堆栈内存溢出
  繁体   English   中英

Grails:Spring Security Core自定义身份验证getUserByUserName返回空对象

[英]Grails: Spring Security Core Custom authentication getUserByUserName return null object

 原文  2015-10-07 13:18:55       grails/ spring-security/ authorization

问题描述

我正在使用Grails 2.4.4和Spring Security Core插件编写自定义授权服务,并且在创建下面的user对象时遇到了麻烦。 它始终为null,但是传递给服务的userName和密码是有效且正确的字符串。 (最终,我将用自定义服务替换身份验证,但我想证明自己可以调用方法来完成该任务。)

有人知道我在做什么错吗?

Config.groovy的设置允许我正确调用此提供程序。 

grails.plugin.springsecurity.providerNames = ['CustomLDAPAuthProvider','daoAuthenticationProvider']

resources.groovy中的必要文​​件也已正确设置。 

beans = {   
    CustomLDAPAuthProvider(com.mathworks.spikeLDAP.CustomLDAPAuthService)
}

这是无效的服务代码... 

package com.mathworks.spikeLDAP

import grails.gsp.PageRenderer;
import grails.transaction.Transactional

import org.springframework.beans.factory.annotation.Autowired
import org.springframework.security.authentication.AuthenticationProvider
import org.springframework.security.authentication.BadCredentialsException
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken
import org.springframework.security.core.Authentication
import org.springframework.security.core.AuthenticationException
import org.springframework.security.core.GrantedAuthority
import org.springframework.security.core.authority.SimpleGrantedAuthority
import org.springframework.security.core.userdetails.UsernameNotFoundException
import org.springframework.stereotype.Component
import org.springframework.security.core.userdetails.User

@Transactional
class CustomLDAPAuthService implements AuthenticationProvider {

    def springSecurityService       
    PageRenderer groovyPageRenderer    

    @Override
    public Authentication authenticate(Authentication arg0)
            throws AuthenticationException {

        if (arg0) {
            println ("arg0 is not null")
        } else {
            println ("arg0 is null")
        }

        def userName = (arg0 as UsernamePasswordAuthenticationToken).getPrincipal()
        println ("username="+userName)
        def password = (arg0 as UsernamePasswordAuthenticationToken).getCredentials()
        println ("password="+password)
        User user = springSecurityService.getUserByUserName(userName)

        def providedPassword = springSecurityService.encodePassword(password, user)
        def realPassword = springSecurityService.getUserPassword(user)

        if(!providedPassword.equals(realPassword)){
            throw new BadCredentialsException("Bad login credentials!")
        }

        def authorities = springSecurityService.getUserAuthorities(user)
        return new UsernamePasswordAuthenticationToken(user, arg0.credentials, authorities)

    }

    @Override
    public boolean supports(Class<?> arg0) {

        return true;
    }

}

1 个解决方案

解决方案1
 0  2015-10-07 13:37:27

您正在定义一个依赖于另一个bean的新bean,看起来应该像以下文档中提到的代码那样完成 

beans = {
    myBean(MyBeanImpl) {
        someProperty = 42
        otherProperty = "blue"
        bookService = ref("bookService")
    }
}

http://grails.github.io/grails-doc/latest/guide/spring.html#theUnderpinningsOfGrails

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 grails中的spring-security-core自定义身份验证 Grails Spring安全身份验证提供程序和自定义过滤器 Grails Spring安全核心 Grails Spring安全核心允许通过URL进行身份验证 通过Grails进行Android应用身份验证spring-security-core 使用spring-security-core-ldap插件在grails中实现LDAP身份验证? 在grails的spring-security-core插件中禁用用户身份验证 Grails Spring Security Core插件:控制器不需要身份验证 Grails 3 Spring Security 预认证 Grails spring security 3现场认证
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM