我想在会话中加入一些vaues或object。如何添加这些额外信息
<bean id="tdrUserDetailsContextMapper" class="org.krams.tutorial.security.UserDetailsContextMapperImpl"/>
<bean id="ldapAuthProvider" class="org.springframework.security.ldap.authentication.ad.ActiveDirectoryLdapAuthenticationProvider">
<constructor-arg value="in.holcim.net" />
<!-- <beans:constructor-arg value="ldap://10.235.0.164:389" /> -->
<constructor-arg value="ldap://10.234.12.33:389" />
<!-- <property name="authoritiesMapper" ref="grantedAuthoritiesMapper" /> -->
<property name="userDetailsContextMapper" ref="tdrUserDetailsContextMapper"/>
<property name="useAuthenticationRequestCredentials" value="true" />
<property name="convertSubErrorCodesToExceptions" value="true" />
</bean>
public UserDetails mapUserFromContext(DirContextOperations ctx, String username, Collection<? extends GrantedAuthority> authority) {
List<GrantedAuthority> mappedAuthorities = new ArrayList<GrantedAuthority>();
if("kamahire".equals(username)){
mappedAuthorities.add(new GrantedAuthority(){
private static final long serialVersionUID = 4356967414267942910L;
@Override
public String getAuthority() {
//return "ROLE_KAMLESHA";
return "ROLE_USER";
}
});
}else if(username.equals("saslanka")){
mappedAuthorities.add(new GrantedAuthority(){
private static final long serialVersionUID = -5167156646226168080L;
@Override
public String getAuthority() {
return "ROLE_KAMLESHA";
}
});
/*if (granted.getAuthority().equalsIgnoreCase("MY USER GROUP")) {
mappedAuthorities.add(new GrantedAuthority(){
private static final long serialVersionUID = 4356967414267942910L;
@Override
public String getAuthority() {
return "ROLE_USER";
}
});
} else if(granted.getAuthority().equalsIgnoreCase("MY ADMIN GROUP")) {
mappedAuthorities.add(new GrantedAuthority() {
private static final long serialVersionUID = -5167156646226168080L;
@Override
public String getAuthority() {
return "ROLE_ADMIN";
}
});
}*/
}else{
mappedAuthorities.add(new GrantedAuthority(){
private static final long serialVersionUID = -5167156646226168780L;
@Override
public String getAuthority() {
return "ROLE_ADMIN2";
}
});
}
System.out.println("User name is :" + username + " ROLE" + mappedAuthorities.get(0).getAuthority() );
return new User(username, "", true, true, true, true, mappedAuthorities);
}
@Override
public void mapUserToContext(UserDetails arg0, DirContextAdapter arg1) {
}
}
我想用额外的参数在上面的类中设置session或principal对象。我该如何添加。
请帮忙。
答案 0 :(得分:0)
您可以创建User对象的子类,然后可以通过
SecurityContextHolder.getContext().getAuthentication().getPrincipal()
或者您可以使用身份验证事件侦听器来进一步准备用户会话。
public class MySessionPreparator implements ApplicationListener<AuthenticationSuccessEvent> {
@Override
public void onApplicationEvent(AuthenticationSuccessEvent event) {
RequestContextHolder.currentRequestAttributes().setAttribute("foo", "bar", RequestAttributes.SCOPE_SESSION);
}
}