重写SpringSecurityUtils类

最新推荐文章于 2022-03-22 22:26:37 发布

dingbuoyi

最新推荐文章于 2022-03-22 22:26:37 发布

阅读量2.7k

点赞数

分类专栏： springside 文章标签： authentication null string object security class

本文链接：https://blog.csdn.net/dingbuoyi/article/details/6021786

版权

springside 专栏收录该内容

6 篇文章 0 订阅

订阅专栏

package com.snda.swp.account.service;

import java.util.Collection;

import javax.servlet.http.HttpServletRequest;

import org.springframework.security.core.Authentication;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.core.context.SecurityContext;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.security.web.authentication.WebAuthenticationDetails;
import org.springframework.security.web.authentication.preauth.PreAuthenticatedAuthenticationToken;

import com.snda.swp.account.po.UserInfo;

/**
* SpringSecurity的工具类.
*
* 注意. 本类只支持SpringSecurity 3.0.x.
*
* @author calvin
*/
public class SpringSecurityUtils {
/**
* 取得当前用户, 返回值为UserInfo类或其子类, 如果当前用户未登录则返回null.
*/
@SuppressWarnings("unchecked")
public static <T extends UserInfo> T getCurrentUser() {
Authentication authentication = getAuthentication();

  if (authentication == null) {
   return null;
  }

  Object principal = authentication.getPrincipal();
  if (!(principal instanceof UserInfo)) {
   return null;
  }

return (T) principal;
}

/**
* 取得当前用户的登录名, 如果当前用户未登录则返回空字符串.
*/
public static String getCurrentUserName() {
Authentication authentication = getAuthentication();

  if (authentication == null || authentication.getPrincipal() == null) {
   return "";
  }

return authentication.getName();
}

/**
* 取得当前用户的真实姓名, 如果当前用户未登录则返回空字符串.
*/
public static String getCurrentName() {
return getCurrentUser().getName();
}

/**
* 取得当前用户登录IP, 如果当前用户未登录则返回空字符串.
*/
public static String getCurrentUserIp() {
Authentication authentication = getAuthentication();

  if (authentication == null) {
   return "";
  }

  Object details = authentication.getDetails();
  if (!(details instanceof WebAuthenticationDetails)) {
   return "";
  }

WebAuthenticationDetails webDetails = (WebAuthenticationDetails) details;
return webDetails.getRemoteAddress();
}

/**
* 判断用户是否拥有角色, 如果用户拥有参数中的任意一个角色则返回true.
*/
public static boolean hasAnyRole(String... roles) {
Authentication authentication = getAuthentication();

  if (authentication == null) {
   return false;
  }

Collection<GrantedAuthority> grantedAuthorityList = authentication
 .getAuthorities();
 for (String role : roles) {
 for (GrantedAuthority authority : grantedAuthorityList) {
 if (role.equals(authority.getAuthority())) {
 return true;
 }
 }
 }

return false;
}

/**
* 将UserDetails保存到Security Context.
*
* @param userDetails
*            已初始化好的用户信息.
* @param request
*            用于获取用户IP地址信息,可为Null.
*/
public static void saveUserDetailsToContext(UserDetails userDetails,
   HttpServletRequest request) {
  PreAuthenticatedAuthenticationToken authentication = new PreAuthenticatedAuthenticationToken(
    userDetails, userDetails.getPassword(), userDetails
      .getAuthorities());

  if (request != null) {
   authentication.setDetails(new WebAuthenticationDetails(request));
  }

SecurityContextHolder.getContext().setAuthentication(authentication);
}

/**
* 取得Authentication, 如当前SecurityContext为空时返回null.
*/
private static Authentication getAuthentication() {
SecurityContext context = SecurityContextHolder.getContext();

  if (context == null) {
   return null;
  }

return context.getAuthentication();
}
}

dingbuoyi

关注

0
点赞
踩
1

收藏

觉得还不错? 一键收藏
0
评论
重写SpringSecurityUtils类

 package com.snda.swp.account.service; import java.util.Collection; import javax.servlet.http.HttpServletRequest; import org.springframework.security.core.Authentication; import org.springframework.security.core.GrantedAuthority;<b
复制链接

扫一扫