JavaEE 8 jsr375在过滤器上检测用户主体

时间:2018-09-25 16:23:01

标签: java-ee realm open-liberty java-ee-8

我在OpenLiberty 18.0.0.2上使用JavaEE8。
我想了解请求是否已通过身份验证。
此代码不起作用:

@WebFilter(urlPatterns = {"/panel/*"})
public class IndexFilter implements Filter {

    @Inject
    private SecurityContext securityContext ;

    @Override
    public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException {

        System.out.println(((HttpServletRequest) request).getUserPrincipal()); //not work : receive null
        System.out.println(securityContext.getCallerPrincipal().getName()); // not work : receive UNAUTHENTICATED

        // ? How can find user principal ?

        chain.doFilter(request,response);
    }
}

这是我的登录方法:

public void login() throws IOException {
        Credential credential = new UsernamePasswordCredential(username, password);
        AuthenticationStatus status = securityContext.authenticate(
                getHttpServletRequest(),
                getHttpServletResponse(),
                withParams()
                        .credential(credential)
                        .rememberMe(true)
        );
        if (status.equals(SUCCESS)) {
            facesContext.getExternalContext().redirect("/panel/index.xhtml");
        }
    }

如何在过滤器上检测用户主体?

0 个答案:

没有答案