有条件地应用注释的方法吗? [英] Is there a way to conditionally apply annotations?
问题描述
在我的java-play应用程序中,我的控制器内部具有注释@RequiresAuthentication(clientName = "CasClient").
In my java-play application I have the annotation @RequiresAuthentication(clientName = "CasClient") inside my controller.
我只想在生产环境中对用户进行身份验证.
I only want to authenticate users in my production environment.
如何有条件地应用注释?
How can I apply annotations conditionally?
如果我进行身份验证的方式有误,那么仅在Java Play应用程序中仅在生产环境下进行CAS身份验证的常规方法是什么?
If the way I'm approaching authentication is wrong, what is the conventional way of doing CAS authentication only on production in a java play application?
推荐答案
您可以实现身份验证器来对用户进行身份验证.您可以在身份验证器实现中编写身份验证逻辑.
You could implement authenticators to authenticate users. you could you write your authentication logic in your authenticator implementation.
播放已经带有内置的 authenticator 操作,我们将对其进行扩展以添加逻辑.我们称此身份验证器为"安全".
Play already comes with a built in authenticator action, which we will extend to add our logic. We will call this authenticator Secured.
import play.*;
import play.mvc.*;
import play.mvc.Http.*;
import models.*;
public class Secured extends Security.Authenticator {
@Override
public String getUsername(Context ctx) {
return ctx.session().get("email");
}
@Override
public Result onUnauthorized(Context ctx) {
return redirect(routes.Application.login());
}
}
我们在这里实现了两种方法. getUsername 用于获取当前登录用户的用户名.在我们的例子中,这是电子邮件地址,我们在用户登录时在会话中的电子邮件属性中设置了该地址.如果此方法返回一个值,那么验证者将认为用户已登录,并让请求继续进行.但是,如果该方法返回 null ,则验证器将阻止请求,而是调用 onUnathorized ,我们已将其实现为重定向到登录屏幕. 您可以实现自己的业务逻辑以供用户验证用户.
We have implemented two methods here. getUsername is used to get the username of the current logged in user. In our case this is the email address, that we set in the email attribute in the session when the user logged in. If this method returns a value, then the authenticator considers the user to be logged in, and lets the request proceed. If however the method returns null, then the authenticator will block the request, and instead invoke onUnathorized, which we have implemented to redirect to our login screen. You could implement your own business logic for user verify user.
现在让我们使用此身份验证器.在Application.java中,将带有我们的身份验证器的 @ Security.Authenticated 批注添加到 index 方法:
Now let’s use this authenticator. In Application.java, add the @Security.Authenticated annotation with our authenticator to the index method:
import play.mvc.Controller;
import play.mvc.Result;
public class Application extends Controller {
@Security.Authenticated(Secured.class)
public static Result index() {
return ok(index.render(
Project.findInvolving(request().username()),
Task.findTodoInvolving(request().username()),
User.find.byId(request().username())
));
}
}
这篇关于有条件地应用注释的方法吗?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
