我通过对 Config.groovy 的以下更改启用了用户切换:
grails.plugin.springsecurity.useSwitchUserFilter = true
grails.plugin.springsecurity.controllerAnnotations.staticRules = [
'/j_spring_security_switch_user':['ROLE_SWITCH_USER', 'IS_AUTHENTICATED_FULLY' ],
'/j_spring_security_exit_user': ['permitAll']
]
在 gsp 上,我有以下内容:
<sec:ifNotSwitched>
<sec:ifAllGranted roles='ROLE_SWITCH_USER'>
<form action='${request.contextPath}/j_spring_security_switch_user' method='POST'>
Switch to user: <input type='text' name='j_username' />
<input type='submit' value='Switch' />
</form>
</sec:ifAllGranted>
</sec:ifNotSwitched>
当我进行切换时,我知道它可以工作,因为在我的日志中我得到:
Attempt to switch to user [newusername]
switchuser.SwitchUserFilter - Could not find original user Authentication object!
switchuser.SwitchUserFilter - Switch User Token [<I see here the username for the user i switched to>]
authentication.AjaxAwareAuthenticationSuccessHandler - Using default Url: /
然后应用程序将我重定向到我在 springsecurity.switchUser.targetUrl 上的 URL
到目前为止,一切都很好,但是我在我的应用程序上所做的仍然看起来像原始/模仿用户,而不像我切换到的那个
事实上,我还有另一个 gsp:
<sec:ifLoggedIn>
Logged in as <sec:username />
</sec:ifLoggedIn>
并且什么也没有显示。有任何想法吗?