我试图在 $ b $ p $ b $ p
$ b class MyAuthenticationFilter extends AbstractPreAuthenticatedProcessingFilter { protected getPreAuthenticatedPrincipal(request){my_username} protected getPreAuthenticatedCredentials(request){N / A}将其添加到Spring:
beans = { myAuthenticationFilter(MyAuthenticationFilter){ authenticationManager = ref('authenticationManager') checkForPrincipalChanges = true } $ / code>并在BootStrap中注册,位置为PRE_AUTH_FILTER:
class BootStrap { def init = {servletContext - > SpringSecurityUtils.clientRegisterFilter('myAuthenticationFilter', SecurityFilterPosition.PRE_AUTH_FILTER.order)} }Config.groovy只有标准的User,Role和UserRole类名称以及一些staticRules。
我尝试从它的 getPreAuthenticatedPrincipal()方法返回各种各样的东西:用户标识,用户标识作为字符串,用户名,用户对象本身...我可以看到我的过滤器被调用每个请求(这是我想要的,已设置 checkForPrincipalChanges = true )无论我从它返回什么,当前用户保持匿名: springSecurityService.principal 仍然是 __ grails.anonymous.user __
什么是否需要在我的设置中进行更改,以便能够使用他们现有的组和角色对我的用户进行身份验证?我不想写一个额外的身份验证提供程序,对于Grails的标准 daoAuthenticationProvider ,我没有问题。我是否需要从我的过滤器中返回特定的内容?我需要设置一些其他的Spring类吗?
解决方案我解决了它。我在这里记录它,以防别人需要做同样的事情。
基本上缺失的是将一个新的PreAuthenticatedAuthenticationProvider配置为唯一的提供者。没有额外的代码需要,只需在资源中定义它:
myAuthenticationProvider(PreAuthenticatedAuthenticationProvider){ preAuthenticatedUserDetailsService = ref('authenticationUserDetailsService ')}并将其设置为Config中的唯一提供者:
grails.plugin.pringsecurity.providerNames = ['myAuthenticationProvider']然后,从认证过滤器中,只返回预认证用户的用户名,如果没有(匿名用户),则返回null。
I'm trying to configure a Grails app in a pre-authenticated scenario, using Spring Security Core.
So I wrote a custom authentication filter:
class MyAuthenticationFilter extends AbstractPreAuthenticatedProcessingFilter { protected getPreAuthenticatedPrincipal(request) { "my_username" } protected getPreAuthenticatedCredentials(request) { "N/A" } }added it to Spring:
beans = { myAuthenticationFilter(MyAuthenticationFilter) { authenticationManager = ref('authenticationManager') checkForPrincipalChanges = true } }and registered it in BootStrap, with position PRE_AUTH_FILTER:
class BootStrap { def init = { servletContext -> SpringSecurityUtils.clientRegisterFilter('myAuthenticationFilter', SecurityFilterPosition.PRE_AUTH_FILTER.order) } }Config.groovy only has the standard User, Role, and UserRole class names, plus some staticRules.
Inside the filter, I tried returning all sorts of things from its getPreAuthenticatedPrincipal() method: the user id, the user id as a string, its username, the User object itself… I can see that my filter is being called for each request (which is what I want, having set checkForPrincipalChanges = true) no matter what I return from it, the current user remains anonymous: springSecurityService.principal is still __grails.anonymous.user__
What do I need to change in my setup, to be able to authenticate my users, with their existing groups and roles? I don't want to write an additional authentication provider, I'm fine with Grails's standard daoAuthenticationProvider. Do I need to return something specific from my filter? Do I need to setup some other Spring classes?
解决方案I solved it. I'm documenting it here in case somebody else needs to do the same.
Basically the missing piece was to configure a new PreAuthenticatedAuthenticationProvider as the only provider. No additional code needed, just define it in resources:
myAuthenticationProvider(PreAuthenticatedAuthenticationProvider) { preAuthenticatedUserDetailsService = ref('authenticationUserDetailsService') }and set it as the only provider in Config:
grails.plugin.pringsecurity.providerNames = ['myAuthenticationProvider']Then, from the authentication filter, just return the username of the pre-authenticated user, or null if none (the anonymous user.)
更多推荐
Grails预先验证的场景
发布评论