如何在使用Grails Spring Security Rest插件时在客户端登录失败的原因？ [英] How to get the reason of login failure in clients while using Grails Spring Security Rest plugin?

问题描述

我们使用Grails Spring Security Rest插件1.5.2和Grails 2.5.2。

不幸的是，它似乎没有报告登录失败发生的原因。我们唯一从登录请求中获得的是 HTTP 401 。

我们有一个机制，登录失败时，我们设置用户的 accountLocked 属性，以便帐户被禁用/锁定。

我们希望至少得到一个JSON响应，说明登录失败的原因，比如用户帐户被锁定，错误凭据，没有这样的用户等。 >

有没有一种方法可以用我们使用的当前版本来做到这一点？

解决方案

该插件不支持开箱即用。但是，您可以通过替换 RestAuthenticationFailureHandler ，并将它作为 resources.groovy 作为 restAuthenticationFailureHandler 。

We are using Grails Spring Security Rest plugin 1.5.2 with Grails 2.5.2.

Unfortunately it doesn't seem to report any reason of why a login failure occurred. The only thing we get from the login request is HTTP 401.

We have a mechanism where after a number of login failures we set the accountLocked property of the User, so the account becomes disabled/locked.

We would like to get at least a JSON response of why the login failed, like "User account is locked", "Bad credentials", "No such user", etc.

Is there a way to do this with current versions that we use?

解决方案

The plugin doesn't support that out of the box. However, you can easily workaround it by replacing RestAuthenticationFailureHandler with your own implementation and wiring it in resources.groovy as restAuthenticationFailureHandler.

这篇关于如何在使用Grails Spring Security Rest插件时在客户端登录失败的原因？的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！