I have a scenario where I am trying to connect my Frontend system (SAP UI5) to an OData Source for fetching the results.
However, there is a middleware layer in Java - Spring boot, which captures all the requests from the UI and forwards it to the OData services. The reason is, the OData services are not pubicly available. They are behind a firewall whereas the Spring Boot application is publicly available. So, I am using a reverse proxy to make the connection between Spring Boot and OData services, which works.
But the problem here is the OData services (API) require user authentication to access data. This user authentication is already done once on the UI layer.
There is App2Appp SSO enabled from UI -> SPring Boot application. So I can make use of Spring security to access the Principal object. I want to know, besides knowing the username of the logged in user, how do I get the password ?
答案 0 :(得分:1)
当您拥有受Spring Security保护的应用程序时,无论是Spring Boot还是普通的Spring,您都有一个对象可以访问特定身份验证的安全性。
您可以调用并获取Principal(Java安全性的对象):
if (only baseURL) {
iFrame: Load http://beta.mydomain.com/cms/index.cfm/new-home
}
spring中的这个主体是一个UserDetails对象,我们可以在其中配置Spring中的所有用户信息。
然后获取用户名和密码,并将其传递给您的OData服务:
Object principal = SecurityContextHolder.getContext().getAuthentication().getPrincipal();