spring security 验证用户登录以及获取当前登录的用户信息_securitycontextholder now cleared, as request proc-CSDN博客

本文链接：https://blog.csdn.net/u013911102/article/details/108513062

项目场景：

原本打算只写APP搭建，从零到有的spring security oauth2.0的相关内容，突然心血来潮想分享一下一波源码，既然上一篇分享了spring security的校验逻辑，哪么干脆再分享一下spring security是如何获取当前用户是否登录以及获取当前用户的用户信息。

技术详解：

首先再UsernamePasswordAuthenticationFilter认证成功之后，有如下这一段代码。

protected void successfulAuthentication(HttpServletRequest request,
			HttpServletResponse response, FilterChain chain, Authentication authResult)
			throws IOException, ServletException {

		if (logger.isDebugEnabled()) {
			logger.debug("Authentication success. Updating SecurityContextHolder to contain: "
					+ authResult);
		}
        // 这行代码至关重要.
		SecurityContextHolder.getContext().setAuthentication(authResult);

		rememberMeServices.loginSuccess(request, response, authResult);

		// Fire event
		if (this.eventPublisher != null) {
			eventPublisher.publishEvent(new InteractiveAuthenticationSuc