acegi 我该从哪里取到用户的信息

最新推荐文章于 2019-11-05 09:43:33 发布

snowolf_37

最新推荐文章于 2019-11-05 09:43:33 发布

阅读量96

点赞数

分类专栏： Spring 文章标签： Acegi Bean Ant Apache XML

Spring 专栏收录该内容

19 篇文章 0 订阅

订阅专栏

项目需要用acegi做为安全屏障，按acegi 1.0.1 官方自带的sample 拼了一个security-config.xml
但是我不知道登录后当点击连接发送 xxx.do的请求后　我在Controller中如何得到用户的信息．例如ID，我该如何得到？
org.acegisecurity.userdetails.User中给的信息太少了
难不成　为了得到一个用户的ID我要由username再检索一遍数据库？
或者像众多兄弟一样除了接口几乎统统重写一遍？
希望是我文档没看够　大家指教～
另外saltSource我给了username提示找不到　User.username()方法　怪异
配置如下


<bean id="filterChainProxy"
		class="org.acegisecurity.util.FilterChainProxy">
		<property name="filterInvocationDefinitionSource">
			<value>
				CONVERT_URL_TO_LOWERCASE_BEFORE_COMPARISON
				PATTERN_TYPE_APACHE_ANT
/**=httpSessionContextIntegrationFilter,logoutFilter,authenticationProcessingFilter,securityContextHolderAwareRequestFilter,rememberMeProcessingFilter,anonymousProcessingFilter,exceptionTranslationFilter,filterInvocationInterceptor
			</value>
		</property>
	</bean>
	<!--  -->
	<bean id="httpSessionContextIntegrationFilter"
		class="org.acegisecurity.context.HttpSessionContextIntegrationFilter" />

	<bean id="logoutFilter"
		class="org.acegisecurity.ui.logout.LogoutFilter">
		<!-- URL redirected to after logout -->
		<constructor-arg value="/index.jsp" />
		<constructor-arg>
			<list>
				<ref bean="rememberMeServices" />
				<ref bean="securityContextLogoutHandler" />
			</list>
		</constructor-arg>
	</bean>

	<bean id="securityContextLogoutHandler"
		class="org.acegisecurity.ui.logout.SecurityContextLogoutHandler" />

	<bean id="authenticationProcessingFilter"
		class="org.acegisecurity.ui.webapp.AuthenticationProcessingFilter">
		<property name="authenticationManager"
			ref="authenticationManager" />
		<property name="authenticationFailureUrl"
			value="/acegilogin.jsp?login_error=1" />
		<property name="defaultTargetUrl" value="/" />
		<property name="filterProcessesUrl"
			value="/j_acegi_security_check" />
		<property name="rememberMeServices" ref="rememberMeServices" />
	</bean>

	<bean id="securityContextHolderAwareRequestFilter"
		class="org.acegisecurity.wrapper.SecurityContextHolderAwareRequestFilter" />

	<bean id="rememberMeProcessingFilter"
		class="org.acegisecurity.ui.rememberme.RememberMeProcessingFilter">
		<property name="authenticationManager"
			ref="authenticationManager" />
		<property name="rememberMeServices" ref="rememberMeServices" />
	</bean>

	<bean id="anonymousProcessingFilter"
		class="org.acegisecurity.providers.anonymous.AnonymousProcessingFilter">
		<property name="key" value="changeThis" />
		<property name="userAttribute"
			value="anonymousUser,ROLE_ANONYMOUS" />
	</bean>

	<bean id="exceptionTranslationFilter"
		class="org.acegisecurity.ui.ExceptionTranslationFilter">
		<property name="authenticationEntryPoint">
			<ref bean="authenticationEntryPoint" />
		</property>
		<property name="accessDeniedHandler">
			<ref bean="accessDeniedHandler" />
		</property>
	</bean>

	<bean id="authenticationEntryPoint"
		class="org.acegisecurity.ui.webapp.AuthenticationProcessingFilterEntryPoint">
		<property name="loginFormUrl" value="/acegilogin.jsp" />
		<property name="forceHttps" value="false" />
	</bean>

	<bean id="accessDeniedHandler"
		class="org.acegisecurity.ui.AccessDeniedHandlerImpl">
		<property name="errorPage" value="/accessDenied.jsp" />
	</bean>

	<bean id="filterInvocationInterceptor"
		class="org.acegisecurity.intercept.web.FilterSecurityInterceptor">
		<property name="authenticationManager"
			ref="authenticationManager" />
		<property name="accessDecisionManager">
			<ref bean="accessDecisionManager" />
		</property>
		<property name="objectDefinitionSource">
			<value>
				CONVERT_URL_TO_LOWERCASE_BEFORE_COMPARISON
				PATTERN_TYPE_APACHE_ANT
				/secure/extreme/**=ROLE_SUPERVISOR
				/secure/**=IS_AUTHENTICATED_REMEMBERED
				/**=IS_AUTHENTICATED_ANONYMOUSLY
			</value>
		</property>
	</bean>

