stackoom
  简体   繁体   中英

Grails 1.3.5 and Spring Security Core

 原文  2010-10-08 05:14:01       grails/ spring-security/ grails-plugin

Question

I have build a grails application, which on login redirects users to different URLs based on User's role (custom roles defined in roles domain). Now I am trying to integrate Spring Security Core Grails Plugin to the application, so plan to use the plugin's domain model.

I understand the auth action in LoginController does the user login validation and if the user is logged in the redirects to default target URI. My question is how can I know if the logging in user is of type ROLE_ADMIN or ROLE_USER or any other ROLE? How can I check the authority here and then redirect to different URIs?

I would also like to know how the user validation is done ie how & where the username and password are validated against the database in spring security?

Thank You. Jay Chandran.

1 answers

solution1
 5 ACCPTED  2010-10-08 05:59:55

The redirect happens in org.springframework.security.web.authentication.SavedRequestAwareAuthenticationSuccessHandler but the plugin extends this class in org.codehaus.groovy.grails.plugins.springsecurity.AjaxAwareAuthenticationSuccessHandler to support Ajax logins.

If you want to customize the redirect location based on roles, I'd subclass AjaxAwareAuthenticationSuccessHandler and override onAuthenticationSuccess() . You'll have access to the Authentication, so you can inspect the granted authorities and determine where to go based on those.

Then replace the plugin's bean with yours in resources.groovy: 

import org.codehaus.groovy.grails.plugins.springsecurity.SpringSecurityUtils

beans = {
   authenticationSuccessHandler(MyAuthenticationSuccessHandler) {
      def conf = SpringSecurityUtils.securityConfig

      requestCache = ref('requestCache')
      redirectStrategy = ref('redirectStrategy')
      defaultTargetUrl = conf.successHandler.defaultTargetUrl
      alwaysUseDefaultTargetUrl = conf.successHandler.alwaysUseDefault
      targetUrlParameter = conf.successHandler.targetUrlParameter
      ajaxSuccessUrl = conf.successHandler.ajaxSuccessUrl
      useReferer = conf.successHandler.useReferer
   }
}

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question grails spring security core Grails - Spring Security Core onAuthenticationSuccess spring security core grails not logging in Grails - uninstalling Spring Security Core Spring Security Core Plugin with grails Grails Spring Security Core Plugin Grails - SSL and Spring security core spring-security-core custom authentication in grails Grails 2.1.1 and Spring Security Core plugin Grails Spring Security Core logout message
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM