0

我搜索了一些示例,但找不到任何示例。我必须在 loginController.login() 方法中做什么。如何将用户名和密码文本传递给 spring-security?

Spring-security.xml

<beans:beans xmlns="http://www.springframework.org/schema/security"
         xmlns:beans="http://www.springframework.org/schema/beans" 
         xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
         xsi:schemaLocation="http://www.springframework.org/schema/beans
http://www.springframework.org/schema/beans/spring-beans-3.2.xsd
http://www.springframework.org/schema/security
http://www.springframework.org/schema/security/spring-security-3.1.xsd">

<http auto-config="true" use-expressions="true">
    <intercept-url pattern="/pages/login.xhtml*" access="permitAll"/>
    <intercept-url pattern="/**" access="hasRole('admin')" />
    <form-login login-page='/pages/login.xhtml' default-target-url="/pages/index.xhtml"
                authentication-failure-url="/pages/login.xhtml"/>
    <logout logout-success-url="/pages/logout.xhtml" />

</http>
<!--Authentication Manager Details -->    
<authentication-manager alias="authenticationManager">
    <authentication-provider user-service-ref="customUserDetailsService">
        <password-encoder hash="md5"/>
    </authentication-provider>
</authentication-manager>

我的观点 login.xhtml

<?xml version='1.0' encoding='UTF-8' ?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml"
  xmlns:h="http://java.sun.com/jsf/html"
  xmlns:p="http://primefaces.org/ui">
<h:head>
    <title>User Login</title>        
</h:head>
<h:body>
    <h:form id="loginFormId">
        <p:outputPanel id="loginOutputPanelId">
            <p:panelGrid id="loginInformationPanel" columns="2">
                <h:outputText value="Username: "/>
                <p:inputText value="#{loginController.userName}"/>
                <h:outputText value="Password: "/>
                <p:inputText value="#{loginController.password}"/>
            </p:panelGrid>
            <p:commandButton value="Login" actionListener="#{loginController.login()}"/>
        </p:outputPanel>
    </h:form>
</h:body>

4

2 回答 2

1

我个人使用这种方式来设置 Spring-Security 上下文值:

import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.context.SecurityContextHolder;

//....

//In your login method:
List<Authority> auths = new ArrayList<Authority>();
auths.add(new Authority("ROLE_USER")); //Role here, like "admin"
Authentication authentication =  new UsernamePasswordAuthenticationToken(token, null, auths);
SecurityContextHolder.getContext().setAuthentication(authentication);

Authority课程如下:

import org.springframework.security.core.GrantedAuthority;


public class Authority implements GrantedAuthority{
  private static final long serialVersionUID = 9170140593525051237L;

  private String authority;

  public Authority(String authority) {
    super();
    this.authority = authority;
  }

  @Override
  public String getAuthority() {
    return authority;
  }
  @Override
  public String toString() {
    return "Authority [authority=" + authority + "]";
  }

}

我希望这有帮助

于 2013-06-10T09:06:41.207 回答
0

您可以通过 Pricipal 对象获取用户详细信息,如下所示。

login(Principal principal){

if (principal instanceof UsernamePasswordAuthenticationToken) {
        UsernamePasswordAuthenticationToken userDetails =     (UsernamePasswordAuthenticationToken) principal;
userDetails.getName();

}
于 2013-06-10T09:28:33.030 回答