问题
I am using the Grails Spring Security Core Plugin to secure a certain action using the following annotation.
@Secured(['IS_AUTHENTICATED_REMEMBERED'])
This causes the action to redirect to my login page if the user is not logged in. Once they are logged in they are then redirected to the original action.
How can I add a flash message to the login page in this scenario, i.e.
flash.message = "You must be logged in to submit a news story"
To clarify, I would only want the message to be displayed if the user was redirected to the login page after attempting to access this specific action. Other actions would not trigger the message.
回答1:
I have solved this as follows.
- Remote the annotation from the action.
Add the following code at the beginning of the action (news and submit being the relevant controller and action respectively).
if (!springSecurityService.isLoggedIn()) { flash.message = "You must be logged in to submit a news story." redirect(controller:"login", action: "auth", params:["spring-security-redirect" : "/news/submit"]) }Add the following to the login form.
<input type='hidden' name='spring-security-redirect' value='${params['spring-security-redirect']}'/>
回答2:
Add, for example, this to your login view:
<sec:noAccess url="/admin/listUsers">
You must be logged in to view the list of users.
</sec:noAccess>
See the security taglib's documentation.
来源:https://stackoverflow.com/questions/4185261/grails-spring-security-core-plugin-adding-flash-message-to-login-page