Changeset 167
- Timestamp:
- Oct 26, 2009, 3:16:29 PM (15 years ago)
- Location:
- trunk/grails-app
- Files:
-
- 2 edited
Legend:
- Unmodified
- Added
- Removed
-
trunk/grails-app/controllers/LoginController.groovy
r166 r167 13 13 class LoginController { 14 14 15 16 17 18 15 /** 16 * Dependency injection for the authentication service. 17 */ 18 def authenticateService 19 19 20 21 22 23 20 /** 21 * Dependency injection for OpenIDConsumer. 22 */ 23 def openIDConsumer 24 24 25 26 27 28 25 /** 26 * Dependency injection for OpenIDAuthenticationProcessingFilter. 27 */ 28 def openIDAuthenticationProcessingFilter 29 29 30 30 private final authenticationTrustResolver = new AuthenticationTrustResolverImpl() 31 31 32 33 34 35 36 37 38 39 32 def index = { 33 if (isLoggedIn()) { 34 redirect uri: '/' 35 } 36 else { 37 redirect action: auth, params: params 38 } 39 } 40 40 41 41 def loggedOut = { … … 44 44 } 45 45 46 47 48 49 46 /** 47 * Show the login page. 48 */ 49 def auth = { 50 50 51 51 nocache(response) 52 52 53 54 55 56 53 if (isLoggedIn()) { 54 redirect uri: '/' 55 return 56 } 57 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 58 String view 59 String postUrl 60 def config = authenticateService.securityConfig.security 61 if (config.useOpenId) { 62 view = 'openIdAuth' 63 postUrl = "${request.contextPath}/login/openIdAuthenticate" 64 } 65 else if (config.useFacebook) { 66 view = 'facebookAuth' 67 postUrl = "${request.contextPath}${config.facebook.filterProcessesUrl}" 68 } 69 else { 70 view = 'auth' 71 postUrl = "${request.contextPath}${config.filterProcessesUrl}" 72 } 73 73 74 75 74 render view: view, model: [postUrl: postUrl] 75 } 76 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 77 /** 78 * Form submit action to start an OpenID authentication. 79 */ 80 def openIdAuthenticate = { 81 String openID = params['j_username'] 82 try { 83 String returnToURL = RedirectUtils.buildRedirectUrl( 84 request, response, openIDAuthenticationProcessingFilter.filterProcessesUrl) 85 String redirectUrl = openIDConsumer.beginConsumption(request, openID, returnToURL) 86 redirect url: redirectUrl 87 } 88 catch (org.springframework.security.ui.openid.OpenIDConsumerException e) { 89 log.error "Consumer error: $e.message", e 90 redirect url: openIDAuthenticationProcessingFilter.authenticationFailureUrl 91 } 92 } 93 93 94 95 96 97 98 99 100 101 102 103 104 105 94 // Login page (function|json) for Ajax access. 95 def authAjax = { 96 nocache(response) 97 //this is example: 98 render """ 99 <script type='text/javascript'> 100 (function() { 101 loginForm(); 102 })(); 103 </script> 104 """ 105 } 106 106 107 108 109 110 111 112 113 107 /** 108 * The Ajax success redirect url. 109 */ 110 def ajaxSuccess = { 111 nocache(response) 112 render '{success: true}' 113 } 114 114 115 116 117 118 119 120 121 122 123 115 /** 116 * Show denied page. 117 */ 118 def denied = { 119 if (isLoggedIn() && authenticationTrustResolver.isRememberMe(SCH.context?.authentication)) { 120 // have cookie but the page is guarded with IS_AUTHENTICATED_FULLY 121 redirect action: full, params: params 122 } 123 } 124 124 125 126 127 128 129 130 131 125 /** 126 * Login page for users with a remember-me cookie but accessing a IS_AUTHENTICATED_FULLY page. 127 */ 128 def full = { 129 render view: 'auth', params: params, 130 model: [hasCookie: authenticationTrustResolver.isRememberMe(SCH.context?.authentication)] 131 } 132 132 133 134 135 136 137 133 // Denial page (data|view|json) for Ajax access. 134 def deniedAjax = { 135 //this is example: 136 render "{error: 'access denied'}" 137 } 138 138 139 140 141 142 139 /** 140 * login failed 141 */ 142 def authfail = { 143 143 144 145 144 def username = session[AuthenticationProcessingFilter.SPRING_SECURITY_LAST_USERNAME_KEY] 145 def msg = '' 146 146 def person = Person.findByLoginName(username) 147 148 149 150 151 147 def exception = session[AbstractProcessingFilter.SPRING_SECURITY_LAST_EXCEPTION_KEY] 148 if (exception) { 149 if (exception instanceof DisabledException) { 150 msg = "[$username] is disabled." 151 } 152 152 else if (person.authorities.isEmpty()) { 153 153 msg = "[$username] has no GrantedAuthority." 154 154 } 155 156 157 158 155 else { 156 msg = "[$username] wrong username/password." 157 } 158 } 159 159 160 161 162 163 164 165 166 167 160 if (isAjax()) { 161 render "{error: '${msg}'}" 162 } 163 else { 164 flash.message = msg 165 redirect action: auth, params: params 166 } 167 } 168 168 169 170 171 172 173 174 169 /** 170 * Check if logged in. 171 */ 172 private boolean isLoggedIn() { 173 return authenticateService.isLoggedIn() 174 } 175 175 176 177 178 176 private boolean isAjax() { 177 return authenticateService.isAjax(request) 178 } 179 179 180 181 182 183 184 185 186 187 180 /** cache controls */ 181 private void nocache(response) { 182 response.setHeader('Cache-Control', 'no-cache') // HTTP 1.1 183 response.addDateHeader('Expires', 0) 184 response.setDateHeader('max-age', 0) 185 response.setIntHeader ('Expires', -1) //prevents caching at the proxy server 186 response.addHeader('cache-Control', 'private') //IE5.x only 187 } 188 188 } -
trunk/grails-app/domain/Authority.groovy
r147 r167 1 1 class Authority { 2 2 3 3 static hasMany = [persons: Person] 4 4 5 6 7 8 5 /** description */ 6 String description 7 /** ROLE String */ 8 String authority 9 9 10 11 12 13 10 static constraints = { 11 authority(blank: false, unique: true) 12 description() 13 } 14 14 15 15 String toString() {
Note: See TracChangeset
for help on using the changeset viewer.