java 获取加密表单,如何在Spring获取之前捕获Spring Security登录表单？

使用上面的答案作为指导，这是我创建的一个后处理器的工作示例，它允许您指定要向验证器提供的登录表单变量，以及一个示例自定义验证器，用于检查登录表单中的terms_of_service复选框值 .

在Spring配置中：

AuthFormDetailsPostProcessor.java：

public class AuthFormDetailsPostProcessor implements BeanPostProcessor {

private String [] formVarNames;

public void setFormVarNames (String formVarNames) {

this.formVarNames = formVarNames.split (",");

}

public static class Details extends WebAuthenticationDetails {

private Map map;

public Details (HttpServletRequest request, String [] parameters) {

super (request);

this.map = new HashMap();

for (String parameter : parameters) {

this.map.put (parameter.trim(), request.getParameter (parameter.trim()));

}

}

public String get (String name) {

return map.get(name);

}

}

public Object postProcessAfterInitialization(Object bean, String name) {

if (bean instanceof UsernamePasswordAuthenticationFilter) {

((UsernamePasswordAuthenticationFilter)bean).setAuthenticationDetailsSource(

new AuthenticationDetailsSource() {

public Object buildDetails(Object context) {

if (formVarNames == null) {

throw new RuntimeException ("AuthFormDetailsPostProcessor bean requires a formVarNames property, specifying a comma-delimited list of form vars to provide in the details object.");

}

return new Details ((HttpServletRequest) context, formVarNames);

}

});

}

return bean;

}

public Object postProcessBeforeInitialization(Object bean, String name) {

return bean;

}

}

这是使用它的自定义Authenticator：

public class AuthServiceAuthenticator implements AuthenticationProvider {

@Override

public Authentication authenticate (Authentication authentication) throws AuthenticationException {

String email = (String) authentication.getPrincipal();

String password = (String) authentication.getCredentials();

AuthFormDetailsPostProcessor.Details details = (AuthFormDetailsPostProcessor.Details) authentication.getDetails();

// see if they checked the terms_of_service checkbox

String termsOfServiceVar = details.get ("terms_of_service_accepted");

boolean termsOfServiceAccepted = (termsOfServiceVar != null && termsOfServiceVar.equals ("on"));

// ... do your custom authentication ...

return authentication; // or a new authentication object

}

@Override

public boolean supports(Class extends Object> authentication) {

return (UsernamePasswordAuthenticationToken.class.isAssignableFrom(authentication));

}

}