Grails 1.3.5 and Spring Security Kernel

I have a grails application that, when logged in, redirects users to different URLs based on the user role (custom roles defined in the role domain). Now I'm trying to integrate Spring Security Core Grails Plugin into the application, so we plan to use the plugin domain model.

I understand that the auth action in the LoginController does a validation of the login and if the user is registered with a redirect to the default destination URI. My question is, how can I find out if a logon user has type ROLE_ADMIN or ROLE_USER or any other ROLE? How can I check credentials here and then redirect to different URIs?

I would also like to know how user verification is performed, for example, how and where is the username and password checked against the database in Spring Security?

Thanks. Jay Chandran

+4
source share
1 answer

Redirection occurs in org.springframework.security.web.authentication.SavedRequestAwareAuthenticationSuccessHandler , but the plugin extends this class in org.codehaus.groovy.grails.plugins.springsecurity.AjaxAwareAuthenticationSuccessHandler to support Ajax logins.

If you want to configure a role-based redirect location, I would subclass AjaxAwareAuthenticationSuccessHandler and override onAuthenticationSuccess() . You will have access to authentication so that you can verify the privileges granted and determine where to go based on these.

Then replace the bean plugin with your .groovy resource:

 import org.codehaus.groovy.grails.plugins.springsecurity.SpringSecurityUtils beans = { authenticationSuccessHandler(MyAuthenticationSuccessHandler) { def conf = SpringSecurityUtils.securityConfig requestCache = ref('requestCache') redirectStrategy = ref('redirectStrategy') defaultTargetUrl = conf.successHandler.defaultTargetUrl alwaysUseDefaultTargetUrl = conf.successHandler.alwaysUseDefault targetUrlParameter = conf.successHandler.targetUrlParameter ajaxSuccessUrl = conf.successHandler.ajaxSuccessUrl useReferer = conf.successHandler.useReferer } } 
+5
source

All Articles