I have a Grails 3 application with Spring Security Rest implemented, I can authenticate from my Angular2 app successfully, and with @Secured() applied to the controllers can control which areas of the application can be accessed. So given this, I know that the authentication and authorization is working.
I'm trying to retrieve the logged in user's username that was used to authenticate.
I've tried Authentication authentication = SecurityContextHolder.getContext().getAuthentication()
it's null.
I tried Principal principal = request.getUserPrincipal()
it's also null.
Here's my application.groovy
grails.plugin.springsecurity.providerNames = ['customADAuthProvider']
grails.plugin.springsecurity.successHandler.alwaysUseDefault = true
grails.plugin.springsecurity.userLookup.userDomainClassName = 'User'
grails.plugin.springsecurity.userLookup.authorityJoinClassName = 'UserRole'
grails.plugin.springsecurity.authority.className = 'Role'
grails.plugin.springsecurity.controllerAnnotations.staticRules = [
[pattern: '/', access: ['permitAll']],
[pattern: '/error', access: ['permitAll']],
[pattern: '/index', access: ['permitAll']],
[pattern: '/index.gsp', access: ['permitAll']],
[pattern: '/shutdown', access: ['permitAll']],
[pattern: '/assets/**', access: ['permitAll']],
[pattern: '/**/js/**', access: ['permitAll']],
[pattern: '/**/css/**', access: ['permitAll']],
[pattern: '/**/images/**', access: ['permitAll']],
[pattern: '/**/favicon.ico', access: ['permitAll']]
]
grails.plugin.springsecurity.filterChain.chainMap = [
[pattern: '/assets/**', filters: 'none'],
[pattern: '/**/js/**', filters: 'none'],
[pattern: '/**/css/**', filters: 'none'],
[pattern: '/**/images/**', filters: 'none'],
[pattern: '/**/favicon.ico', filters: 'none'],
[pattern: '/api/**', filters: 'JOINED_FILTERS,-anonymousAuthenticationFilter,-exceptionTranslationFilter,-authenticationProcessingFilter,-securityContextPersistenceFilter,-rememberMeAuthenticationFilter']
]
grails.plugin.springsecurity.rest.logout.endpointUrl = '/api/logout'
No matter what I try, I can never get the authentication object or principal object to retrieve the username or any user details.
I'm using spring-security-rest:2.0.0.RC1
, and Grails 3.3.6
You can do something like this...
class SomeController {
def springSecurityService
def someAction() {
def user = springSecurityService.currentUser
// ...
}
}
Or this...
class SomeController {
def springSecurityService
def someAction() {
def principal = springSecurityService.principal
String username = principal.username
def authorities = principal.authorities // a Collection of GrantedAuthority
boolean enabled = principal.enabled
// ...
}
}
Both of those are pasted directly from https://grails-plugins.github.io/grails-spring-security-core/3.2.x/index.html
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.