Commits

明点软件 committed 81af8f1

改进

Comments (0)

Files changed (10)

SpringSecurityTaobaoGrailsPlugin.groovy

 import java.util.List
 
+import org.codehaus.groovy.grails.plugins.springsecurity.SpringSecurityUtils
 import org.codehaus.groovy.grails.plugins.springsecurity.SecurityFilterPosition
-import org.codehaus.groovy.grails.plugins.springsecurity.SpringSecurityUtils
-import org.springframework.security.core.session.SessionRegistryImpl
-import org.springframework.security.web.authentication.session.ConcurrentSessionControlStrategy
-import org.springframework.security.web.session.ConcurrentSessionFilter
-
 import com.mingidea.security.taobao.*
 
 class SpringSecurityTaobaoGrailsPlugin {
     // the plugin version
-    def version = "0.3.9"
+    def version = "0.8"
     // the version or versions of Grails the plugin is designed for
     def grailsVersion = "1.3.7 > *"
     // the other plugins this plugin depends on
     ]
 
     def author = "Simon Leung"
-    def authorEmail = "simon.leung@mingidea.com"
+    def authorEmail = "simon.r.leung@gmail.com"
     def title = "Taobao open authentication support for the Spring Security plugin."
     def description = "Taobao open authentication support for the Spring Security plugin."
 
 
         SpringSecurityUtils.registerProvider 'taobaoAuthenticationProvider'
         SpringSecurityUtils.registerFilter 'taobaoAuthenticationFilter', SecurityFilterPosition.OPENID_FILTER
-        SpringSecurityUtils.registerFilter 'concurrentSessionFilter', SecurityFilterPosition.CONCURRENT_SESSION_FILTER
 
         taobaoAuthenticationProvider(TaobaoAuthenticationProvider) {
             appSecretMap = conf.taobao.appSecretMap
-            authenticationUserDetailsService = ref('taobaoAuthenticationUserDetailsService')
+            taobaoAuthenticationDao = ref('taobaoAuthenticationDao')
         }
 
         taobaoAuthenticationFilter(TaobaoAuthenticationProcessingFilter){
             rememberMeServices = ref('rememberMeServices')
             allowSessionCreation = conf.apf.allowSessionCreation
         }
-
-        taobaoAuthenticationUserDetailsService(TaobaoAuthenticationUserDetailsService) {
-            grailsApplication = ref('grailsApplication')
-        }
-        
-        sessionAuthenticationStrategy(ConcurrentSessionControlStrategy, ref('sessionRegistry')) {
-            maximumSessions = conf.maxConcurrentSessions //default is -1 for unlimited sessions
-        }
-        
-        concurrentSessionFilter(ConcurrentSessionFilter) {
-            sessionRegistry = ref('sessionRegistry')
-            expiredUrl = conf.expiredUrl
-        }
-		
-        sessionRegistry(SessionRegistryImpl)
     }
 
     def doWithApplicationContext = { applicationContext ->
-        def userDetailsService = applicationContext.getBean('taobaoAuthenticationUserDetailsService')
-        if(!(userDetailsService instanceof TaobaoAuthenticationUserDetailsService)) {
-            return  
-        }
-        def conf = SpringSecurityUtils.securityConfig
-        if (!conf || !conf.active) {
-            return
-        }
-
-        String userClassName = conf.userLookup.userDomainClassName
-        def userClass = applicationContext.grailsApplication.getClassForName(userClassName)
-        String taobaoAccountsPropertyName = conf.taobao.userLookup.accountsPropertyName
-        if (userClass && taobaoAccountsPropertyName && !userClass.newInstance().hasProperty(taobaoAccountsPropertyName)) {
-            println """
-ERROR: Your configuration specifies
-
-   grails.plugins.springsecurity.taobao.userLookup.accountsPropertyName='${taobaoAccountsPropertyName}'
-
-for $conf.userLookup.userDomainClassName but there's no property with that name in your user class;
-either add a hasMany for the OpenID strings:
-
-   static hasMany = [${taobaoAccountsPropertyName}: TaobaoAccount]
-
-or set the property to null in Config.groovy if you aren't supporting associating taobaoAccounts with local accounts.
-"""
-
-            // reset the property in case the user doesn't restart to avoid ugly exceptions
-            conf.openid.userLookup.taobaoAccountsPropertyName = ''
-        }
     }
 }

grails-app/conf/BuildConfig.groovy

         runtime('commons-codec:commons-codec:1.5'){
             transitive:false
         }
-        runtime ':spring-security-taobao:0.1'
+        runtime ':spring-security-taobao:0.2'
     }
 }

