如何在Spring Security登录页面中传递附加参数 [英] How to pass an additional parameter with spring security login page
问题描述
我正在尝试从Spring安全性登录页面将数据库名称设置为请求输入参数.目前,我只获得使用Spring Security SecurityContextHolder.getContext().getAuthentication()
检索到的用户名.
I am trying to set the database name as the request input parameter from the spring security login page. At present I am only getting username that's been retrieved using spring security SecurityContextHolder.getContext().getAuthentication()
.
如何访问在登录页面上设置的其他字段?
How to access the additional field that's been set on the login page?
推荐答案
详细介绍@Vacuum的评论
Elaborating on @Vacuum's comment
这是一种简单的方法(未经测试,但我相信这会起作用)
Here's a simple way (untested, but I believe this would work)
1)创建一个新类ExUsernamePasswordAuthenticationFilter
,它将扩展默认过滤器并获取其他参数并将其存储在会话中.看起来像这样:
1) Create a new class ExUsernamePasswordAuthenticationFilter
that will extend the default filter and grab the additional parameter and store it in the session. It will look something like this:
public class ExUsernamePasswordAuthenticationFilter extends UsernamePasswordAuthenticationFilter {
@Override
public Authentication attemptAuthentication(HttpServletRequest request, HttpServletResponse response) throws AuthenticationException {
final String dbValue = request.getParameter("dbParam");
request.getSession().setAttribute("dbValue", dbValue);
return super.attemptAuthentication(request, response);
}
}
2)在您的UserDetailsService
实现中,修改以下内容的实现:
2) In your UserDetailsService
implementation, modify your implementation of:
UserDetails loadUserByUsername(String username) throws UsernameNotFoundException, DataAccessException;
获取第1)步中的过滤器提供的会话变量.
to grab the session variable that the filter from step 1) makes available.
3)在您的<http />
安全设置中,用您的自定义过滤器覆盖默认过滤器
3) in your <http />
security set-up, override the default filter with your custom one
<custom-filter ref="beanForYourCustomFilterFromStep1" position="FORM_LOGIN_FILTER"/>
Refer to this part of the documentation for more info about custom filters: http://static.springsource.org/spring-security/site/docs/3.1.x/reference/springsecurity-single.html#ns-custom-filters
这篇关于如何在Spring Security登录页面中传递附加参数的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!