我希望在单击注销按钮后获取用户角色。 如果角色是 admin ,我必须在/ logout中返回/login.jsp 如果角色是用户,我必须在/ logout中返回/index.jsp
提前致谢
my controller.java:
@RequestMapping(value="/logout",method=RequestMethod.GET)
public String logout(HttpServletRequest request,ModelMap model)
{
model.addAttribute("userForms",userService.getActiveUserList());
model.addAttribute("Success",true);
return "/login";
}
UserService.java
public List<UserForm> getActiveUserList()
{
List<UserForm> userForms = new ArrayList<UserForm>();
List<User> users = new ArrayList<User>();
users = userDAO.getActiveList();
for (User user : users) {
String crmDomainLink=crmProperties.getProperty("CRMAppDomain");
UserForm userForm = new UserForm(
user.getUserId(),user.getName(), user.getCode(),
CRMConstants.convertUSAFormatWithTime(user.getCreatedDateTime()),
user.getIsEnabled(), null);
userForms.add(userForm);
}
return userForms;
}
MyDAO.java
public List<User> getActiveList() {
return this.sessionFactory.getCurrentSession().createCriteria(User.class).add(Restrictions.and(Restrictions.eq("isEnabled", 1),Restrictions.ne("userId", 1))).list();
}
答案 0 :(得分:0)
您应该实现自定义LogoutSuccessHandler。类似的东西:
@Component
public class CustomLogoutSuccessHandler implements LogoutSuccessHandler {
public void onLogoutSuccess(HttpServletRequest request, HttpServletResponse response, Authentication authentication) throws IOException, ServletException {
if (AuthorityUtils.authorityListToSet(authentication.getAuthorities()).contains("ROLE_ADMIN")) {
response.sendRedirect("/login.jsp");
} else {
response.sendRedirect("/index.jsp");
}
}
}
将其添加到安全配置中,如果是XML:
<logout success-handler-ref="customLogoutSuccessHandler" />
答案 1 :(得分:-1)
您可以通过以下
获取控制器中的Authentication
对象
@RequestMapping(value="/logout", method = RequestMethod.GET)
public String logout(ModelMap model, Authentication authentication) {
}
然后,您可以通过调用以下方法来获取登录用户的角色
authentication.getAuthorities();