用Grails中的Spring-Security-Rest插件攔截登錄呼叫
[英]Intercepting login calls with Spring-Security-Rest plugin in Grails
問題描述
我正在使用Grails的spring security rest插件為AngularJS應用提供登錄機制。 登錄工作正常,但是我不知道如何攔截登錄呼叫,以便存儲有關(無效/有效)登錄嘗試的其他統計信息。
由於我對Spring Security非常陌生,所以我對它的過濾器鏈並不熟悉。 是否可以編寫一個自定義過濾器來攔截登錄呼叫而不干擾插件的操作模式,還是有一種更好的方法來實現我想做的事情?
我看到Spring Security Rest插件有一個名為RestAuthenticationSuccessHandler的類,該類實現Spring Security的AuthenticationSuccessHandler接口。 我可以提供插件使用的類的自定義實現嗎?
我的配置:
grails.plugin.springsecurity.rememberMe.persistent = false
grails.plugin.springsecurity.rest.login.useJsonCredentials = true
grails.plugin.springsecurity.rest.login.failureStatusCode = 401
grails.plugin.springsecurity.rest.token.storage.useGorm = true
grails.plugin.springsecurity.rest.token.storage.gorm.tokenDomainClassName = 'example.auth.AuthenticationToken'
grails.plugin.springsecurity.rest.token.storage.gorm.tokenValuePropertyName = 'token'
grails.plugin.springsecurity.rest.token.storage.gorm.usernamePropertyName = 'username'
grails.plugin.springsecurity.filterChain.chainMap = [
'/auth/**': 'JOINED_FILTERS,-exceptionTranslationFilter,-authenticationProcessingFilter,-securityContextPersistenceFilter, -rememberMeAuthenticationFilter', // Stateless chain
'/api/**': 'JOINED_FILTERS,-exceptionTranslationFilter,-authenticationProcessingFilter,-securityContextPersistenceFilter', // Stateless chain
'/**': 'JOINED_FILTERS,-restTokenValidationFilter,-restExceptionTranslationFilter' // Traditional chain
]
grails.plugin.springsecurity.rest.login.active=true
grails.plugin.springsecurity.rest.login.useJsonCredentials=true
grails.plugin.springsecurity.rest.token.storage.useGorm=true
grails.plugin.springsecurity.rest.token.generation.useSecureRandom=true
grails.plugin.springsecurity.rest.token.validation.headerName='X-Auth-Token'
grails.plugin.springsecurity.rest.token.generation.useUUID=false
grails.plugin.springsecurity.rest.token.validation.active=true
grails.plugin.springsecurity.rest.token.validation.endpointUrl='/auth/validate'
1 個解決方案
解決方案1
2 已采納 2015-06-16 22:01:10
Grails spring-security-rest身份驗證被拒絕:動態方法獲取 <Artefact> 類(artefactName)
[英]Grails spring-security-rest authentication denied: Dynamic method get<Artefact>Class(artefactName)
如何使用spring-security-rest在grails中獲取Facebook用戶的聯系人列表:1.4.0.RC5
[英]How to get contact list of a facebook user in grails using spring-security-rest:1.4.0.RC5
禁用RestAuthenticationFilter-Grails Spring Security Rest插件
[英]Disable RestAuthenticationFilter - Grails Spring Security Rest Plugin
使用Grails Spring Security Rest插件時如何獲取客戶端登錄失敗的原因?
[英]How to get the reason of login failure in clients while using Grails Spring Security Rest plugin?
405方法/ gra / spring-security-rest插件在/ api / login OPTIONS請求中不允許(並且戰斗繼續…)
[英]405 Method Not Allowed on /api/login OPTIONS request with grails-spring-security-rest plugin (and the fight continues…)
聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.
相關問題
spring-security-rest插件注銷失敗
Grails spring-security-rest身份驗證被拒絕:動態方法獲取 <Artefact> 類(artefactName)
如何使用spring-security-rest在grails中獲取Facebook用戶的聯系人列表:1.4.0.RC5
grails spring安全休息插件
facebook連接grails spring安全休息插件
Grails + Spring Security Rest +如何登錄
用於Grails3的Spring Security Rest插件
禁用RestAuthenticationFilter-Grails Spring Security Rest插件
使用Grails Spring Security Rest插件時如何獲取客戶端登錄失敗的原因?
405方法/ gra / spring-security-rest插件在/ api / login OPTIONS請求中不允許(並且戰斗繼續…)
相關標簽