Grails 上的 Spring Security 和带有领域的 Tomcat Security
我使用当前的 Grails 版本 1.3.7,针对最新版本的 mySQL 上的旧数据库模式进行编程。有用于user 和roles 的表,以及第三个表以m2m 方式roles_has_user 链接这两个表。原则上,这很好,而且是 grails 方式,但需要注意的一件有趣的事情是,表roles_has_user 有两列:username VARCHAR(20) 和 rolename VARCHAR (20)。我需要这个表结构,因为另一个应用程序能够使用 Tomcat 自己的身份验证机制来保护某些 Web 服务调用。
这似乎是一个问题:首先,我似乎无法正确获取域类的 m2m 映射。 有人可以向我指出在 grails m2m 中使用 PK ID 字段以外的其他内容(即使它是生成的/自定义 ID)作为 FK 的地方吗?
第二个问题是我得到有点担心我永远不会使用 Spring Security 进行此操作,有没有人(成功)尝试过这样做?
可能可以选择通过其他(新)表映射关系然后将 CRUD 控制器更改为使用必要的字符串字段username VARCHAR(20) 和rolename VARCHAR(20) 镜像roles_has_user 表中的关系。但这听起来很笨重...
感谢您的时间并请提出建议...如果您需要更多信息,请询问,我会尽力尽可能清楚。
I am on the current Grails version 1.3.7, programming against a legacy DB schema on a pretty recent version of mySQL. There are tables for the user and the roles and a third table to link the two in m2m fashion roles_has_user. In principle this is fine and the grails way, but one interesting thing to note is that the table roles_has_user has two columns: username VARCHAR(20) and rolename VARCHAR(20). I need this table structure as it is for another application to be able to use Tomcats own auth-mechanism to secure some webservice calls.
This seems to be a problem: first thing is i cant seem to get the m2m mapping of my domain classes correct. Could someone please point me to somewhere explaining the use of something other than the PK ID-field (even if it is a generated / custom ID) as a FK in grails m2m?
The second problem is me getting a little worried that i am never going to make this play with spring security, has anyone ever (successfully) attempted to do this?
There might be the option of mapping the relationship via an other (new) table and then changing the CRUD controllers to mirror the relationships in the roles_has_user table using the neccessary String-fields username VARCHAR(20) and rolename VARCHAR(20). But this sounds clunky...
Thanks for you time and please advise... if you need further information please just ask for it, i will try to be as clear as possible.
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(2)
也许最好的选择是使用代理键(即整数 id 值)标准化您的数据模型。
如果这不是一个选项,我会尝试为 id 进行静态映射。类似于:
id生成器:'分配',名称:'用户名',类型:'字符串'然后在域对象上添加hasMany / hasMany+belongsTo。
您可能还需要为连接表和连接列指定自定义多对多映射。
这不是一个完整的工作解决方案,但希望它能让您走上正确的道路。如果您遇到问题,请发布代码,以便我们有具体的内容可以查看。
Probably the best option is to normalize your data model with surrogate keys (i.e. integer id values).
If that's not an option, I would try making a static mapping for id. Something like:
id generator: 'assigned', name: 'username', type: 'string'Then add hasMany / hasMany+belongsTo on the domain objects.
You'll probably also need to specify a custom many-to-many mapping for your join table and join column.
This isn't a complete working solution, but hopefully it gets you on the right path. If you run into problems post the code so we have something concrete to look at.
一旦您知道如何操作,就可以轻松地将 Spring Security 插件与遗留用户/角色数据集成。我所说的“遗留”是指 User 和 Role 类不是使用 Spring Security 插件创建的,甚至可能不是 Grails 域类。
步骤如下:
User域类读取的UserDetails实现UserDetailsService实现(2) 的一个实例,作为名为userDetailsService的 Spring bean(例如在resources.groovy中)。更多详细信息请参见此处
Once you know how, it's easy to integrate the Spring Security plugin with legacy User/Role data. By "legacy" I mean the User and Role classes are not created using the Spring Security plugin, and may not even be Grails domain classes.
The steps are:
UserDetailsimplementation that reads from the existingUserdomain classUserDetailsServiceimplementation that returns instances of (1)resources.groovy) nameduserDetailsService.Further details available here