4

从 grails 2.5 升级到 grails 3.x 时,不会触发用户名密码身份验证过滤器。

我正在使用 spring-security 核心插件 3.1.1

这就是自定义过滤器的样子

    class CustomAuthenticationFilter extends UsernamePasswordAuthenticationFilter {
  @Override
  protected String obtainUsername(HttpServletRequest request) {
    return (new CustomPrincipal(request.getParameter('company'), request.getParameter('username'))).toString()
  }
  @Override
  protected String obtainPassword(HttpServletRequest request) {
    return request.getParameter('password')
  }
   }

应用程序.groovy

grails.plugin.springsecurity.filterChain.filterNames = [
    'securityContextPersistenceFilter',
    'logoutFilter',
    'customAuthenticationFilter',   
    'rememberMeAuthenticationFilter',
    'anonymousAuthenticationFilter',
    'exceptionTranslationFilter',
    'filterInvocationInterceptor'
]

资源.grrovy

customAuthenticationFilter(CustomAuthenticationFilter) {
    authenticationManager = ref('authenticationManager')
    sessionAuthenticationStrategy = ref('sessionAuthenticationStrategy')
    authenticationFailureHandler = ref('internalAuthenticationFailureHandler')
  }
4

1 回答 1

0

filterNames 映射定义如下:

**grails.plugin.springsecurity.filterChain.filterNames**= [  
    **pattern**:'/**',
    **filters**:'securityContextPersistenceFilter',
    'logoutFilter',
    'customAuthenticationFilter',
    'rememberMeAuthenticationFilter',
    'anonymousAuthenticationFilter',
    'exceptionTranslationFilter',
    'filterInvocationInterceptor'
]
于 2018-10-08T17:08:15.777 回答