Changeset 2180


Ignore:
Timestamp:
Mar 12, 2012, 12:16:52 PM (8 years ago)
Author:
work@…
Message:
  • adding support for programmatic logins using the 'hello' method in the restController over http basic authentication.
  • e.g. /rest/hello?consumer=myConsumerId
Location:
trunk/grails-app
Files:
3 edited

Legend:

Unmodified
Added
Removed
  • trunk/grails-app/conf/BootStrap.groovy

    r1815 r2180  
    3838                // define timezone
    3939                System.setProperty('user.timezone', 'CET')
     40
     41                // set up a client (=external program) role if it does not exist
     42                def clientRole = SecRole.findByAuthority('ROLE_CLIENT') ?: new SecRole(authority: 'ROLE_CLIENT').save(failOnError: true)
    4043
    4144                // set up authentication (if required)
  • trunk/grails-app/conf/Config.groovy

    r2179 r2180  
    109109grails.plugins.springsecurity.successHandler.targetUrlParameter = 'spring-security-redirect'
    110110
     111// Spring Security configuration
     112grails.plugins.springsecurity.useBasicAuth = true
     113grails.plugins.springsecurity.basic.realmName = "Authentication Required"
     114grails.plugins.springsecurity.useSessionFixationPrevention = true
     115grails.plugins.springsecurity.filterChain.chainMap = [
     116        '/rest/hello': 'JOINED_FILTERS,-exceptionTranslationFilter',
     117        '/**': 'JOINED_FILTERS,-basicAuthenticationFilter,-basicExceptionTranslationFilter'
     118]
     119
    111120// Needed for the (copy of) the Spring Security UI plugin
    112121grails.mail.default.from = 'gscf@dbnp.org'
  • trunk/grails-app/controllers/RestController.groovy

    r2095 r2180  
    2222import nl.metabolomicscentre.dsp.http.BasicAuthentication
    2323import dbnp.rest.common.CommunicationManager
    24 import org.springframework.security.core.context.SecurityContextHolder;
     24import org.springframework.security.core.context.SecurityContextHolder
     25import grails.plugins.springsecurity.Secured;
    2526
    2627class RestController {
     
    3435        def credentials
    3536        def requestUser
     37
     38        @Secured(['ROLE_CLIENT'])
     39        def hello = {
     40                // client was authorized over basic http authentication
     41                // (also see spring security section in Config.groovy)
     42                // for now just return the token to authenticate with
     43
     44                // got a consumer?
     45                if (!params.containsKey('consumer')) {
     46                        // no
     47                        response.status = 400;
     48
     49                        def result = ['error':"Consumer required"]
     50
     51                        if (params.containsKey('callback')) {
     52                                render "${params.callback}(${result as JSON})"
     53                        } else {
     54                                render result as JSON
     55                        }
     56                } else {
     57                        // yes
     58                        // create a random session token that will be used to allow to module to
     59                        // sync with gscf prior to presenting the measurement data
     60                        def sessionToken = UUID.randomUUID().toString()
     61
     62                        def result = ['token': sessionToken]
     63
     64                        // put the session token to work
     65                        authenticationService.logInRemotely( params.get('consumer'), sessionToken, authenticationService.getLoggedInUser())
     66
     67                        response.status = 200;
     68                        if (params.containsKey('callback')) {
     69                                render "${params.callback}(${result as JSON})"
     70                        } else {
     71                                render result as JSON
     72                        }
     73                }
     74        }
    3675
    3776        /**
     
    109148         *
    110149         * If one study is requested, a 404 error might occur if the study doesn't exist, and a 401 error if the user is not
    111          * authorized to access this study. If multiple studies are requrested, non-existing studies or studies for which the
     150         * authorized to access this study. If multiple studies are requested, non-existing studies or studies for which the
    112151         * user is not authorized are not returned in the list (so the list might be empty).
    113152         *
Note: See TracChangeset for help on using the changeset viewer.