acegi 我该从哪里取到用户的信息

snowolf

浏览: 4414571 次
性别:
来自: 北京

最近访客更多访客>>

amwfngt

zheng12tian

cui2424

wangkaiyang

博主相关

博客

微博

相册

留言

关于我

文章分类

社区版块

存档分类

博客分类：

Spring

Acegi Bean Ant Apache XML

项目需要用acegi做为安全屏障，按acegi 1.0.1 官方自带的sample 拼了一个security-config.xml
但是我不知道登录后当点击连接发送 xxx.do的请求后　我在Controller中如何得到用户的信息．例如ID，我该如何得到？
org.acegisecurity.userdetails.User中给的信息太少了
难不成　为了得到一个用户的ID我要由username再检索一遍数据库？
或者像众多兄弟一样除了接口几乎统统重写一遍？
希望是我文档没看够　大家指教～
另外saltSource我给了username提示找不到　User.username()方法　怪异
配置如下

<bean id="filterChainProxy"
		class="org.acegisecurity.util.FilterChainProxy">
		<property name="filterInvocationDefinitionSource">
			<value>
				CONVERT_URL_TO_LOWERCASE_BEFORE_COMPARISON
				PATTERN_TYPE_APACHE_ANT
/**=httpSessionContextIntegrationFilter,logoutFilter,authenticationProcessingFilter,securityContextHolderAwareRequestFilter,rememberMeProcessingFilter,anonymousProcessingFilter,exceptionTranslationFilter,filterInvocationInterceptor
			</value>
		</property>
	</bean>
	<!--  -->
	<bean id="httpSessionContextIntegrationFilter"
		class="org.acegisecurity.context.HttpSessionContextIntegrationFilter" />

	<bean id="logoutFilter"
		class="org.acegisecurity.ui.logout.LogoutFilter">
		<!-- URL redirected to after logout -->
		<constructor-arg value="/index.jsp" />
		<constructor-arg>
			<list>
				<ref bean="rememberMeServices" />
				<ref bean="securityContextLogoutHandler" />
			</list>
		</constructor-arg>
	</bean>

	<bean id="securityContextLogoutHandler"
		class="org.acegisecurity.ui.logout.SecurityContextLogoutHandler" />

	<bean id="authenticationProcessingFilter"
		class="org.acegisecurity.ui.webapp.AuthenticationProcessingFilter">
		<property name="authenticationManager"
			ref="authenticationManager" />
		<property name="authenticationFailureUrl"
			value="/acegilogin.jsp?login_error=1" />
		<property name="defaultTargetUrl" value="/" />
		<property name="filterProcessesUrl"
			value="/j_acegi_security_check" />
		<property name="rememberMeServices" ref="rememberMeServices" />
	</bean>

	<bean id="securityContextHolderAwareRequestFilter"
		class="org.acegisecurity.wrapper.SecurityContextHolderAwareRequestFilter" />

	<bean id="rememberMeProcessingFilter"
		class="org.acegisecurity.ui.rememberme.RememberMeProcessingFilter">
		<property name="authenticationManager"
			ref="authenticationManager" />
		<property name="rememberMeServices" ref="rememberMeServices" />
	</bean>

	<bean id="anonymousProcessingFilter"
		class="org.acegisecurity.providers.anonymous.AnonymousProcessingFilter">
		<property name="key" value="changeThis" />
		<property name="userAttribute"
			value="anonymousUser,ROLE_ANONYMOUS" />
	</bean>

	<bean id="exceptionTranslationFilter"
		class="org.acegisecurity.ui.ExceptionTranslationFilter">
		<property name="authenticationEntryPoint">
			<ref bean="authenticationEntryPoint" />
		</property>
		<property name="accessDeniedHandler">
			<ref bean="accessDeniedHandler" />
		</property>
	</bean>

	<bean id="authenticationEntryPoint"
		class="org.acegisecurity.ui.webapp.AuthenticationProcessingFilterEntryPoint">
		<property name="loginFormUrl" value="/acegilogin.jsp" />
		<property name="forceHttps" value="false" />
	</bean>

	<bean id="accessDeniedHandler"
		class="org.acegisecurity.ui.AccessDeniedHandlerImpl">
		<property name="errorPage" value="/accessDenied.jsp" />
	</bean>

	<bean id="filterInvocationInterceptor"
		class="org.acegisecurity.intercept.web.FilterSecurityInterceptor">
		<property name="authenticationManager"
			ref="authenticationManager" />
		<property name="accessDecisionManager">
			<ref bean="accessDecisionManager" />
		</property>
		<property name="objectDefinitionSource">
			<value>
				CONVERT_URL_TO_LOWERCASE_BEFORE_COMPARISON
				PATTERN_TYPE_APACHE_ANT
				/secure/extreme/**=ROLE_SUPERVISOR
				/secure/**=IS_AUTHENTICATED_REMEMBERED
				/**=IS_AUTHENTICATED_ANONYMOUSLY
			</value>
		</property>
	</bean>