grails-app/conf/Config.groovy

-import grails.plugins.springsecurity.SecurityConfigType
 
 // configuration for plugin testing - will not be included in the plugin zip
  
     //
     
     root {
-        debug 'stdout'
+        info 'stdout'
     }
     appenders {
         console name:'stdout', layout:pattern(conversionPattern: '%c{2} %m%n')
            'org.codehaus.groovy.grails.orm.hibernate', // hibernate integration
            'org.springframework',
            'org.hibernate',
-           'net.sf.ehcache.hibernate'
+           'net.sf.ehcache.hibernate',
+		   'org.springframework.security',
+		   'com.mingidea.security',
+		   'grails.plugins.springsecurity',
+		   'org.codehaus.groovy.grails.plugins.springsecurity'
 
     warn   'org.mortbay.log'
 }
 //test_app_1的appkey 和 appscert
 grails.plugins.springsecurity.taobao.appSecretMap = ['12264981' : '4aaaabc0a7057c3fd36b8de889d4aa65']
 
-grails.plugins.springsecurity.securityConfigType = SecurityConfigType.InterceptUrlMap
+grails.plugins.springsecurity.securityConfigType = "InterceptUrlMap"
 grails.plugins.springsecurity.interceptUrlMap = [
     '/secure/**':    ['ROLE_USER'],
     '/admin**':   ['ROLE_ADMIN', 'IS_AUTHENTICATED_FULLY']

grails-app/conf/DefaultTaobaoSecurityConfig.groovy

     taobao {
         //appKey -> appSecret
         appSecretMap = [:]
-        accountDomainClassName = 'TaobaoAccount'
         active = true
-        
-        userLookup {
-            accountsPropertyName = 'taobaoAccounts'
-        }
-        
-        accountLookup {
-            nickPropertyName = 'nick'
-            accountOwnerPropertyName = 'owner'
-        }
     }
 }

grails-app/conf/spring/resources.groovy

+import test.TestTaobaoAuthenticationDao
+
+beans = {
+    taobaoAuthenticationDao(TestTaobaoAuthenticationDao) {
+
+    }
+}
Add a comment to this file

lib/spring-security-taobao-0.1.jar

Binary file removed.

Add a comment to this file

lib/spring-security-taobao-0.2.jar

Binary file added.

   <title>Taobao open authentication support for the Spring Security plugin.</title>
   <description>Taobao open authentication support for the Spring Security plugin.</description>
   <documentation>http://grails.org/plugin/spring-security-taobao</documentation>
+  <type>SpringSecurityTaobaoGrailsPlugin</type>
   <resources>
     <resource>BootStrap</resource>
-    <resource>BuildConfig</resource>
-    <resource>Config</resource>
-    <resource>DataSource</resource>
     <resource>DefaultTaobaoSecurityConfig</resource>
-    <resource>UrlMappings</resource>
     <resource>test.AdminController</resource>
     <resource>test.LoginController</resource>
     <resource>test.LogoutController</resource>
     <resource>test.User</resource>
     <resource>test.UserRole</resource>
   </resources>
+  <repositories>
+    <repository name='grailsCentral' url='http://plugins.grails.org' />
+    <repository name='http://repo.grails.org/grails/plugins' url='http://repo.grails.org/grails/plugins/' />
+    <repository name='http://repo.grails.org/grails/core' url='http://repo.grails.org/grails/core/' />
+    <repository name='grailsCore' url='http://svn.codehaus.org/grails/trunk/grails-plugins' />
+    <repository name='ebrRelease' url='http://repository.springsource.com/maven/bundles/release/' />
+    <repository name='ebrExternal' url='http://repository.springsource.com/maven/bundles/external/' />
+    <repository name='mavenCentral' url='http://repo1.maven.org/maven2/' />
+    <repository name='http://snapshots.repository.codehaus.org' url='http://snapshots.repository.codehaus.org/' />
+    <repository name='http://repository.codehaus.org' url='http://repository.codehaus.org/' />
+    <repository name='http://download.java.net/maven/2/' url='http://download.java.net/maven/2/' />
+    <repository name='http://repository.jboss.com/maven2/' url='http://repository.jboss.com/maven2/' />
+  </repositories>
   <dependencies>
+    <runtime>
+      <dependency group='' name='spring-security-taobao' version='0.1' />
+      <dependency group='commons-codec' name='commons-codec' version='1.5' />
+    </runtime>
+  </dependencies>
+  <plugins />
+  <runtimePluginRequirements>
     <plugin name='springSecurityCore' version='1.2.7 &gt; *' />
-  </dependencies>
+  </runtimePluginRequirements>
   <behavior />
 </plugin>

src/groovy/com/mingidea/security/taobao/TaobaoAuthenticationUserDetailsService.groovy

