问题
Is there a way to do that without using a POST request to "j_spring_security_check"?
回答1:
I needed the same thing (in my case I wanted to log in a user after they created a new account), so I dug around in the generated RegistrationService and found this is how it is done:
import org.springframework.security.providers.UsernamePasswordAuthenticationToken as AuthToken
import org.springframework.security.context.SecurityContextHolder as SCH
class UserService {
/** The authentication provider. */
def daoAuthenticationProvider
def doLogin(user) {
// note: must use the unhashed password here
def token = new AuthToken(user.email, user.password)
def auth = daoAuthenticationProvider.authenticate(token)
// log the user in
SCH.context.authentication = auth
}
}
Hope that helps.
Note: In my example, I use the email/password to login. The AuthToken constructor takes whatever you us as your username/password.
来源:https://stackoverflow.com/questions/2268266/grails-acegi-manual-login