使用 spring 3 安全性在 jsp 页面中访问我的自定义用户对象
我已经实现了 UserDetailsService,它返回 MyUser 的实例(它实现了 UserDetails)
public MyUser loadUserByUsername(String arg0)
现在我想访问 上的自定义 getter/字段>MyUser 在我的 JSP 页面中,到目前为止我得到了这个:
${pageContext.request.userPrincipal.name}
但这只允许访问 Principal 对象。如何访问 MyUser 对象?
I have implemented UserDetailsService, it returns an instance of MyUser (which implements UserDetails)
public MyUser loadUserByUsername(String arg0)
Now I want to access my custom getters/fields on MyUser in my JSP pages, so far I got this:
${pageContext.request.userPrincipal.name}
But that only allows access to a Principal object. How can I access MyUser object?
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(3)
在 jsp 页面中很简单,我添加了以下内容:
其中主体实际上是 MyUser 的实例,因此“firstname”可以是我的任何自定义 getter 和 setter
its easy in the jsp page I added this :
Where principal is actually an instance of MyUser, so "firstname" can be any of my custom getters and setters
分析HTTPSesson后,登录成功后立即发现有一个名为SPRING_SECURITY_CONTEXT的属性。例如,我的自定义 UserDetails 具有名为 user 的对象,该对象具有属性 firstName。在 JSP 中,可以通过以下方式获取此属性的值:
After analyzing the HTTPSesson, immediately after the successful log in, I found out that there is an attribute named SPRING_SECURITY_CONTEXT. For example, mine custom UserDetails has object named user, which has property firstName. In JSP, value of this property can be reached with the following:
如果您的
MyUser对象实现了Principal并且在成功登录后将其放置在 http 会话中,您可以从会话中获取它并进行转换。您可以实现 AuthenticationSuccessHandler 并在其中注入您的 UserDetailsService 并将其放置在会话中。
然后,您可以将
AuthenticationSuccessHandler注入到处理UsernamePasswordauthenticationFilter中。如果您向我提供有关安全上下文配置的详细信息,我可以为您提供更多详细信息。
If your
MyUserobject implementsPrincipaland you place it in the http session on successful login, you could get it from the session and cast it.You could implement the
AuthenticationSuccessHandlerinject yourUserDetailsServicein there and place it in the session.Then you could inject your
AuthenticationSuccessHandlerinto theUsernamePasswordauthenticationFilterwhich handles the<form-login>element.If you give me details about your security context config I could give you more details.