use*_*255 3 spring-security multiple-databases grails-2.0
在Grails的2.0.3,我安装了Spring Security的核心,并创建了用户,并的UserRole角色对象按教程:http://blog.springsource.org/2010/08/11/simplified-spring-security-with-grails /
一切顺利,直到我决定添加第二个数据源以准备从其他数据库访问对象.DataSource.groovy看起来像这样:
test {
dataSource_product {
dbCreate = "update"
url = "jdbc:mysql://localhost/products"
pooled = true
driverClassName = "com.mysql.jdbc.Driver"
username = "blah"
password = "blah"
loggingSql = true
dialect = 'org.hibernate.dialect.MySQL5InnoDBDialect'
}
dataSource {
dbCreate = "update"
url = "jdbc:mysql://localhost/core"
pooled = true
driverClassName = "com.mysql.jdbc.Driver"
username = "blah"
password = "blah"
loggingSql = true
dialect = 'org.hibernate.dialect.MySQL5InnoDBDialect'
}
}
现在我无法登录 - 即使我所做的只是添加datasource_product.如果我对此进行评论并重新创建用户(在Bootstrap.groovy中),那么我可以再次登录.Bootstrap.groovy包含:
def init =
{ servletContext ->
// Add in roles
Role.withTransaction {
def adminRole = Role.findByAuthority ( Role.ROLE_ADMIN ) ?: new Role ( authority: Role.ROLE_ADMIN ).save ( failOnError: true )
def adminUser = User.findByUsername ( 'admin' ) ?: new User (
username: 'blah',
password: 'blah',
enabled: true ).save ( failOnError: true )
if ( !adminUser.authorities.contains ( adminRole ) ) UserRole.create ( adminUser, adminRole )
}
有任何想法吗?
Gaaaahh.发现这个:http://jira.grails.org/browse/GRAILS-8237 - 显然,beforeInsert在每个域上为每个数据源调用.这意味着,在我的User对象中,encodePassword被调用两次 - 我是对密码进行双重编码:
def beforeInsert() {
encodePassword()
}
def beforeUpdate() {
if (isDirty('password'))
encodePassword()
}
protected void encodePassword() {
password = springSecurityService.encodePassword(password)
}
我在JIRA中看到了一个补丁,但在它进入发布之前,我使用isPasswordEncoded标志创建了一个解决方法,以防止用户中的多个编码:
class User {
boolean isPasswordEncoded = false
....snip....
def beforeInsert() {
if ( !isPasswordEncoded )
{
isPasswordEncoded = true
encodePassword ()
}
}
def beforeUpdate() {
if (isDirty('password')) {
isPasswordEncoded = false
encodePassword()
}
}
....snip....
}
| 归档时间: |
|
| 查看次数: |
1762 次 |
| 最近记录: |