个人中心
gpt4 book ai didi

spring - 如何将值添加到 Spring SecurityContextHolder

转载 作者:行者123 更新时间:2023-12-03 12:12:02 24 4
gpt4 key购买 nike

我有登录参数

1.userName

2.password

3.companyId

我使用以下代码获得了用户名和密码 
 Authentication auth = SecurityContextHolder.getContext().getAuthentication();

 String name = auth.getName();

 String pwd = auth.getCredentials();

 String companyId= ???//How can i set and then get company Id here.

我的问题是如何使用 SecurityContextHolder 获得额外的登录参数(companyId)?

提取类可能不是 Spring Controller 。这就是我使用的原因
SecurityContextHolder 而不是 HttpSession。

谢谢,

最佳答案

创建简单的 SpringSecurityFilter 过滤器。使用 setDetails 方法为用户放置额外的详细信息。

package org.example;  
public class CustomDeatilsSecurityFilter extends SpringSecurityFilter {

   protected void doFilterHttp(HttpServletRequest request, HttpServletResponse response, FilterChain chain) {
      SecurityContext sec = SecurityContextHolder.getContent();
      AbstractAuthenticationToken auth = (AbstractAuthenticationToken)sec.getAuthentication();
      HashMap<String, Object> info = new HashMap<String, Object>();
      info.put("companyId", 42);
      auth.setDetails(info);
   }

}

像这样将它添加到 Spring Security Filter Chain(这不是 web.xml,而是类似于 applicationContext-security.xml): 
<bean id="customDeatilsSecurityFilter" class="org.example.CustomDeatilsSecurityFilter">
   <custom-filter position="LAST" />
</bean>

然后在代码中的某处你可以做这样的事情: 
Map<String, Object> info = (Map<String, Object>)SecurityContextHolder.getContext().getAuthentication.getDetails();  
int companyId = info.get("companyId");

Spring Security 的基本安装
在 web.xml 中 
<context-param>
    <param-name>patchConfigLocation</param-name>
    <param-value>
        classpath:/applicationContext.xml
       /WEB-INF/applicationContext-datasource.xml
       /WEB-INF/applicationContext-security.xml
    </param-value>
</context-param>

<filter>
    <filter-name>springSecurityFilterChain</filter-name>
    <filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
</filter>

<filter-mapping>
    <filter-name>springSecurityFilterChain</filter-name>
    <url-pattern>/*</url-pattern>
</filter-mapping>

在 applicationContext-security.xml 中 
<?xml version="1.0" encoding="UTF-8"?>

<beans xmlns="http://www.springframework.org/schema/beans"
    xmlns:p="http://www.springframework.org/schema/p"
    xmlns:sec="http://www.springframework.org/schema/security"
    xmlns:context="http://www.springframework.org/schema/context"
    xmlns:util="http://www.springframework.org/schema/util"
    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
    xsi:schemaLocation="
        http://www.springframework.org/schema/beans
        http://www.springframework.org/schema/beans/spring-beans-3.2.xsd
        http://www.springframework.org/schema/context
        http://www.springframework.org/schema/context/spring-context-3.2.xsd
        http://www.springframework.org/schema/security
        http://www.springframework.org/schema/security/spring-security-3.1.xsd
        http://www.springframework.org/schema/util
        http://www.springframework.org/schema/util/spring-util-3.2.xsd">  
...
    <bean id="customDeatilsSecurityFilter" class="org.example.CustomDeatilsSecurityFilter">
       <custom-filter position="LAST" />
    </bean>
...

在项目的 pom.xml 中 
    <!-- Spring Security -->
    <dependency>
        <groupId>org.springframework.security</groupId>
        <artifactId>spring-security-web</artifactId>
        <version>3.1.3.RELEASE</version>
    </dependency>
    <dependency>
        <groupId>org.springframework.security</groupId>
        <artifactId>spring-security-config</artifactId>
        <version>3.1.3.RELEASE</version>
    </dependency>
    <dependency>
        <groupId>org.springframework.security</groupId>
        <artifactId>spring-security-core</artifactId>
        <version>3.1.3.RELEASE</version>
    </dependency>
    <dependency>
        <groupId>org.springframework.security</groupId>
        <artifactId>spring-security-acl</artifactId>
        <version>3.1.3.RELEASE</version>
    </dependency>
    <dependency>
        <groupId>org.springframework.security</groupId>
        <artifactId>spring-security-taglibs</artifactId>
        <version>3.1.3.RELEASE</version>
    </dependency>
    <!-- !Spring Security -->

关于spring - 如何将值添加到 Spring SecurityContextHolder,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/20755595/

24 4 0
文章推荐: Django tables2 - 如何在页面加载时对表格列进行排序?
文章推荐: smalltalk - 在Windows环境(win 7)中以Smalltalk开头的最佳方法
文章推荐: haskell - 开始 Haskell - 出现 "not in scope: data constructor"错误
文章推荐: image - 以编程方式从PowerPoint演示文稿(.PPT)中提取幻灯片作为图像。
行者123
个人简介

我是一名优秀的程序员,十分优秀!

滴滴打车优惠券免费领取
滴滴打车优惠券
全站热门文章
Copyright 2021 - 2024 cfsdn All Rights Reserved 蜀ICP备2022000587号
广告合作:1813099741@qq.com 6ren.com