我尝试使用Grails 3.0和AngularJS进行基本身份验证。
首先在$sql = "SELECT check_pass('test123','123456')";
$connection = ConnectionManager::get('default');
$results = $connection->execute($sql)->fetchAll('assoc');
我添加了Spring Security插件(http://grails-plugins.github.io/grails-spring-security-core/guide/index.html):
build.gradle
然后我配置了 compile 'org.grails.plugins:spring-security-core:3.0.0.M1'
application.yml
在角度服务中,我创建了这个方法:
grails:
plugin:
springsecurity:
useBasicAuth: true
basic:
realmName: "xxx"
userLookup:
userDomainClassName: xxx
rejectIfNoRule: true
fii:
rejectPublicInvocations: false
controllerAnnotations:
staticRules: [... ommited ...]
在模块confid中,我添加了var authenticateOwner = function (credentials, callback) {
var headers = credentials ? {authorization: "Basic " + btoa(credentials.username + ":" + credentials.password)} : {};
$http.get('/login/owner', {headers: headers}).success(function (data) {
$rootScope.authenticated = !!data.basicUserInfo.name;
callback && callback();
}).error(function () {
$rootScope.authenticated = false;
callback && callback();
});
};
标头,以防止X-Requested-With
回来:
WWW-Authenticate
问题在于,我得到angular.module([...]).config(function ($httpProvider) {
$httpProvider.defaults.headers.common["X-Requested-With"] = 'XMLHttpRequest';
});
标题,使浏览器显示登录对话框。
那么我如何才能正确登录AngulrJS& Grails的?
PS 我使用本教程:https://spring.io/guides/tutorials/spring-security-and-angular-js/在Grails中开发登录。