如何使用spring security登录页面传递附加参数 [英] How to pass an additional parameter with spring security login page
问题描述
我正在尝试将数据库名称设置为 spring 安全登录页面的请求输入参数.目前我只获取使用 spring security SecurityContextHolder.getContext().getAuthentication()
检索到的用户名.
I am trying to set the database name as the request input parameter from the spring security login page. At present I am only getting username that's been retrieved using spring security SecurityContextHolder.getContext().getAuthentication()
.
如何访问登录页面上设置的附加字段?
How to access the additional field that's been set on the login page?
推荐答案
详细说明@Vacuum 的评论
Elaborating on @Vacuum's comment
这是一个简单的方法(未经测试,但我相信这会奏效)
Here's a simple way (untested, but I believe this would work)
- 创建一个新类
ExUsernamePasswordAuthenticationFilter
,它将扩展默认过滤器并获取附加参数并将其存储在会话中.它看起来像这样:
- Create a new class
ExUsernamePasswordAuthenticationFilter
that will extend the default filter and grab the additional parameter and store it in the session. It will look something like this:
public class ExUsernamePasswordAuthenticationFilter extends UsernamePasswordAuthenticationFilter {
@Override
public Authentication attemptAuthentication(HttpServletRequest request, HttpServletResponse response) throws AuthenticationException {
final String dbValue = request.getParameter("dbParam");
request.getSession().setAttribute("dbValue", dbValue);
return super.attemptAuthentication(request, response);
}
}
- 在您的
UserDetailsService
实现中,修改您的实现:
- In your
UserDetailsService
implementation, modify your implementation of:
UserDetails loadUserByUsername(String username) throws UsernameNotFoundException, DataAccessException;
获取步骤 1) 中过滤器提供的会话变量.
to grab the session variable that the filter from step 1) makes available.
- 在您的
<http/>
安全设置中,使用您的自定义过滤器覆盖默认过滤器
- in your
<http />
security set-up, override the default filter with your custom one
<custom-filter ref="beanForYourCustomFilterFromStep1" position="FORM_LOGIN_FILTER"/>
有关自定义过滤器的更多信息,请参阅文档的这一部分:http://static.springsource.org/spring-security/site/docs/3.1.x/reference/springsecurity-single.html#ns-custom-filters
Refer to this part of the documentation for more info about custom filters: http://static.springsource.org/spring-security/site/docs/3.1.x/reference/springsecurity-single.html#ns-custom-filters
这篇关于如何使用spring security登录页面传递附加参数的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!