访问当前用户,在spring控制器中,getAuthentication()返回null
我尝试实施此问题中提供的解决方案。
但是,它们都不适合我。在我的抽象基本控制器中,我有以下方法(我也在具有静态方法的帮助器类中尝试过,但同样的问题):
public User getUser() {
User user =
(User) SecurityContextHolder.getContext().getAuthentication().getPrincipal();
}
getAuthentication() 返回 null,即使在我的 jsps 中,以下内容工作完美:
<sec:authentication property="principal.firstname" />
因为我的自定义用户对象是可访问的。
为什么 getAuthentication 返回 null ?
另外,我尝试将主体作为参数传递给我的特定控制器方法,这也是 null 解析为 null ...
为什么我的主体为 null,但 jsp 仍在工作?
I have attempted to implement the solutions provided in this question.
However, none of them are working for me. In my abstract base controller, I have the following method (I also tried in helper class with static methods, but same problem):
public User getUser() {
User user =
(User) SecurityContextHolder.getContext().getAuthentication().getPrincipal();
}
the getAuthentication() is returning null, even though in my jsps, the following is working perfectly:
<sec:authentication property="principal.firstname" />
In that my custom user object is accesible.
Why does getAuthentication return null ?
Also, I tried passing in the Principal as parameter to my specific controller method, this is null resolves to null too ...
Why is my principal null, but yet the jsp is working ?
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(1)
确保控制器 URL 的
filters = "none",它会禁用 Spring Security 过滤器,因此安全上下文不会得到填充。如果您需要让每个人都可以访问控制器,请使用 其他方法。
Make sure you don't have
filters = "none"in<intercept-url>for your controller's URL, it disables Spring Security filters, thus security context doesn't get populated.If you need to make your controller accessible for everyone, use other approaches.