Spring Security自定义登录页面 [英] Spring security custom login page

问题描述

有人可以帮助我获得如何在自定义登录jsp文件中添加更多字段的方法吗?默认值为"j_username"和"j_password".如果我想添加更多字段，并想在扩展AbstractUserDetailsAuthenticationProvider的CustomAuthenticationProvider类中获取该怎么办?如果有任何资源或链接在那里，请告诉我.

Can anybody please help me to get how can i add more field in custom login jsp file ? The default is "j_username" and "j_password". What if i want to add more field i.e and want to get it in my CustomAuthenticationProvider class which extends AbstractUserDetailsAuthenticationProvider. If there is any resource or link out there please let me know.

推荐答案

引用官方常见问题解答:

1.1.我需要登录的信息不仅仅是用户名.如何添加对额外登录字段(例如公司名称)的支持?

这个问题在Spring Security论坛中反复出现，因此您可以通过搜索档案(或通过google)在那里找到更多信息.

1.1. I need to login in with more information than just the username. How do I add support for extra login fields (e.g. a company name)?

This question comes up repeatedly in the Spring Security forum so you will find more information there by searching the archives (or through google).

提交的登录信息由UsernamePasswordAuthenticationFilter的实例处理.您将需要自定义此类以处理额外的数据字段.一种选择是使用您自己的自定义身份验证令牌类(而不是标准的UsernamePasswordAuthenticationToken)，另一种选择是简单地将多余的字段与用户名连接(例如，使用":"作为分隔符)并传递它们在UsernamePasswordAuthenticationToken的用户名属性中.

The submitted login information is processed by an instance of UsernamePasswordAuthenticationFilter. You will need to customize this class to handle the extra data field(s). One option is to use your own customized authentication token class (rather than the standard UsernamePasswordAuthenticationToken), another is simply to concatenate the extra fields with the username (for example, using a ":" as the separator) and pass them in the username property of UsernamePasswordAuthenticationToken.

您还需要自定义实际的身份验证过程.例如，如果使用的是自定义身份验证令牌类，则必须编写AuthenticationProvider进行处理(或扩展标准的DaoAuthenticationProvider).如果您已串联这些字段，则可以实现自己的UserDetailsService，将其拆分并加载适当的用户数据以进行认证.

You will also need to customize the actual authentication process. If you are using a custom authentication token class, for example, you will have to write an AuthenticationProvider to handle it (or extend the standard DaoAuthenticationProvider). If you have concatenated the fields, you can implement your own UserDetailsService which splits them up and loads the appropriate user data for authentication.

这篇关于Spring Security自定义登录页面的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！