我在OpenLiberty 18.0.0.2上使用JavaEE8。
我想了解请求是否已通过身份验证。
此代码不起作用:
@WebFilter(urlPatterns = {"/panel/*"})
public class IndexFilter implements Filter {
@Inject
private SecurityContext securityContext ;
@Override
public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException {
System.out.println(((HttpServletRequest) request).getUserPrincipal()); //not work : receive null
System.out.println(securityContext.getCallerPrincipal().getName()); // not work : receive UNAUTHENTICATED
// ? How can find user principal ?
chain.doFilter(request,response);
}
}
这是我的登录方法:
public void login() throws IOException {
Credential credential = new UsernamePasswordCredential(username, password);
AuthenticationStatus status = securityContext.authenticate(
getHttpServletRequest(),
getHttpServletResponse(),
withParams()
.credential(credential)
.rememberMe(true)
);
if (status.equals(SUCCESS)) {
facesContext.getExternalContext().redirect("/panel/index.xhtml");
}
}
如何在过滤器上检测用户主体?