All geek questions in one place

Getting Principal during Grails Spring Security Authentication

I am completing Spring Security implementation in Grails. This is my first implementation in Spring Security - I previously used Acegi.

Here is the problem I am having. In Acegi, I was able to get an authenticated user in the onInteractiveAuthenticationSuccessEvent () callback by accessing the SecurityContextHolder, getting the user principle, and then getting the “live” user from the database. In Spring Security, the SecurityContextHolder seems to be inaccessible - when I try to access it, I get low-level Grails complaints that there is no such method for such and such an object.

So my questions are:

  • How can I access the SecurityContextHolder from onInteractiveAuthenticationSuccessEvent

  • Or is there a better way to get an authenticated principle?

Thanks Dan

+3
source share
1 answer

You may need to update the import - it has changed from Spring Security 2 to 3 - now org.springframework.security.core.context.SecurityContextHolder, but the methods have not changed.

But it’s cleaner to use the springSecurityService function, accessible from an event callback using a variable appCtx:

onInteractiveAuthenticationSuccessEvent = { e, appCtx ->
   def principal = appCtx.springSecurityService.principal
   def user = User.get(principal.id)
}
+3
source

Source: https://habr.com/ru/post/1757008/

More articles:


All Articles