Grails 1.3.5 和 Spring Security 核心
我构建了一个 grails 应用程序,该应用程序在登录时根据用户角色(角色域中定义的自定义角色)将用户重定向到不同的 URL。现在我正在尝试将 Spring Security Core Grails Plugin 集成到应用程序中,因此计划使用该插件的域模型。
我了解 LoginController 中的 auth 操作会执行用户登录验证,并且如果用户登录则重定向到默认目标 URI。 我的问题是如何知道登录用户的类型是 ROLE_ADMIN 还是 ROLE_USER 还是任何其他 ROLE?如何检查此处的权限,然后重定向到不同的 URI?
我还想知道用户验证是如何完成的,即如何&在 Spring Security 中,用户名和密码在哪里根据数据库进行验证?
谢谢。 杰·钱德兰.
I have build a grails application, which on login redirects users to different URLs based on User's role (custom roles defined in roles domain). Now I am trying to integrate Spring Security Core Grails Plugin to the application, so plan to use the plugin's domain model.
I understand the auth action in LoginController does the user login validation and if the user is logged in the redirects to default target URI.
My question is how can I know if the logging in user is of type ROLE_ADMIN or ROLE_USER or any other ROLE? How can I check the authority here and then redirect to different URIs?
I would also like to know how the user validation is done i.e. how & where the username and password are validated against the database in spring security?
Thank You.
Jay Chandran.
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(1)
重定向发生在 org.springframework.security.web.authentication.SavedRequestAwareAuthenticationSuccessHandler 中,但插件将 org.codehaus.groovy.grails.plugins.springsecurity.AjaxAwareAuthenticationSuccessHandler 中的此类扩展为支持Ajax登录。
如果您想根据角色自定义重定向位置,我将继承
AjaxAwareAuthenticationSuccessHandler
并重写onAuthenticationSuccess()
。您将有权访问身份验证,因此您可以检查授予的权限并根据这些权限确定要去哪里。然后在 resources.groovy 中将插件的 bean 替换为您的 bean:
The redirect happens in
org.springframework.security.web.authentication.SavedRequestAwareAuthenticationSuccessHandler
but the plugin extends this class inorg.codehaus.groovy.grails.plugins.springsecurity.AjaxAwareAuthenticationSuccessHandler
to support Ajax logins.If you want to customize the redirect location based on roles, I'd subclass
AjaxAwareAuthenticationSuccessHandler
and overrideonAuthenticationSuccess()
. You'll have access to the Authentication, so you can inspect the granted authorities and determine where to go based on those.Then replace the plugin's bean with yours in resources.groovy: