Grails / SpringSecurity核心和自定义注销行为

时间:2016-01-01 21:21:07

标签: grails spring-security

我正在使用带有SpringSecurityCore 2.0的grails 2.3.7。我有两个单独的登录屏幕,为特定设备量身定制,并通过访问特定控制器触发相应的设备。为此,我定制了loginController .. 

/**
 * Show the login page.
 */

def auth() {

    def config = SpringSecurityUtils.securityConfig

    if (springSecurityService.isLoggedIn()) {
        redirect uri: config.successHandler.defaultTargetUrl
        return
    }

    String whereFrom = session.SPRING_SECURITY_SAVED_REQUEST.requestURI
    def rdt = whereFrom.contains('RDT')

    // Redirect for RDT as required  ..

    String view = rdt ? 'rauth' : 'auth'

    String postUrl = "${request.contextPath}${config.apf.filterProcessesUrl}"

    session.rdt = rdt

    render view: view, model: [postUrl: postUrl,
                               rememberMeParameter: config.rememberMe.parameter]
}

似乎运作良好..在注销时我想再次重定向到一个合适的屏幕..我正在尝试使用我登录时存储的会话属性以及我发现的(不可否认的旧)链接{{3 }})重定向回适当的页面.. 

 /**
 * Index action. Redirects to the Spring security logout uri.
 */

def index() {

    if (!request.post && SpringSecurityUtils.getSecurityConfig().logout.postOnly) {
        response.sendError HttpServletResponse.SC_METHOD_NOT_ALLOWED // 405
        return
    }

    // TODO put any pre-logout code here

    def rdt = session.rdt

    session.rdt = null

    // redirect uri: "/j_spring_security_logout?spring-security-redirect=$logoutUrl"

    if (rdt) {

        def link = g.createLink(controller: "RDT")
        def redirectUrl = "${SpringSecurityUtils.securityConfig.logout.filterProcessesUrl}?spring-security-redirect=${link}"

        redirectStrategy.sendRedirect request, response, redirectUrl

    } else {
        redirectStrategy.sendRedirect request, response, SpringSecurityUtils.securityConfig.logout.filterProcessesUrl // '/j_spring_security_logout'
    }

    response.flushBuffer()

}

两个选项都会将我返回到'默认'身份验证登录屏幕,而不是我的替代rauth one,即使添加了额外的参数..如何路由回适当的屏幕?谢谢

1 个答案:

答案 0 :(得分:0)

最后,我手动将会话变量设置为null,使会话无效,标准重定向...工作..

相关问题
最新问题