用Grails中的Spring-Security-Rest插件拦截登录呼叫
[英]Intercepting login calls with Spring-Security-Rest plugin in Grails
问题描述
我正在使用Grails的spring security rest插件为AngularJS应用提供登录机制。 登录工作正常,但是我不知道如何拦截登录呼叫,以便存储有关(无效/有效)登录尝试的其他统计信息。
由于我对Spring Security非常陌生,所以我对它的过滤器链并不熟悉。 是否可以编写一个自定义过滤器来拦截登录呼叫而不干扰插件的操作模式,还是有一种更好的方法来实现我想做的事情?
我看到Spring Security Rest插件有一个名为RestAuthenticationSuccessHandler的类,该类实现Spring Security的AuthenticationSuccessHandler接口。 我可以提供插件使用的类的自定义实现吗?
我的配置:
grails.plugin.springsecurity.rememberMe.persistent = false
grails.plugin.springsecurity.rest.login.useJsonCredentials = true
grails.plugin.springsecurity.rest.login.failureStatusCode = 401
grails.plugin.springsecurity.rest.token.storage.useGorm = true
grails.plugin.springsecurity.rest.token.storage.gorm.tokenDomainClassName = 'example.auth.AuthenticationToken'
grails.plugin.springsecurity.rest.token.storage.gorm.tokenValuePropertyName = 'token'
grails.plugin.springsecurity.rest.token.storage.gorm.usernamePropertyName = 'username'
grails.plugin.springsecurity.filterChain.chainMap = [
'/auth/**': 'JOINED_FILTERS,-exceptionTranslationFilter,-authenticationProcessingFilter,-securityContextPersistenceFilter, -rememberMeAuthenticationFilter', // Stateless chain
'/api/**': 'JOINED_FILTERS,-exceptionTranslationFilter,-authenticationProcessingFilter,-securityContextPersistenceFilter', // Stateless chain
'/**': 'JOINED_FILTERS,-restTokenValidationFilter,-restExceptionTranslationFilter' // Traditional chain
]
grails.plugin.springsecurity.rest.login.active=true
grails.plugin.springsecurity.rest.login.useJsonCredentials=true
grails.plugin.springsecurity.rest.token.storage.useGorm=true
grails.plugin.springsecurity.rest.token.generation.useSecureRandom=true
grails.plugin.springsecurity.rest.token.validation.headerName='X-Auth-Token'
grails.plugin.springsecurity.rest.token.generation.useUUID=false
grails.plugin.springsecurity.rest.token.validation.active=true
grails.plugin.springsecurity.rest.token.validation.endpointUrl='/auth/validate'
1 个解决方案
解决方案1
2 已采纳 2015-06-16 22:01:10
Grails spring-security-rest身份验证被拒绝:动态方法获取 <Artefact> 类(artefactName)
[英]Grails spring-security-rest authentication denied: Dynamic method get<Artefact>Class(artefactName)
如何使用spring-security-rest在grails中获取Facebook用户的联系人列表:1.4.0.RC5
[英]How to get contact list of a facebook user in grails using spring-security-rest:1.4.0.RC5
禁用RestAuthenticationFilter-Grails Spring Security Rest插件
[英]Disable RestAuthenticationFilter - Grails Spring Security Rest Plugin
使用Grails Spring Security Rest插件时如何获取客户端登录失败的原因?
[英]How to get the reason of login failure in clients while using Grails Spring Security Rest plugin?
405方法/ gra / spring-security-rest插件在/ api / login OPTIONS请求中不允许(并且战斗继续…)
[英]405 Method Not Allowed on /api/login OPTIONS request with grails-spring-security-rest plugin (and the fight continues…)
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.
相关问题
spring-security-rest插件注销失败
Grails spring-security-rest身份验证被拒绝:动态方法获取 <Artefact> 类(artefactName)
如何使用spring-security-rest在grails中获取Facebook用户的联系人列表:1.4.0.RC5
grails spring安全休息插件
facebook连接grails spring安全休息插件
Grails + Spring Security Rest +如何登录
用于Grails3的Spring Security Rest插件
禁用RestAuthenticationFilter-Grails Spring Security Rest插件
使用Grails Spring Security Rest插件时如何获取客户端登录失败的原因?
405方法/ gra / spring-security-rest插件在/ api / login OPTIONS请求中不允许(并且战斗继续…)
相关标签