Grails 如何自定义UsernamePasswordAuthenticationFilter
如何在grails中创建自定义UsernamePasswordAuthenticationFilter?我想自定义以下方法Grails 如何自定义UsernamePasswordAuthenticationFilter,grails,spring-security,Grails,Spring Security,如何在grails中创建自定义UsernamePasswordAuthenticationFilter?我想自定义以下方法 1. attemptAuthentication(HttpServletRequest request, HttpServletResponse response) 2. successfulAuthentication(HttpServletRequest request,HttpServletResponse response, Authentication authR
1. attemptAuthentication(HttpServletRequest request, HttpServletResponse response)
2. successfulAuthentication(HttpServletRequest request,HttpServletResponse response, Authentication authResult)
3. unsuccessfulAuthentication(HttpServletRequest request,HttpServletResponse response, AuthenticationException failed)
您需要实现自己的类来扩展
AbstractAuthenticationProcessingFilter
(或它的一个子类),然后通过在conf/spring/resources.groovy
中定义名为authenticationProcessingFilter
的Springbean来替换默认的身份验证处理过滤器
下面的示例使用X509证书进行身份验证,而不是用户名和密码
class AuthenticationProcessingFilter extends RequestHolderAuthenticationFilter {
@Override
Authentication attemptAuthentication(HttpServletRequest request, HttpServletResponse response)
throws AuthenticationException {
X509Certificate[] clientCertificates = request.getAttribute('javax.servlet.request.X509Certificate')
X509Certificate clientCertificate = clientCertificates ? clientCertificates[0] : null
Authentication authentication = new X509Authentication(clientCertificate)
authenticationManager.authenticate(authentication)
}
}
资源.groovy
如果要覆盖authenticationProcessingFilter
bean,很可能也需要覆盖默认的daoAuthenticationProvider
bean
authenticationProcessingFilter
bean负责读取身份验证数据(通常来自HTTP请求),从中创建一个authentication
实例,并触发身份验证过程,但实际执行身份验证的是DAOAAuthenticationProvider
authenticationProcessingFilter(AuthenticationProcessingFilter) {
authenticationManager = ref('authenticationManager')
sessionAuthenticationStrategy = ref('sessionAuthenticationStrategy')
authenticationSuccessHandler = ref('authenticationSuccessHandler')
authenticationFailureHandler = ref('authenticationFailureHandler')
rememberMeServices = ref('rememberMeServices')
authenticationDetailsSource = ref('authenticationDetailsSource')
filterProcessesUrl = conf.apf.filterProcessesUrl
usernameParameter = conf.apf.usernameParameter
passwordParameter = conf.apf.passwordParameter
continueChainBeforeSuccessfulAuthentication = conf.apf.continueChainBeforeSuccessfulAuthentication
allowSessionCreation = conf.apf.allowSessionCreation
postOnly = conf.apf.postOnly
}