	<bean id="accessDecisionManager"
		class="org.acegisecurity.vote.AffirmativeBased">
		<property name="allowIfAllAbstainDecisions" value="false" />
		<property name="decisionVoters">
			<list>
				<ref bean="roleVoter" />
				<ref bean="authenticatedVoter" />
			</list>
		</property>
	</bean>

	<bean id="roleVoter" class="org.acegisecurity.vote.RoleVoter" />
	<bean id="authenticatedVoter"
		class="org.acegisecurity.vote.AuthenticatedVoter" />

	<bean id="rememberMeServices"
		class="org.acegisecurity.ui.rememberme.TokenBasedRememberMeServices">
		<property name="userDetailsService" ref="userDetailsService" />
		<property name="key" value="changeThis" />
	</bean>

	<!-- 
		验证管理
	-->
	<bean id="authenticationManager"
		class="org.acegisecurity.providers.ProviderManager">
		<property name="providers">
			<list>
				<ref bean="daoAuthenticationProvider" />
				<ref bean="anonymousAuthenticationProvider" />
				<ref bean="rememberMeAuthenticationProvider" />
			</list>
		</property>
	</bean>

	<bean id="anonymousAuthenticationProvider"
		class="org.acegisecurity.providers.anonymous.AnonymousAuthenticationProvider">
		<!-- 未明确 -->
		<property name="key" value="changeThis" />
	</bean>
	<bean id="rememberMeAuthenticationProvider"
		class="org.acegisecurity.providers.rememberme.RememberMeAuthenticationProvider">
		<!-- 未明确 -->
		<property name="key" value="changeThis" />
	</bean>

	<!-- 
		dao层验证 暂时由数据库数据校验完成
		可对数据库密码字段进行解密
		可替换为在数据库层提取数据后 解析密码 然后核对
	-->
	<bean id="daoAuthenticationProvider"
		class="org.acegisecurity.providers.dao.DaoAuthenticationProvider">
		<property name="userDetailsService" ref="userDetailsService" />
		<property name="userCache">
			<ref bean="userCache" />
		</property>
		<!--property name="saltSource">
			<ref bean="saltSource" />
			</property>
			<property name="passwordEncoder">
			<ref bean="passwordEncoder" />
			</property-->
	</bean>

	<bean id="saltSource"
		class="org.acegisecurity.providers.dao.salt.ReflectionSaltSource">
		<property name="userPropertyToUse">
			<value>username</value>
		</property>
	</bean>

	<bean id="passwordEncoder"
		class="org.acegisecurity.providers.encoding.Md5PasswordEncoder" />

	<!-- 
		以下3项为用户信息缓存设置
		减少数据库操作
	-->
	<bean id="userCache"
		class="org.acegisecurity.providers.dao.cache.EhCacheBasedUserCache">
		<property name="cache">
			<ref bean="cache" />
		</property>
	</bean>

	<bean id="cache"
		class="org.springframework.cache.ehcache.EhCacheFactoryBean">
		<property name="cacheManager">
			<ref bean="cacheManager" />
		</property>
		<property name="cacheName" value="userCache" />
	</bean>

	<bean id="cacheManager"
		class="org.springframework.cache.ehcache.EhCacheManagerFactoryBean">
		<property name="configLocation">
			<value>/WEB-INF/ehcache.xml</value>
		</property>
	</bean>

	<!-- 
		可以替换为任何 UserDetailsService 接口的实现类 
		如 org.acegisecurity.userdetails.memory.InMemoryDaoImpl
	-->

	<bean id="userDetailsService"
		class="org.acegisecurity.userdetails.jdbc.JdbcDaoImpl">
		<property name="dataSource">
			<ref bean="dataSource" />
		</property>
	</bean>

	<!-- This bean is optional; it isn't used by any other bean as it only listens and logs -->
	<bean id="loggerListener"
		class="org.acegisecurity.event.authentication.LoggerListener" />
</beans>

分享到：

Java 与 C 底层数据类型转换

2006-09-21 17:32
浏览 5859
评论(5)
论坛回复 / 浏览 (5 / 6247)
查看更多

5 楼 lendo.du 2007-09-05

1.你的用户信息Bean实现UserDetails接口。
2.你的角色对象Role实现GrantedAuthority接口。

这样你的SecurityContextHolder.getContext().getAuthentication().getPrincipal()方法返回的UserDetails对象就可以就可以转型为你自定义的用户信息Bean。

4 楼 hendryxu 2006-11-24

支持一下

3 楼 snowolf 2006-09-22

这个还是自己解决了
晕每次都是一样

Authentication auth = SecurityContextHolder.getContext()
                                                   .getAuthentication();

通过auth就可以得到用户的基本信息

2 楼 snowolf 2006-09-21

关键是　
用户登录后　在什么地方保存了用户的信息
在ｃｏｎｔｒｏｌｌｅｒ中如何取到用户的信息

1 楼 IvanLi 2006-09-21

是否可以考虑自己声明一个UserInfo类，实现org.acegisecurity.userdetails.UserDetails这个接口即可？

发表评论

您还没有登录,请您登录后再发表评论

最近访客更多访客>>

博主相关

文章分类

社区版块

存档分类

最新评论