浏览 6230 次
|
锁定老帖子 主题:acegi 我该从哪里取到用户的信息
精华帖 (0) :: 良好帖 (0) :: 新手帖 (0) :: 隐藏帖 (0)
|
|
|---|---|
| 作者 | 正文 |
|
发表时间:2006-09-21
最后修改:2009-05-06
项目需要 用acegi做为安全屏障,按acegi 1.0.1 官方自带的sample 拼了一个security-config.xml
但是 我不知道 登录后 当点击连接发送 xxx.do的请求后 我在Controller中如何得到用户的信息.例如ID,我该如何得到? org.acegisecurity.userdetails.User中给的信息太少了 难不成 为了得到一个用户的ID我要由username再检索一遍数据库? 或者像众多兄弟一样除了接口几乎统统重写一遍? 希望是我文档没看够 大家指教~ 另外saltSource我给了username提示找不到 User.username()方法 怪异 配置如下 <bean id="filterChainProxy" class="org.acegisecurity.util.FilterChainProxy"> <property name="filterInvocationDefinitionSource"> <value> CONVERT_URL_TO_LOWERCASE_BEFORE_COMPARISON PATTERN_TYPE_APACHE_ANT /**=httpSessionContextIntegrationFilter,logoutFilter,authenticationProcessingFilter,securityContextHolderAwareRequestFilter,rememberMeProcessingFilter,anonymousProcessingFilter,exceptionTranslationFilter,filterInvocationInterceptor </value> </property> </bean> <!-- --> <bean id="httpSessionContextIntegrationFilter" class="org.acegisecurity.context.HttpSessionContextIntegrationFilter" /> <bean id="logoutFilter" class="org.acegisecurity.ui.logout.LogoutFilter"> <!-- URL redirected to after logout --> <constructor-arg value="/index.jsp" /> <constructor-arg> <list> <ref bean="rememberMeServices" /> <ref bean="securityContextLogoutHandler" /> </list> </constructor-arg> </bean> <bean id="securityContextLogoutHandler" class="org.acegisecurity.ui.logout.SecurityContextLogoutHandler" /> <bean id="authenticationProcessingFilter" class="org.acegisecurity.ui.webapp.AuthenticationProcessingFilter"> <property name="authenticationManager" ref="authenticationManager" /> <property name="authenticationFailureUrl" value="/acegilogin.jsp?login_error=1" /> <property name="defaultTargetUrl" value="/" /> <property name="filterProcessesUrl" value="/j_acegi_security_check" /> <property name="rememberMeServices" ref="rememberMeServices" /> </bean> <bean id="securityContextHolderAwareRequestFilter" class="org.acegisecurity.wrapper.SecurityContextHolderAwareRequestFilter" /> <bean id="rememberMeProcessingFilter" class="org.acegisecurity.ui.rememberme.RememberMeProcessingFilter"> <property name="authenticationManager" ref="authenticationManager" /> <property name="rememberMeServices" ref="rememberMeServices" /> </bean> <bean id="anonymousProcessingFilter" class="org.acegisecurity.providers.anonymous.AnonymousProcessingFilter"> <property name="key" value="changeThis" /> <property name="userAttribute" value="anonymousUser,ROLE_ANONYMOUS" /> </bean> <bean id="exceptionTranslationFilter" class="org.acegisecurity.ui.ExceptionTranslationFilter"> <property name="authenticationEntryPoint"> <ref bean="authenticationEntryPoint" /> </property> <property name="accessDeniedHandler"> <ref bean="accessDeniedHandler" /> </property> </bean> <bean id="authenticationEntryPoint" class="org.acegisecurity.ui.webapp.AuthenticationProcessingFilterEntryPoint"> <property name="loginFormUrl" value="/acegilogin.jsp" /> <property name="forceHttps" value="false" /> </bean> <bean id="accessDeniedHandler" class="org.acegisecurity.ui.AccessDeniedHandlerImpl"> <property name="errorPage" value="/accessDenied.jsp" /> </bean> <bean id="filterInvocationInterceptor" class="org.acegisecurity.intercept.web.FilterSecurityInterceptor"> <property name="authenticationManager" ref="authenticationManager" /> <property name="accessDecisionManager"> <ref bean="accessDecisionManager" /> </property> <property name="objectDefinitionSource"> <value> CONVERT_URL_TO_LOWERCASE_BEFORE_COMPARISON PATTERN_TYPE_APACHE_ANT /secure/extreme/**=ROLE_SUPERVISOR /secure/**=IS_AUTHENTICATED_REMEMBERED /**=IS_AUTHENTICATED_ANONYMOUSLY </value> </property> </bean> <bean