我试图了解为什么“来宾”用户同时以身份验证和匿名身份出现:
以下是一些代码:
Authentication auth = SecurityContextHolder.getContext().getAuthentication();
log.info("isAuthenticated "+auth.isAuthenticated());
if (auth!=null && auth.isAuthenticated()){
String email = auth.getName(); //get logged in username
log.info("Loading user info for session: "+email);
当用户匿名时,我没想到isAuthenticated是正确的。
2018-10-24 10:02:40.192 INFO 50027 --- [nio-8080-exec-1] ketocentral.session.SessionInfo : isAuthenticated true
2018-10-24 10:02:40.193 INFO 50027 --- [nio-8080-exec-1] ketocentral.session.SessionInfo : Loading user info for session: anonymousUser
2018-10-24 10:02:40.197 DEBUG 50027 --- [nio-8080-exec-1] o.s.d.m.r.query.MongoQueryCreator : Created query Query: { "email" : "anonymousUser" }, Fields: { }, Sort: { }