Acegi / Spring Security Grails插件未看到对用户实例的更改
[英]Acegi/Spring Security Grails plug-in not seeing changes to a User instance
问题描述
I am writing a web app in Grails with the Acegi/Spring Security plug-in, and am having trouble getting it to see changes I make to User instances. 
我正在使用Acegi / Spring Security插件在Grails中编写一个Web应用程序,但无法使其看到我对User实例所做的更改。 I have only been working with Groovy/Grails for about three weeks, so please forgive me if this problem is trivial, since I have been poring over mailing lists and tutorials trying to find the answer. 我只与Groovy / Grails一起工作了大约三个星期,所以如果这个问题很小,请原谅我,因为我一直在仔细研究邮件列表和教程以寻找答案。
I have been adding new attributes to the User domain class whenever I need a User to contain more information such as an email confirmation token or real name, since I couldn't find any recommendations to the contrary. 每当我需要用户包含更多信息(例如电子邮件确认令牌或真实姓名)时,我便一直在向User域类添加新属性,因为我找不到相反的建议。 Everything seems to be fine for creating new users, but when I edit the user, the changes show up in the user list, but the Acegi tag libraries and associated functions don't seem to see the changes. 一切似乎都可以创建新用户,但是当我编辑用户时,所做的更改会显示在用户列表中,但是Acegi标记库和相关函数似乎看不到更改。
Here is the relevant snippet from UserController.update(): 这是UserController.update()的相关代码段:
def person = User.get(params.id)
//...snip error checking...
//Update user attributes
person.username = params.email
person.email = params.email
person.userRealName = params.userRealName
//Attempt to save changes
if (person.save()) {
//If successful, redirect back to profile viewing page
redirect action: show, id: person.id
return
}
else {
//Otherwise, show errors and edit again
render view: 'edit', model: buildPersonModel(person)
return
}
After this code runs, I can see the changes if I always get user data by ID, but not if I use the Acegi tags or functions. 运行此代码后,如果始终通过ID获取用户数据,而使用Acegi标记或函数,则看不到更改。 For example, this does not work: 例如,这不起作用:
loggedInUserInfo(field:'realName')
But this does: 但这确实是:
User.get(loggedInUserInfo(field:'id').toLong()).realName
The new information sometimes shows up after I log out and in again, but usually it doesn't, often not showing up even after three or more relogs. 新信息有时会在我注销并再次登录后显示,但通常不会显示,即使在三次或更多次重新登录后也常常不显示。 Also, I tried adding "flush:true" to person.save() with no effect. 另外,我尝试将“ flush:true”添加到person.save()无效。
(Peripheral question: is it bad for me to be fiddling with the User class like this? If not, what's the best way to add information to it?) (周围的问题:像这样摆弄User类对我来说是不好的吗?否则,添加信息的最佳方法是什么?)
Update after more investigation: It looks like if I use loggedInUserInfo() in a normal page, it works fine, but if I use it inside a layout, it exhibits the behavior I described. 经过更多调查后更新:好像我在正常页面中使用loggingInUserInfo()一样,它工作正常,但是如果我在布局中使用它,则表现出我所描述的行为。 Could there be some odd caching thing going on? 可能会发生一些奇怪的缓存事情吗?
6 个解决方案
解决方案1
2 已采纳 2009-11-20 11:35:16
I have a workaround for this issue and i've also created a JIRA entry for the problem. 我有解决此问题的方法,并且我还为该问题创建了JIRA条目。
There seems to be a bug in how Acegi updates it's users internally. Acegi如何在内部更新其用户似乎存在错误。 I provide a workaround in the form of a grails filter which updates the user's authorities manually every time a controller is accessed. 我以grails过滤器的形式提供了一种解决方法,该方法可在每次访问控制器时手动更新用户的权限。 Not ideal but it works. 不理想,但是可以。
Cheers, 干杯,
解决方案2
2 2009-05-30 18:27:50
修改用户类后,您是否运行过grails generate-manager?
解决方案3
1 2010-01-19 15:44:04
I was facing the same problem. 我面临着同样的问题。 My solution was to make an update of the acegi plugin to version 0.5.1 (acegi 0.5.1 -- Grails Spring Security 2.0 Plugin). 我的解决方案是将acegi插件更新到版本0.5.1(acegi 0.5.1-Grails Spring Security 2.0插件)。
Then I've set at /plugins/acegi-0.5.1/grails-app/conf/DefaultSecurityConfig.groovy 然后我将其设置为/plugins/acegi-0.5.1/grails-app/conf/DefaultSecurityConfig.groovy
cacheUsers = false
and now voila! 现在瞧! it is working! 这是工作!
Luis 路易斯
解决方案4
1 2009-06-03 16:58:22
Acegi caches User info, if I remember correctly. 如果我没记错的话,Acegi会缓存用户信息。 Check the ' DefaultSecurityConfig ' file (I think that's the name, under config/) for disabling user info cache. 检查“ DefaultSecurityConfig ”文件(我认为这是config /下的名称)以禁用用户信息缓存。 You can also call some method on authenticateService (can't remember what method right now) to evict the user cache. 您还可以在authenticateService上调用某些方法(现在不记得现在使用哪种方法)来驱逐用户缓存。
You may be able to find the latter within the UserController#update closure. 您可以在UserController#update闭包中找到后者。
解决方案5
1 2009-06-04 21:46:53
I faced same problem, and followed advice given by Maximilian Schweitzer above. 我遇到了同样的问题,并遵循了上面马克西米利安·史威哲的建议。 It did not work for me in the beginning. 一开始它对我没有用。
Give these steps a try and see if it resolves the issue: 请尝试以下步骤,看看是否可以解决问题:
- I ran generate-manager as per answer above by Maximilian Schweitzer . 我根据Maximilian Schweitzer的上述回答运行了生成管理器。
- Tried to login with users created before I ran generate-manager - Didn't work 尝试使用我运行generate-manager之前创建的用户登录-无效
- I created new user (with new UserController, gsp, etc) 我创建了新用户(使用新的UserController,gsp等)
- Tried to login with new user works just fine. 尝试使用新用户登录就可以了。
- Deleted old users created before and recreated them. 删除之前创建的旧用户,然后重新创建它们。 It worked fine. 工作正常。
Though not sure if it applies to your situation. 尽管不确定是否适用于您的情况。
HTH! HTH!
解决方案6
0 2010-03-10 12:20:57
You have to reset the authenticated user. 您必须重置通过身份验证的用户。 The code below does just that (from this blog ). 下面的代码正是这样做的(来自此Blog )。
import org.springframework.security.context.SecurityContextHolder
import org.springframework.security.providers.UsernamePasswordAuthenticationToken
import org.codehaus.groovy.grails.plugins.springsecurity.GrailsUserImpl
import org.springframework.security.GrantedAuthority
import org.springframework.security.GrantedAuthorityImpl
...
def refreshAuthenticatedUser(user) {
GrantedAuthority[] auths = user.authorities.collect {
new GrantedAuthorityImpl(it.authority)
}
def grailsUser = new GrailsUserImpl(
user.username,
"",
user.enabled,
true,
true,
true,
auths,
user)
def authToken = new UsernamePasswordAuthenticationToken(grailsUser, '', auths)
SecurityContextHolder.context.authentication = authToken
}
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.