这个Spring Security示例向您展示了如何检查用户是否从“记住我” cookie登录。
private boolean isRememberMeAuthenticated() {
Authentication authentication =
SecurityContextHolder.getContext().getAuthentication();
if (authentication == null) {
return false;
}
return RememberMeAuthenticationToken.class.isAssignableFrom(authentication.getClass());
}
@RequestMapping(value = "/admin/update**", method = RequestMethod.GET)
public ModelAndView updatePage() {
ModelAndView model = new ModelAndView();
if (isRememberMeAuthenticated()) {
model.setViewName("/login");
} else {
model.setViewName("update");
}
return model;
}
在Spring Security标记中,您可以这样编码:
<%@taglib prefix="sec" uri="http://www.springframework.org/security/tags"%>
<%@page session="true"%>
<html>
<body>
<sec:authorize access="isRememberMe()">
<h2># This user is login by "Remember Me Cookies".</h2>
</sec:authorize>
<sec:authorize access="isFullyAuthenticated()">
<h2># This user is login by username / password.</h2>
</sec:authorize>
</body>
</html>
注意
isRememberMe()–如果当前主体是“记住我”用户,则返回true
isFullyAuthenticated()–如果用户不是匿名用户或记住我的用户,则返回true
参考文献
标签: Spring安全
翻译自: https://mkyong.com/spring-security/spring-security-check-if-user-is-from-remember-me-cookie/