问题
I use Grails + spring-security + LDAP to authenticate users. The authentication works now but I need the plain text password to authenticate a second service.
I tried the SpringSecurityService properties but none contains the password.
Do I have to implement my own UserDetailsMapper or does the LdapUserDetailsMapper also provide the mapping of the plain text password retrieved from the web form?
回答1:
You can get the credentials from the org.springframework.security.core.context.SecurityContextHolder. However, I really don't think it is a good idea to use this. You will not be able to use the 'remember-me' nor the 'run-as' or 'switch-user' functionality, because thne the credentials would not contain the current user's password (they will probably be null). Also, I don't think you would get the plaintext password if using anything other than basic HTML authentication or form authentication.
Anyhow, SecurityContextHolder.getContext().getAuthentication().getCredentials() will get you the plaintext password if using form authentication.
来源:https://stackoverflow.com/questions/5088319/how-can-i-get-plaintext-password-from-spring-security