我有一个实现了 Spring Security Rest 的 Grails 3 应用程序,我可以成功地从我的 Angular2 应用程序进行身份验证,并且将 @Secured() 应用于控制器可以控制可以访问应用程序的哪些区域。因此,鉴于此,我知道身份验证和授权正在工作。
我正在尝试检索用于身份验证的登录用户的用户名。
我试过Authentication authentication = SecurityContextHolder.getContext().getAuthentication()
它是空的。
我试过
Principal principal = request.getUserPrincipal()
它也是空的。
这是我的应用程序.groovy
grails.plugin.springsecurity.providerNames = ['customADAuthProvider']
grails.plugin.springsecurity.successHandler.alwaysUseDefault = true
grails.plugin.springsecurity.userLookup.userDomainClassName = 'User'
grails.plugin.springsecurity.userLookup.authorityJoinClassName = 'UserRole'
grails.plugin.springsecurity.authority.className = 'Role'
grails.plugin.springsecurity.controllerAnnotations.staticRules = [
[pattern: '/', access: ['permitAll']],
[pattern: '/error', access: ['permitAll']],
[pattern: '/index', access: ['permitAll']],
[pattern: '/index.gsp', access: ['permitAll']],
[pattern: '/shutdown', access: ['permitAll']],
[pattern: '/assets/**', access: ['permitAll']],
[pattern: '/**/js/**', access: ['permitAll']],
[pattern: '/**/css/**', access: ['permitAll']],
[pattern: '/**/images/**', access: ['permitAll']],
[pattern: '/**/favicon.ico', access: ['permitAll']]
]
grails.plugin.springsecurity.filterChain.chainMap = [
[pattern: '/assets/**', filters: 'none'],
[pattern: '/**/js/**', filters: 'none'],
[pattern: '/**/css/**', filters: 'none'],
[pattern: '/**/images/**', filters: 'none'],
[pattern: '/**/favicon.ico', filters: 'none'],
[pattern: '/api/**', filters: 'JOINED_FILTERS,-anonymousAuthenticationFilter,-exceptionTranslationFilter,-authenticationProcessingFilter,-securityContextPersistenceFilter,-rememberMeAuthenticationFilter']
]
grails.plugin.springsecurity.rest.logout.endpointUrl = '/api/logout'
无论我尝试什么,我都无法获取身份验证对象或主体对象来检索用户名或任何用户详细信息。
我正在使用spring-security-rest:2.0.0.RC1,并且Grails 3.3.6