向存储在 spring 安全上下文中的主体对象添加其他详细信息 [英] Adding additional details to principal object stored in spring security context
问题描述
我正在使用 Spring 3.0 和 Spring Security 3.我能够使用 Spring Security 针对数据库对用户进行身份验证.使用:
I am using Spring 3.0 and Spring Security 3. I am able to authenticate a user against a database using Spring Security. Using:
SecurityContextHolder.getContext().getAuthentication().getPrincipal()
我能够检索当前登录用户的用户名.我希望添加其他详细信息,例如用户 ID 和模块对存储在 Spring Security 上下文中的主体对象的访问权限,以便我以后可以检索它.如何向主体对象添加其他详细信息,然后如何在 jsp 或 java 类上检索它.如果可能,请提供适当的代码片段.
I am able to retrieve username of the current logged in user. I wish to add additional details like user id and the module accesses to the principal object stored in Spring Security context so that I can retrieve it later. How can I add additional details to the principal object and then how can I retrieve it later on a jsp or java class. Please provide an appropriate code snippet if possible.
我正在使用 JDBC 访问我的数据库.
I am using JDBC to access my database.
提前致谢.
推荐答案
为了向经过身份验证的用户添加更多详细信息.您需要首先创建您自己的 User 对象实现,它应该扩展 spring security User 对象.之后,您可以向经过身份验证的用户添加要添加的属性.完成此操作后,您需要在 UserDetailService 中返回用户对象的实现(如果您未使用 LDAP 进行身份验证).此链接提供了向经过身份验证的用户添加更多详细信息的详细信息--
In order to add more details to the authenticated user. You need to first create your own implementation of the User object which should extend the spring security User object. After that you can add the properties you want to add to the authenticated user. Once this is done you need to return your implementation of the user object in UserDetailService (If you are not using LDAP for authentication). This link provides the details for adding more details to the authenticated user--
http://javahotpot.blogspot.com/2013/12/spring-security-adding-more-information.html
这篇关于向存储在 spring 安全上下文中的主体对象添加其他详细信息的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
