从 Spring Security 中的 Session 获取用户详细信息
声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow
原文地址: http://stackoverflow.com/questions/17827003/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me):
StackOverFlow
Get User details from Session in Spring Security
提问by Rao Pranav
I am new to Spring MVC and Spring Security. I have performed log-in and registration functionality using Spring security and MVC. I am not able to find any way for session management .
我是 Spring MVC 和 Spring Security 的新手。我已经使用 Spring security 和 MVC 执行了登录和注册功能。我找不到任何会话管理的方法。
I want to access some user details on all the pages like (email, name,id,role etc). I want to save these to session object so I can get these on any of the page.
我想访问所有页面上的一些用户详细信息,例如(电子邮件、姓名、ID、角色等)。我想将这些保存到会话对象,以便我可以在任何页面上获取这些。
I get the following way for session in spring
我在春季的会议中获得以下方式
Authentication auth = SecurityContextHolder.getContext().getAuthentication();
auth.getPrincipal();
But from the object returned by this I can get only username and password details.
但是从这个返回的对象我只能得到用户名和密码的详细信息。
But I need to access more details of that user.
但我需要访问该用户的更多详细信息。
- Is there any way to do this by saving it to session and the get on the jsp page?
- or is there any OOTB way in spring to get this done?
- 有没有办法通过将其保存到会话并在jsp页面上获取来做到这一点?
- 或者春天有没有OOTB的方式来完成这项工作?
Please help me to get solution for this. Thanks in advance.
请帮我解决这个问题。提前致谢。
I want to get my model class object to be returned from SecurityContextHolder.getContext().getAuthentication().getDetails(); For this what I need to configure.
我想从 SecurityContextHolder.getContext().getAuthentication().getDetails(); 返回我的模型类对象。为此,我需要配置。
Regards, Pranav
问候, 普拉纳夫
回答by Nikhil Talreja
You need to make your model class implement the UserDetailsinterface
你需要让你的模型类实现UserDetails接口
class MyUserModel implements UserDetails {
//All fields and setter/getters
//All interface methods implementation
}
Then in your spring controller you can do this:
然后在你的弹簧控制器中你可以这样做:
Authentication auth = SecurityContextHolder.getContext().getAuthentication();
Object myUser = (auth != null) ? auth.getPrincipal() : null;
if (myUser instanceof MyUserModel) {
MyUserModel user = (MyUserModel) myUser;
//get details from model object
}
回答by LaurentG
You can use this to get the UserDetails(or any implementation with your custom details).
您可以使用它来获取UserDetails(或具有自定义详细信息的任何实现)。
UserDetails userDetails = SecurityContextHolder.getContext().getAuthentication().getDetails();
If there are not available, you can load the user details from the UserDetailsService.
如果没有可用,您可以从UserDetailsService.
In both cases, I think you have to save them yourself in a session scope bean.
在这两种情况下,我认为您必须自己将它们保存在会话范围 bean 中。
