如何将Spring Session与Spring Security集成?
问题是Spring Session没有将session属性“SPRING_SECURITY_CONTEXT”设置为当前的SecurityContext。我有错误:
org.springframework.security.authentication.InsufficientAuthenticationException: Full authentication is required to access this resource
此过滤器修复它:
public static class SessionSecurityContextIntegarionFilter extends GenericFilterBean {
@Override
public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException {
HttpServletRequest servletRequest = (HttpServletRequest) request;
HttpSession session = servletRequest.getSession(false);
if (null != session && session.getAttribute("SPRING_SECURITY_CONTEXT") != null) {
SecurityContextHolder.setContext((SecurityContext) session.getAttribute("SPRING_SECURITY_CONTEXT"));
}
chain.doFilter(request, response);
}
}
如何将Spring Session与Spring Security集成?