Grails 3.2.4:未调用自定义身份验证过滤器

时间:2017-01-29 07:38:07

标签: grails spring-boot spring-security grails-plugin grails3

从grails 2.5升级到grails 3.x时,用户名密码验证过滤器不会被触发。

我正在使用spring-security核心插件3.1.1

这就是自定义过滤器的样子

    class CustomAuthenticationFilter extends UsernamePasswordAuthenticationFilter {
  @Override
  protected String obtainUsername(HttpServletRequest request) {
    return (new CustomPrincipal(request.getParameter('company'), request.getParameter('username'))).toString()
  }
  @Override
  protected String obtainPassword(HttpServletRequest request) {
    return request.getParameter('password')
  }
   }

application.groovy 

grails.plugin.springsecurity.filterChain.filterNames = [
    'securityContextPersistenceFilter',
    'logoutFilter',
    'customAuthenticationFilter',   
    'rememberMeAuthenticationFilter',
    'anonymousAuthenticationFilter',
    'exceptionTranslationFilter',
    'filterInvocationInterceptor'
]

resources.grrovy 

customAuthenticationFilter(CustomAuthenticationFilter) {
    authenticationManager = ref('authenticationManager')
    sessionAuthenticationStrategy = ref('sessionAuthenticationStrategy')
    authenticationFailureHandler = ref('internalAuthenticationFailureHandler')
  }

1 个答案:

答案 0 :(得分:0)

过滤器名称映射 ,如下所示:

**grails.plugin.springsecurity.filterChain.filterNames**= [  
    **pattern**:'/**',
    **filters**:'securityContextPersistenceFilter',
    'logoutFilter',
    'customAuthenticationFilter',
    'rememberMeAuthenticationFilter',
    'anonymousAuthenticationFilter',
    'exceptionTranslationFilter',
    'filterInvocationInterceptor'
]
相关问题
最新问题