Grails 安全插件自定义重定向 | 安全插件自定义重定向

本文介绍了Grails 安全插件自定义重定向的处理方法，对大家解决问题具有一定的参考价值，需要的朋友们下面随着小编来一起学习吧！

问题描述

我是 Groovy 和 Grails 的新手.我使用 Spring Security 插件使用数据库请求的请求映射开发了一个应用程序.我想根据角色自定义重定向到主页.

I am new to Groovy and Grails. I have developed an application using the Spring Security plugin using a database requested request map. I want a custom redirection to the home pages according to the roles.

如果用户是 ROLE_ADMIN，他将在视图 adminUser/Homepage.gsp 中重定向到他的主页

If the user is ROLE_ADMIN he would be redirected to his home page in views adminUser/Homepage.gsp

如果用户是 ROLE_USER，他将在视图 User/Homepage.gsp 中重定向到他的主页

If the user is ROLE_USER he would be redirected to his home page in views User/Homepage.gsp

我无法根据用户登录获得任何自定义身份验证重定向.

I am not able to get any custom authentication redirection according to the user login.

推荐答案

我就是这样做的.我已根据您的需要对其进行了修改.如果有帮助，请告诉我.

This is how I do it. I've modified it for your needs. Let me know if it helps.

在 auth() 方法下的 springsecurities LoginController 中做这样的事情(它会在点击登录之前获取用户所在的页面):

Inside springsecurities LoginController under the auth() method do something like this (it will get the page the user was on before clicking login):

def auth() {

    session['returnUrl'] = request.getHeader("Referer")

    def config = SpringSecurityUtils.securityConfig

    if (springSecurityService.isLoggedIn()) {
        redirect uri: config.successHandler.defaultTargetUrl
        return
    }

    String view = 'auth'
    String postUrl = "${request.contextPath}${config.apf.filterProcessesUrl}"
    render view: view, model: [postUrl: postUrl,
                               rememberMeParameter: config.rememberMe.parameter]
}

现在在 src/groovy 中创建一个 auth 成功处理程序:

Now inside src/groovy create an auth success handler:

package packageName

import org.springframework.security.web.authentication.SavedRequestAwareAuthenticationSuccessHandler

import javax.servlet.http.HttpServletRequest
import javax.servlet.http.HttpServletResponse

public class MyAuthSuccessHandler extends SavedRequestAwareAuthenticationSuccessHandler
{
    @Override
    protected String determineTargetUrl(HttpServletRequest request, HttpServletResponse response)
    {
        def returnUrl = request.getSession().getAttribute('returnUrl')

        // Get current users role using springSecurityService
        // You can inject springSecurityService into this class
        // http://stackoverflow.com/questions/6467167/how-to-get-current-user-role-with-spring-security-plugin

        if (role == 'ROLE_ADMIN')
        {
            returnUrl = '/adminUser/Homepage.gsp'
        }
        else if (role == 'ROLE_USER')
        {
            returnUrl = '/User/Homepage.gsp'
        }
        else
        {
            returnUrl = 'redirect somewhere'
        }

        request.getSession().removeAttribute('returnUrl')

        return returnUrl
    }
}

现在在 conf/spring/resources.groovy 下创建一个 bean，如下所示:

Now under conf/spring/resources.groovy create a bean like so:

import grails.plugin.springsecurity.SpringSecurityUtils

// Place your Spring DSL code here
beans = {
    authenticationSuccessHandler(packageName.MyAuthSuccessHandler) {
        def conf = SpringSecurityUtils.securityConfig
        requestCache = ref('requestCache')
        defaultTargetUrl = conf.successHandler.defaultTargetUrl
        alwaysUseDefaultTargetUrl = conf.successHandler.alwaysUseDefault
        targetUrlParameter = conf.successHandler.targetUrlParameter
        useReferer = conf.successHandler.useReferer
        redirectStrategy = ref('redirectStrategy')
    }
}

那你就可以出发了.让我知道它是否有效.

Then you should be good to go. Let me know if it works.

这篇关于Grails 安全插件自定义重定向的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持！