	<bean id="accessDecisionManager"
		class="org.acegisecurity.vote.AffirmativeBased">
		<property name="allowIfAllAbstainDecisions" value="false" />
		<property name="decisionVoters">
			<list>
				<ref bean="roleVoter" />
				<ref bean="authenticatedVoter" />
			</list>
		</property>
	</bean>

	<bean id="roleVoter" class="org.acegisecurity.vote.RoleVoter" />
	<bean id="authenticatedVoter"
		class="org.acegisecurity.vote.AuthenticatedVoter" />

	<bean id="rememberMeServices"
		class="org.acegisecurity.ui.rememberme.TokenBasedRememberMeServices">
		<property name="userDetailsService" ref="userDetailsService" />
		<property name="key" value="changeThis" />
	</bean>

	<!-- 
		验证管理
	-->
	<bean id="authenticationManager"
		class="org.acegisecurity.providers.ProviderManager">
		<property name="providers">
			<list>
				<ref bean="daoAuthenticationProvider" />
				<ref bean="anonymousAuthenticationProvider" />
				<ref bean="rememberMeAuthenticationProvider" />
			</list>
		</property>
	</bean>

	<bean id="anonymousAuthenticationProvider"
		class="org.acegisecurity.providers.anonymous.AnonymousAuthenticationProvider">
		<!-- 未明确 -->
		<property name="key" value="changeThis" />
	</bean>
	<bean id="rememberMeAuthenticationProvider"
		class="org.acegisecurity.providers.rememberme.RememberMeAuthenticationProvider">
		<!-- 未明确 -->
		<property name="key" value="changeThis" />
	</bean>

	<!-- 
		dao层验证 暂时由数据库数据校验完成
		可对数据库密码字段进行解密
		可替换为在数据库层提取数据后 解析密码 然后核对
	-->
	<bean id="daoAuthenticationProvider"
		class="org.acegisecurity.providers.dao.DaoAuthenticationProvider">
		<property name="userDetailsService" ref="userDetailsService" />
		<property name="userCache">
			<ref bean="userCache" />
		</property>
		<!--property name="saltSource">
			<ref bean="saltSource" />
			</property>
			<property name="passwordEncoder">
			<ref bean="passwordEncoder" />
			</property-->
	</bean>

	<bean id="saltSource"
		class="org.acegisecurity.providers.dao.salt.ReflectionSaltSource">
		<property name="userPropertyToUse">
			<value>username</value>
		</property>
	</bean>

	<bean id="passwordEncoder"
		class="org.acegisecurity.providers.encoding.Md5PasswordEncoder" />

	<!-- 
		以下3项为用户信息缓存设置
		减少数据库操作
	-->
	<bean id="userCache"
		class="org.acegisecurity.providers.dao.cache.EhCacheBasedUserCache">
		<property name="cache">
			<ref bean="cache" />
		</property>
	</bean>

	<bean id="cache"
		class="org.springframework.cache.ehcache.EhCacheFactoryBean">
		<property name="cacheManager">
			<ref bean="cacheManager" />
		</property>
		<property name="cacheName" value="userCache" />
	</bean>

	<bean id="cacheManager"
		class="org.springframework.cache.ehcache.EhCacheManagerFactoryBean">
		<property name="configLocation">
			<value>/WEB-INF/ehcache.xml</value>
		</property>
	</bean>

	<!-- 
		可以替换为任何 UserDetailsService 接口的实现类 
		如 org.acegisecurity.userdetails.memory.InMemoryDaoImpl
	-->

	<bean id="userDetailsService"
		class="org.acegisecurity.userdetails.jdbc.JdbcDaoImpl">
		<property name="dataSource">
			<ref bean="dataSource" />
		</property>
	</bean>

	<!-- This bean is optional; it isn't used by any other bean as it only listens and logs -->
	<bean id="loggerListener"
		class="org.acegisecurity.event.authentication.LoggerListener" />
</beans>

snowolf_37

关注

0
点赞
踩
0

收藏

觉得还不错? 一键收藏
0
评论
acegi 我该从哪里取到用户的信息

项目需要用acegi做为安全屏障，按acegi 1.0.1 官方自带的sample 拼了一个security-config.xml但是我不知道登录后当点击连接发送 xxx.do的请求后　我在Controller中如何得到用户的信息．例如ID，我该如何得到？org.acegisecurity.userdetails.User中给的信息太少了难不成　为了得到一个用户的ID我要由us...
复制链接

扫一扫

专栏目录