Spring Security-用户如何通过身份验证和匿名

时间:2018-10-24 14:05:40

标签: spring spring-security

我试图了解为什么“来宾”用户同时以身份验证和匿名身份出现:

以下是一些代码:

   Authentication auth = SecurityContextHolder.getContext().getAuthentication();
         log.info("isAuthenticated "+auth.isAuthenticated());
         if (auth!=null && auth.isAuthenticated()){
           String email = auth.getName(); //get logged in username
           log.info("Loading user info for session: "+email);

当用户匿名时,我没想到isAuthenticated是正确的。

2018-10-24 10:02:40.192  INFO 50027 --- [nio-8080-exec-1] ketocentral.session.SessionInfo          : isAuthenticated true
2018-10-24 10:02:40.193  INFO 50027 --- [nio-8080-exec-1] ketocentral.session.SessionInfo          : Loading user info for session: anonymousUser
2018-10-24 10:02:40.197 DEBUG 50027 --- [nio-8080-exec-1] o.s.d.m.r.query.MongoQueryCreator        : Created query Query: { "email" : "anonymousUser" }, Fields: { }, Sort: { }

0 个答案:

没有答案