方案 The redirect happens in org.springframework.security.web.authentication.SavedRequestAwareAuthenticationSuccessHandler
but the plugin extends this class in org.codehaus.groovy.grails.plugins.springsecurity.AjaxAwareAuthenticationSuccessHandler
to support Ajax logins.
If you want to customize the redirect location based on roles, I'd subclass AjaxAwareAuthenticationSuccessHandler
and override onAuthenticationSuccess()
. You'll have access to the Authentication, so you can inspect the granted authorities and determine where to go based on those.
Then replace the plugin's bean with yours in resources.groovy:
import org.codehaus.groovy.grails.plugins.springsecurity.SpringSecurityUtils
beans = {
authenticationSuccessHandler(MyAuthenticationSuccessHandler) {
def conf = SpringSecurityUtils.securityConfig
requestCache = ref('requestCache')
redirectStrategy = ref('redirectStrategy')
defaultTargetUrl = conf.successHandler.defaultTargetUrl
alwaysUseDefaultTargetUrl = conf.successHandler.alwaysUseDefault
targetUrlParameter = conf.successHandler.targetUrlParameter
ajaxSuccessUrl = conf.successHandler.ajaxSuccessUrl
useReferer = conf.successHandler.useReferer
}
}
这篇关于Grails 1.3.5和Spring Security Core的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!