在Spring安全性中,是否可以在方法内获取用户可能已与其令牌关联的角色和属性?
@PreAuthorize("hasAuthority(T(ROLES.Admin)")
@Timed
public ResponseEntity<base> save(@RequestBody body) throws URISyntaxException {
// here i want to get all the data associated whit this user ie. jwt token
// roles etc .. as i need to pass this on
}
我已经看到你可以获得校长
答案 0 :(得分:0)
是的,您可以通过Principal获得它。
User user = (User)SecurityContextHolder.getContext().getAuthentication().getPrincipal();
user.getAuthorities();