1 | /* Copyright 2006-2009 the original author or authors. |
---|
2 | * |
---|
3 | * Licensed under the Apache License, Version 2.0 (the "License"); |
---|
4 | * you may not use this file except in compliance with the License. |
---|
5 | * You may obtain a copy of the License at |
---|
6 | * |
---|
7 | * http://www.apache.org/licenses/LICENSE-2.0 |
---|
8 | * |
---|
9 | * Unless required by applicable law or agreed to in writing, software |
---|
10 | * distributed under the License is distributed on an "AS IS" BASIS, |
---|
11 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |
---|
12 | * See the License for the specific language governing permissions and |
---|
13 | * limitations under the License. |
---|
14 | */ |
---|
15 | package org.grails.plugins.springsecurity.controller |
---|
16 | |
---|
17 | import org.grails.plugins.springsecurity.service.AuthenticateService |
---|
18 | |
---|
19 | import org.springframework.security.context.SecurityContextHolder as SCH |
---|
20 | import org.springframework.web.servlet.support.RequestContextUtils as RCU |
---|
21 | |
---|
22 | /** |
---|
23 | * [Example] Controllers Base class for to use Spring Security (authentication and authorization). |
---|
24 | * Usage: class SomeController extends AuthBase { } |
---|
25 | * @author T.Yamamoto |
---|
26 | */ |
---|
27 | class AuthBase { |
---|
28 | |
---|
29 | /** Authenticate Service */ |
---|
30 | def authenticateService |
---|
31 | |
---|
32 | /** Authenticated user domain instance */ |
---|
33 | def loginUser |
---|
34 | |
---|
35 | /** is user logged on or not */ |
---|
36 | boolean logon |
---|
37 | |
---|
38 | /** principal */ |
---|
39 | def authPrincipal |
---|
40 | |
---|
41 | /** is Admin */ |
---|
42 | boolean isAdmin |
---|
43 | |
---|
44 | /** Locale */ |
---|
45 | Locale locale |
---|
46 | |
---|
47 | /** main request permission setting */ |
---|
48 | def requestAllowed |
---|
49 | |
---|
50 | def beforeInterceptor = { |
---|
51 | if (requestAllowed != null && !authenticateService.ifAnyGranted(requestAllowed)) { |
---|
52 | println 'request not allowed: ' + requestAllowed |
---|
53 | redirect(uri: '/') |
---|
54 | return |
---|
55 | } |
---|
56 | |
---|
57 | authPrincipal = SCH?.context?.authentication?.principal |
---|
58 | if (authPrincipal != null && authPrincipal != 'anonymousUser') { |
---|
59 | loginUser = authPrincipal?.domainClass |
---|
60 | logon = true |
---|
61 | isAdmin = authenticateService.ifAnyGranted('ROLE_SUPERVISOR') |
---|
62 | } |
---|
63 | |
---|
64 | /* i18n: if lang params */ |
---|
65 | if (params['lang']) { |
---|
66 | locale = new Locale(params['lang']) |
---|
67 | RCU.getLocaleResolver(request).setLocale(request,response,locale) |
---|
68 | session.lang = params['lang'] |
---|
69 | } |
---|
70 | /* need this for jetty */ |
---|
71 | if (session.lang != null) { |
---|
72 | locale = new Locale(session.lang) |
---|
73 | RCU.getLocaleResolver(request).setLocale(request,response,locale) |
---|
74 | } |
---|
75 | if (locale == null) { |
---|
76 | locale = RCU.getLocale(request) |
---|
77 | } |
---|
78 | |
---|
79 | /* cache */ |
---|
80 | response.setHeader('Cache-Control','no-cache') // HTTP 1.1 |
---|
81 | response.setDateHeader('max-age', 0) |
---|
82 | response.setIntHeader ('Expires', -1) //prevents caching at the proxy server |
---|
83 | response.addHeader('cache-Control', 'private') //IE5.x only |
---|
84 | } |
---|
85 | } |
---|