-package com.mingidea.security.taobao
-
-import java.util.Collection
-
-import org.codehaus.groovy.grails.commons.GrailsApplication
-import org.codehaus.groovy.grails.plugins.springsecurity.GormUserDetailsService
-import org.codehaus.groovy.grails.plugins.springsecurity.SpringSecurityUtils
-import org.springframework.security.core.Authentication
-import org.springframework.security.core.GrantedAuthority
-import org.springframework.security.core.authority.GrantedAuthorityImpl
-import org.springframework.security.core.userdetails.AuthenticationUserDetailsService
-import org.springframework.security.core.userdetails.UserDetails
-import org.springframework.security.core.userdetails.UsernameNotFoundException
-
-class TaobaoAuthenticationUserDetailsService extends GormUserDetailsService implements AuthenticationUserDetailsService {
-    GrailsApplication grailsApplication
-
-    @Override
-    public UserDetails loadUserDetails(Authentication auth) throws UsernameNotFoundException {
-        def conf = SpringSecurityUtils.securityConfig
-        def taobaoAccountClassName = conf.taobao.accountDomainClassName
-        Class<?> TaobaoAccount = grailsApplication.getDomainClass(taobaoAccountClassName).clazz
-
-        String taobaoNick = auth.principal
-
-        TaobaoAccount.withTransaction { status ->
-            def nickPropertyName = conf.taobao.accountLookup.nickPropertyName
-            def taobaoAccount = TaobaoAccount.findWhere((nickPropertyName) : taobaoNick)
-            if(!taobaoAccount) {
-                throw new UsernameNotFoundException('Taobao user not found: ' + taobaoNick);  
-            } 
-            
-            def accountOwnerPropertyName = conf.taobao.accountLookup.accountOwnerPropertyName
-            def user = taobaoAccount."$accountOwnerPropertyName"
-            
-            if(!user) {
-                log.warn "Taobao account not found: $taobaoNick"
-                throw new UsernameNotFoundException('Taobao account not found', taobaoNick)
-            }
-            
-            def usernamePropertyName = conf.userLookup.usernamePropertyName
-            Collection<GrantedAuthority> authorities = loadAuthorities(user, user."$usernamePropertyName", true)
-            return createUserDetails(user, authorities)
-        }
-    }
-}

src/groovy/com/mingidea/security/taobao/util/ExSpringSecurityUtils.groovy

-package com.mingidea.security.taobao.util
-
-import org.codehaus.groovy.grails.commons.ApplicationHolder
-import org.springframework.context.ApplicationContext
-import org.springframework.security.core.session.SessionRegistry
-import org.springframework.security.core.userdetails.User
-
-/**
- * 扩展SpringSecurityUtils的功能
- * @return
- */
-class ExSpringSecurityUtils {
-    /**
-     * 注意:必须启用<a href="http://bit.ly/jLdsEx">HttpSessionEventPublisher</a>
-     * 否则无法注销过期的Session,配置Spring Security Grails Plugin的useHttpSessionEventPublisher=true既可
-     * @return
-     */
-    static List getAllPrincipals() {
-        return getSessionRegistry().getAllPrincipals()
-    }
-    
-	static boolean expireSessionByUsername(String userName) { 
-		List allPrincipals = getAllPrincipals()
-		
-		def principal = allPrincipals.find{it.username == username}
-		if(!principal) {
-			return false
-		}
-		
-		return expireSessionByPrincipal(principal)
-	}
-	
-	static boolean expireSessionByPrincipal(principal) {
-		List sessions = sessionRegistry.getAllSessions(principal, false)
-		sessions.each{
-			it.expireNow()
-		}
-		return sessions.size() > 0
-	}
-    
-    private static SessionRegistry getSessionRegistry() {
-        ApplicationContext applicationContext = ApplicationHolder.application.mainContext
-        return applicationContext.getBean('sessionRegistry')
-    }
-}
Tip: Filter by directory path e.g. /media app.js to search for public/media/app.js.
Tip: Use camelCasing e.g. ProjME to search for ProjectModifiedEvent.java.
Tip: Filter by extension type e.g. /repo .js to search for all .js files in the /repo directory.
Tip: Separate your search with spaces e.g. /ssh pom.xml to search for src/ssh/pom.xml.
Tip: Use ↑ and ↓ arrow keys to navigate and return to view the file.
Tip: You can also navigate files with Ctrl+j (next) and Ctrl+k (previous) and view the file with Ctrl+o.
Tip: You can also navigate files with Alt+j (next) and Alt+k (previous) and view the file with Alt+o.