Spring Security控制授权

最新推荐文章于 2023-04-22 00:56:05 发布

qq_36472439

最新推荐文章于 2023-04-22 00:56:05 发布

阅读量258

点赞数

分类专栏： SpringSecurity

本文链接：https://blog.csdn.net/qq_36472439/article/details/84873992

版权

本文详细探讨了Spring Security的授权控制，重点解析了AnonymousAuthenticationFilter的工作原理，包括其源码分析和授权流程。同时，文章介绍了基于角色的访问控制（RBAC）模型，通过三张实体表和两张关系表来实现权限管理，并给出了具体的SQL实例。

摘要由CSDN通过智能技术生成

Spring Security控制授权

AnonymousAuthenticationFilter:

源码：

 public void doFilter(ServletRequest req, ServletResponse res, FilterChain chain) throws IOException, ServletException {
        if (SecurityContextHolder.getContext().getAuthentication() == null) {
            SecurityContextHolder.getContext().setAuthentication(this.createAuthentication((HttpServletRequest)req));
            if (this.logger.isDebugEnabled()) {
                this.logger.debug("Populated SecurityContextHolder with anonymous token: '" + SecurityContextHolder.getContext().getAuthentication() + "'");
            }
        } else if (this.logger.isDebugEnabled()) {
            this.logger.debug("SecurityContextHolder not populated with anonymous token, as it already contained: '" + SecurityContextHolder.getContext().getAuthentication() + "'");
        }

        chain.doFilter(req, res);
    }

    protected Authentication createAuthentication(HttpServletRequest request) {
        AnonymousAuthenticationToken auth = new AnonymousAuthenticationToken(this.key, this.principal, this.authorities);
        auth.setDetails(this.authentica

最低0.47元/天解锁文章

qq_36472439

关注

0
点赞
踩
0

收藏

觉得还不错? 一键收藏
0
评论
Spring Security控制授权

Spring Security控制授权AnonymousAuthenticationFilter: 源码： public void doFilter(ServletRequest req, ServletResponse res, FilterChain chain) throws IOException, ServletException { if (S...
复制链接

扫一扫

专栏目录