I am using Grails with the Spring Security plugin.
I have crafted a custom filter, authentication provider, and token and registered them as beans and into filter chain:
SpringSecurityUtils.clientRegisterFilter('myFilter',SecurityFilterPosition.SECURITY_CONTEXT_FILTER.order + 10)
(I am not really sure what the order should be)
I POST to j_spring_security_check
.
All seems to run smoothly to my successfulAuthentication where I set:
SecurityContextHolder.getContext().setAuthentication开发者_开发问答(authResult);
with no errors and SecurityContextHolder.getContext().getAuthentication()
is set.
However Grails redirects me to login failed page.
Is something wrong with the j_spring_security_check
page? Where is the error?
It was the url j_spring_security_check - it somehow rewrote the security context. So on using custom filters DO NOT use post url "j_spring_security_check", not necessary also.
精彩评论