Spring Security将URL参数传递给身份验证提供程序 [英] Spring Security pass URL parameters to Authentication Provider

问题描述

Spring Security 3中是否可以将URL参数传递给身份验证提供程序?

Is there a way to pass URL parameters to an authentication provider in Spring Security 3?

我们的登录页面将需要接收电子邮件令牌，作为身份验证系统设置用户状态时需要注意的参数.具体来说，它将使具有正确令牌登录的用户登录，否则将无法登录.

Our login page will need to receive an email token as a parameter that the authentication system will need to be aware of when it sets the status of the user. Specifically, it will let a user with a correct token log in that would not otherwise be able to.

我有一个自定义类，扩展了DaoAuthenticationProvider类.我的身份验证逻辑在该类的authenticate方法中.

I have a custom class extending the DaoAuthenticationProvider class. My authentication logic is in that class's authenticate method.

我希望有一些方法可以将此数据传递到authenticate方法中.

I'm hoping there is some way to pass this data into the authenticate method.

推荐答案

您可以在身份验证提供程序类上注入HttpServletRequest对象:

You could inject the HttpServletRequest object on your authentication provider class:

private @Autowired HttpServletRequest request;

现在，您应该能够使用request.getParameterValues(paramName)

Now, you should be able to access the request parameters with APIs such as request.getParameterValues(paramName)

这篇关于Spring Security将URL参数传递给身份验证提供程序的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！