猿问

使用spring security成功登录后如何将对象添加到视图中?

成功登录后,我尝试重定向到需要实例化对象的页面,如我的 HomeController 中所述:


@RequestMapping(value={"/","/home"}, method=RequestMethod.GET)

public ModelAndView home() {

    ModelAndView view = new ModelAndView("home");

    view.addObject("client", new Client());

    return view;

}

问题是我不知道如何使用 spring security 来执行此操作,因为我能做的唯一设置是在成功登录后设置页面:


.formLogin()

    .loginPage("/login")

    .defaultSuccessUrl("/home")

    .permitAll()

使用 spring security 成功登录后如何将此对象添加到视图中?


料青山看我应如是
浏览 82回答 1
1回答

回首忆惘然

假设您有这样的 WebSecurity 配置。你只需要添加一个successHandler@Configuration@EnableWebSecuritypublic class SecSecurityConfig extends WebSecurityConfigurerAdapter {    @Autowired    private SimpleAuthenticationSuccessHandler successHandler;    @Bean("authenticationManager")    @Override    public AuthenticationManager authenticationManagerBean() throws Exception {            return super.authenticationManagerBean();    }    @Autowired    public void configureGlobal(AuthenticationManagerBuilder auth) throws Exception {        // @formatter:off        auth.inMemoryAuthentication()            .withUser("user1").password("{noop}user1Pass").roles("USER")            .and()            .withUser("admin1").password("{noop}admin1Pass").roles("ADMIN");        // @formatter:on    }    @Override    protected void configure(final HttpSecurity http) throws Exception {        http.authorizeRequests()            .antMatchers("/anonymous*").anonymous()            .antMatchers("/login*").permitAll()            .anyRequest().authenticated()            .and()            .formLogin()            .loginPage("/login.html")            .loginProcessingUrl("/login")            .successHandler(successHandler)            // ...            }}SimpleAuthenticationSuccessHandler 类// Change onAuthenticationSuccess logic as per your requirement@Componentpublic class SimpleAuthenticationSuccessHandler implements AuthenticationSuccessHandler {    private RedirectStrategy redirectStrategy = new DefaultRedirectStrategy();    @Override    public void onAuthenticationSuccess(HttpServletRequest arg0, HttpServletResponse arg1, Authentication authentication)            throws IOException, ServletException {        redirectStrategy.sendRedirect(arg0, arg1, "/home");        /*        Collectionextends GrantedAuthority> authorities = authentication.getAuthorities();        authorities.forEach(authority -> {            if(authority.getAuthority().equals("ROLE_USER")) {                try {                    redirectStrategy.sendRedirect(arg0, arg1, "/user");                } catch (Exception e) {                    // TODO Auto-generated catch block                    e.printStackTrace();                }            } else if(authority.getAuthority().equals("ROLE_ADMIN")) {                try {                    redirectStrategy.sendRedirect(arg0, arg1, "/admin");                } catch (Exception e) {                    // TODO Auto-generated catch block                    e.printStackTrace();                }            } else {                throw new IllegalStateException();            }        });        */    }}这会将您的调用重定向到"/home",控制器将进一步负责加载您的对象。
随时随地看视频慕课网APP

相关分类

Java
我要回答