id="accessDecisionManager" class="org.acegisecurity.vote.AffirmativeBased"> <property name="allowIfAllAbstainDecisions" value="false" /> <property name="decisionVoters"> <list> <ref bean="roleVoter" /> <ref bean="authenticatedVoter" /> </list> </property> </bean> <bean id="roleVoter" class="org.acegisecurity.vote.RoleVoter" /> <bean id="authenticatedVoter" class="org.acegisecurity.vote.AuthenticatedVoter" /> <bean id="rememberMeServices" class="org.acegisecurity.ui.rememberme.TokenBasedRememberMeServices"> <property name="userDetailsService" ref="userDetailsService" /> <property name="key" value="changeThis" /> </bean> <!-- 验证管理 --> <bean id="authenticationManager" class="org.acegisecurity.providers.ProviderManager"> <property name="providers"> <list> <ref bean="daoAuthenticationProvider" /> <ref bean="anonymousAuthenticationProvider" /> <ref bean="rememberMeAuthenticationProvider" /> </list> </property> </bean> <bean id="anonymousAuthenticationProvider" class="org.acegisecurity.providers.anonymous.AnonymousAuthenticationProvider"> <!-- 未明确 --> <property name="key" value="changeThis" /> </bean> <bean id="rememberMeAuthenticationProvider" class="org.acegisecurity.providers.rememberme.RememberMeAuthenticationProvider"> <!-- 未明确 --> <property name="key" value="changeThis" /> </bean> <!-- dao层验证 暂时由数据库数据校验完成 可对数据库密码字段进行解密 可替换为在数据库层提取数据后 解析密码 然后核对 --> <bean id="daoAuthenticationProvider" class="org.acegisecurity.providers.dao.DaoAuthenticationProvider"> <property name="userDetailsService" ref="userDetailsService" /> <property name="userCache"> <ref bean="userCache" /> </property> <!--property name="saltSource"> <ref bean="saltSource" /> </property> <property name="passwordEncoder"> <ref bean="passwordEncoder" /> </property--> </bean> <bean id="saltSource" class="org.acegisecurity.providers.dao.salt.ReflectionSaltSource"> <property name="userPropertyToUse"> <value>username</value> </property> </bean> <bean id="passwordEncoder" class="org.acegisecurity.providers.encoding.Md5PasswordEncoder" /> <!-- 以下3项为用户信息缓存设置 减少数据库操作 --> <bean id="userCache" class="org.acegisecurity.providers.dao.cache.EhCacheBasedUserCache"> <property name="cache"> <ref bean="cache" /> </property> </bean> <bean id="cache" class="org.springframework.cache.ehcache.EhCacheFactoryBean"> <property name="cacheManager"> <ref bean="cacheManager" /> </property> <property name="cacheName" value="userCache" /> </bean> <bean id="cacheManager" class="org.springframework.cache.ehcache.EhCacheManagerFactoryBean"> <property name="configLocation"> <value>/WEB-INF/ehcache.xml</value> </property> </bean> <!-- 可以替换为任何 UserDetailsService 接口的实现类 如 org.acegisecurity.userdetails.memory.InMemoryDaoImpl --> <bean id="userDetailsService" class="org.acegisecurity.userdetails.jdbc.JdbcDaoImpl"> <property name="dataSource"> <ref bean="dataSource" /> </property> </bean> <!-- This bean is optional; it isn't used by any other bean as it only listens and logs --> <bean id="loggerListener" class="org.acegisecurity.event.authentication.LoggerListener" /> </beans> 声明:ITeye文章版权属于作者,受法律保护。没有作者书面许可不得转载。
推荐链接
|
| 返回顶楼 | |
|
发表时间:2006-09-21
是否可以考虑自己声明一个UserInfo类,实现org.acegisecurity.userdetails.UserDetails这个接口即可?
|
| 返回顶楼 | |
|
发表时间:2006-09-21
关键是
用户登录后 在什么地方保存了用户的信息 在controller中如何取到用户的信息 |
| 返回顶楼 | |
|
发表时间:2006-09-22
这个还是自己解决了
晕 每次都是一样
Authentication auth = SecurityContextHolder.getContext()
.getAuthentication();
通过auth就可以得到用户的基本信息 |
| 返回顶楼 | |
|
发表时间:2006-11-24
支持一下
|
| 返回顶楼 | |
|
发表时间:2007-09-05
1.你的用户信息Bean实现UserDetails接口。
2.你的角色对象Role实现GrantedAuthority接口。 这样你的SecurityContextHolder.getContext().getAuthentication().getPrincipal()方法返回的UserDetails对象就可以就可以转型为你自定义的用户信息Bean。 |
| 返回顶楼 | |
