Discussion:
Custom success/failure handler with spring security plugin
cloudwalker84
2013-12-19 18:58:19 UTC
Permalink
I'm trying to use some custom handlers for authentication failure/success
with the spring security plugin but I can't get it to work. Based on some
stuff I read I putt he following in my resources.groovy:

authSuccessHandler(com.test.springsecurity.LoginSuccessHandler)
authenticationFailureHandler(com.test.springsecurity.LoginFailureHandler)

My LoginSuccessHandler looks like this:

class LoginSuccessHandler extends
SavedRequestAwareAuthenticationSuccessHandler {
@Override
protected String determineTargetUrl(HttpServletRequest request,
HttpServletResponse response) {
String targetUrl = super.determineTargetUrl(request);
String value = request.getParameter("lineOfBusinessUuid");
if (value != null) {
if (targetUrl.indexOf('?') > 0) {
targetUrl += "&lineOfBusinessUuid=" + value;
} else {
targetUrl += "?lineOfBusinessUuid=" + value;
}
}
return targetUrl;
}
}

It never uses my custom handler though. Is there something else that I need
to do to wire this up correctly? On a side note, I'm also using the
"grails.plugin.springsecurity.successHandler.defaultTargetUrl =
''/someCustomUrl" property in my Config.groovy, and this never seems to get
set on the login handler either. It's always just defaulting to '/'



--
View this message in context: http://grails.1312388.n4.nabble.com/Custom-success-failure-handler-with-spring-security-plugin-tp4652671.html
Sent from the Grails - user mailing list archive at Nabble.com.

---------------------------------------------------------------------
To unsubscribe from this list, please visit:

http://xircles.codehaus.org/manage_email
burtbeckwith
2013-12-19 19:05:02 UTC
Permalink
You can't use random bean names - you have to use the same ones the plugin
uses. In this case there's a custom subclass of
SavedRequestAwareAuthenticationSuccessHandler registered as the
"authenticationSuccessHandler" bean:

authenticationSuccessHandler(AjaxAwareAuthenticationSuccessHandler) {
requestCache = ref('requestCache')
defaultTargetUrl = conf.successHandler.defaultTargetUrl // '/'
alwaysUseDefaultTargetUrl = conf.successHandler.alwaysUseDefault // false
targetUrlParameter = conf.successHandler.targetUrlParameter //
'spring-security-redirect'
ajaxSuccessUrl = conf.successHandler.ajaxSuccessUrl //
'/login/ajaxSuccess'
useReferer = conf.successHandler.useReferer // false
redirectStrategy = ref('redirectStrategy')
}

and the authenticationFailureHandler bean is defined as

authenticationFailureHandler(AjaxAwareAuthenticationFailureHandler) {
redirectStrategy = ref('redirectStrategy')
defaultFailureUrl = conf.failureHandler.defaultFailureUrl
//'/login/authfail?login_error=1'
useForward = conf.failureHandler.useForward // false
ajaxAuthenticationFailureUrl = conf.failureHandler.ajaxAuthFailUrl //
'/login/authfail?ajax=true'
exceptionMappings = conf.failureHandler.exceptionMappings // [:]
allowSessionCreation = conf.failureHandler.allowSessionCreation // true
}

See SpringSecurityCoreGrailsPlugin.groovy for all of the bean definitions.

Burt
Post by cloudwalker84
I'm trying to use some custom handlers for authentication failure/success
with the spring security plugin but I can't get it to work. Based on some
authSuccessHandler(com.test.springsecurity.LoginSuccessHandler)
authenticationFailureHandler(com.test.springsecurity.LoginFailureHandler)
class LoginSuccessHandler extends
SavedRequestAwareAuthenticationSuccessHandler {
@Override
protected String determineTargetUrl(HttpServletRequest request,
HttpServletResponse response) {
String targetUrl = super.determineTargetUrl(request);
String value = request.getParameter("lineOfBusinessUuid");
if (value != null) {
if (targetUrl.indexOf('?') > 0) {
targetUrl += "&lineOfBusinessUuid=" + value;
} else {
targetUrl += "?lineOfBusinessUuid=" + value;
}
}
return targetUrl;
}
}
It never uses my custom handler though. Is there something else that I
need to do to wire this up correctly? On a side note, I'm also using the
"grails.plugin.springsecurity.successHandler.defaultTargetUrl =
''/someCustomUrl" property in my Config.groovy, and this never seems to
get set on the login handler either. It's always just defaulting to '/'
--
View this message in context: http://grails.1312388.n4.nabble.com/Custom-success-failure-handler-with-spring-security-plugin-tp4652671p4652673.html
Sent from the Grails - user mailing list archive at Nabble.com.

---------------------------------------------------------------------
To unsubscribe from this list, please visit:

http://xircles.codehaus.org/manage_email
cloudwalker84
2013-12-19 19:38:52 UTC
Permalink
Ah, thanks. I didn't realize that I had the wrong bean names :). I got those
off of another thread somewhere and just assumed them to be correct. That
clears that one up though.

However, do you know any reason why the
grails.plugin.springsecurity.successHandler.defaultTargetUrl property is not
working for me? I see it calling the
AbstractAuthenticationTargetUrlRequestHandler.setDefaultTargetUrl with the
correct URL, but when the login event happens and the determineTargetUrl
method gets called, the defaultTargetUrl is now still just '/'. I don't see
the setter for the property get called again though, so I'm not sure where
it'd be getting overwritten from.



--
View this message in context: http://grails.1312388.n4.nabble.com/Custom-success-failure-handler-with-spring-security-plugin-tp4652671p4652675.html
Sent from the Grails - user mailing list archive at Nabble.com.

---------------------------------------------------------------------
To unsubscribe from this list, please visit:

http://xircles.codehaus.org/manage_email
cloudwalker84
2013-12-19 20:01:35 UTC
Permalink
Nevermind, I figured it out. I was defining my success handler after my
custom authenticationProcessingFilter, so the filter ended up getting the
default version of the handler injected, and that was causing some
funkiness. Thanks for your help!



--
View this message in context: http://grails.1312388.n4.nabble.com/Custom-success-failure-handler-with-spring-security-plugin-tp4652671p4652677.html
Sent from the Grails - user mailing list archive at Nabble.com.

---------------------------------------------------------------------
To unsubscribe from this list, please visit:

http://xircles.codehaus.org/manage_email

Loading...