您可以檢查是否請求是通過使用ajaxrequest:
springSecurityService.isAjax(請求)
我決定寫我自己的ajaxSubmit的控制器動作,因爲我遇到了一些麻煩重定向問題作爲好。我純粹是爲了證明概念,所以這個例子可能不是那裏最好的。
def ajaxSubmit = {
if(!springSecurityService.isAjax(request)) {
redirect action: "authfail"
return
}
def token = new UsernamePasswordAuthenticationToken(params.j_username, params.j_password)
try {
UserDetails userDetails = userDetailsService.loadUserByUsername(params.j_username)
token.setDetails(userDetails)
} catch (UsernameNotFoundException unfe) {
request.getSession().setAttribute(WebAttributes.AUTHENTICATION_EXCEPTION, unfe)
redirect action: "authfail"
return
}
try {
def authSession = authenticationManager.authenticate(token)
SCH.getContext().setAuthentication(authSession)
redirect action: "ajaxSuccess"
return
} catch (AuthenticationException ae) {
request.getSession().setAttribute(WebAttributes.AUTHENTICATION_EXCEPTION, ae)
redirect action: "authfail"
return
}
}