您好我正在尝试在登录成功时获取用户名。为了管理登录,我使用config java类,如下所示:
@Configuration
public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
@Resource
private UserDetailsService userService;
protected void configure(HttpSecurity http) throws Exception {
http
.authorizeRequests()
.antMatchers("/home",
"/error",
"/member/register",
"/css/**",
"/js/**",
"/fonts/**",
"**.html",
"/static/**",
"/public/**").permitAll()
.antMatchers("/admin/**").hasRole("ADMIN")
.anyRequest()
.authenticated();
http
.formLogin()
.loginPage("/login")
.permitAll().and()
.logout()
.permitAll();
}
@Autowired
@Override
protected void configure(AuthenticationManagerBuilder authManagerBuilder) throws Exception {
authManagerBuilder.userDetailsService(userService);
}
}
我有一个简单的用户界面登录。我相信我通过实现UserDetails (documentation)接口获得登录用户名。我必须定义如何getUsername(),但目前我必须提供一个用户,而不是它给我当前用户登录。这是我实现它的方式:
public class UserDetailsImpl implements UserDetails {
/**
*
*/
private static final long serialVersionUID = 1L;
private Member member;
public UserDetailsImpl(Member member) {
this.member = member;
}
public UserDetailsImpl() {
// TODO Auto-generated constructor stub
}
@Override
public Collection<? extends GrantedAuthority> getAuthorities() {
Collection<GrantedAuthority> authorities = new HashSet<GrantedAuthority>(1);
// authorities.add(new SimpleGrantedAuthority(member.getRole()));
return authorities;
}
@Override
public String getPassword() {
return member.getPassword();
}
@Override
public boolean isAccountNonExpired() {
return true;
}
@Override
public boolean isAccountNonLocked() {
return true;
}
@Override
public boolean isCredentialsNonExpired() {
return true;
}
@Override
public boolean isEnabled() {
return true;
}
@Override
public String getUsername() {
// TODO Auto-generated method stub
return member.getUsername();
}
}
不带参数的构造函数应该是当前登录的用户。但我不知道该怎么做。
感谢。
答案 0 :(得分:0)
Authentication authentication = SecurityContextHolder.getContext().getAuthentication()
然后您可以从authentication获取详细信息对象,并从详细信息对象获取登录用户名,也许您需要投射自己的类,更多关于SecurityContextHolder,Authentication的信息。 here
答案 1 :(得分:0)
要在控制器中获取当前经过身份验证的用户,可以在方法签名中添加Pricipal作为参数。
@RequestMapping(value="/home")
public String home(Principal principal) {
/*
Spring will inject the prinical for you.
Then you can call getName() to get the username;
*/
String user = principal.getName();
// do stuff with user
return "home";
}
有几种方法可以做到这一点,这只是一种方法。这里有很好的写作方式和好处。
答案 2 :(得分:-2)
SecurityContext securityContext = SecurityContextHolder.getContext();
Object obj = securityContext.getAuthentication().getPrincipal();
if (obj instanceof User) {
User springSecurityUser = (User) obj;
String userConnectedName = springSecurityUser.getUsername();
Collection<GrantedAuthority> listRole = securityContext.getAuthentication().getAuthorities();
}