java - 如何使用jsf获取Spring Security中当前登录的用户名?

标签 java spring jsf spring-security

我是 Spring Security 的新人。我正在使用 jsf2 和 spring security 3。三个问题:

如何从 session 组件访问当前登录用户的用户信息(名称、密码、角色、上次访问权限)?

为了在 View 中使用它,例如根据用户的角色渲染元素。

如何知道用户是否已登录?为了在用户未登录时在 View 中显示“登录链接”,或者在用户登录时显示“注销链接”。我必须在组件中使用 Spring Security 的哪个属性来存储此信息并在 View 中使用它?

这是我的身份验证组件

@Scope("session")
@Component("Authentification")

public class Authentification {

String username;
public String loggedName() throws IOException,ServletException{
    Object principal = SecurityContextHolder.getContext().getAuthentication().getPrincipal();
    if (principal instanceof UserDetails) {
      username = ((UserDetails)principal).getUsername();
    } else {
       username = principal.toString();
    }
    return username;
}

}

这是我的 xhtml 文件中此方法的调用: 一切正常,但当我尝试获取当前记录的用户名时,出现此错误

Infos: Instantiated an instance of org.hibernate.validator.engine.resolver.JPATraversableResolver.
juin 10, 2014 3:36:33 PM com.sun.faces.application.view.FaceletViewHandlingStrategy handleRenderException
Grave: Error Rendering View[/boo/listProjets.xhtml]
javax.el.ELException: /boo/myDatatable.xhtml @286,68 value="#{Authentification.loggedName()}": Method not found: class $Proxy8.loggedName()
    at com.sun.faces.facelets.el.TagValueExpression.getValue(TagValueExpression.java:111)
    at javax.faces.component.ComponentStateHelper.eval(ComponentStateHelper.java:190)
    at javax.faces.component.ComponentStateHelper.eval(ComponentStateHelper.java:178)
    at javax.faces.component.UIOutput.getValue(UIOutput.java:164)
    at org.primefaces.util.ComponentUtils.getValueToRender(ComponentUtils.java:75)
    at org.primefaces.component.outputlabel.OutputLabelRenderer.encodeEnd(OutputLabelRenderer.java:37)
    at javax.faces.component.UIComponentBase.encodeEnd(UIComponentBase.java:879)
    at javax.faces.component.UIComponent.encodeAll(UIComponent.java:1650)
    at javax.faces.component.UIComponent.encodeAll(UIComponent.java:1646)
    at com.sun.faces.application.view.FaceletViewHandlingStrategy.renderView(FaceletViewHandlingStrategy.java:389)
    at com.sun.faces.application.view.MultiViewHandler.renderView(MultiViewHandler.java:127)
    at com.sun.faces.lifecycle.RenderResponsePhase.execute(RenderResponsePhase.java:117)
    at com.sun.faces.lifecycle.Phase.doPhase(Phase.java:97)
    at com.sun.faces.lifecycle.LifecycleImpl.render(LifecycleImpl.java:135)
    at javax.faces.webapp.FacesServlet.service(FacesServlet.java:309)
    at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:303)
    at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
    at org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:52)
    at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241)
    at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
    at org.springframework.orm.jpa.support.OpenEntityManagerInViewFilter.doFilterInternal(OpenEntityManagerInViewFilter.java:113)
    at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:76)
    at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241)
    at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
    at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:368)
    at org.springframework.security.web.access.intercept.FilterSecurityInterceptor.invoke(FilterSecurityInterceptor.java:109)
    at org.springframework.security.web.access.intercept.FilterSecurityInterceptor.doFilter(FilterSecurityInterceptor.java:83)
    at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:380)
    at org.springframework.security.web.access.ExceptionTranslationFilter.doFilter(ExceptionTranslationFilter.java:97)
    at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:380)
    at org.springframework.security.web.session.SessionManagementFilter.doFilter(SessionManagementFilter.java:100)
    at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:380)
    at org.springframework.security.web.authentication.AnonymousAuthenticationFilter.doFilter(AnonymousAuthenticationFilter.java:78)
    at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:380)
    at org.springframework.security.web.authentication.rememberme.RememberMeAuthenticationFilter.doFilter(RememberMeAuthenticationFilter.java:119)
    at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:380)
    at org.springframework.security.web.servletapi.SecurityContextHolderAwareRequestFilter.doFilter(SecurityContextHolderAwareRequestFilter.java:54)
    at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:380)
    at org.springframework.security.web.savedrequest.RequestCacheAwareFilter.doFilter(RequestCacheAwareFilter.java:35)
    at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:380)
    at org.springframework.security.web.authentication.www.BasicAuthenticationFilter.doFilter(BasicAuthenticationFilter.java:177)
    at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:380)
    at org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter.doFilter(AbstractAuthenticationProcessingFilter.java:187)
    at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:380)
    at org.springframework.security.web.authentication.logout.LogoutFilter.doFilter(LogoutFilter.java:105)
    at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:380)
    at org.springframework.security.web.context.SecurityContextPersistenceFilter.doFilter(SecurityContextPersistenceFilter.java:57)
    at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:380)
    at org.springframework.security.web.FilterChainProxy.doFilter(FilterChainProxy.java:169)
    at org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:237)
    at org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:167)
    at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241)
    at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
    at org.springframework.security.web.context.SecurityContextPersistenceFilter.doFilter(SecurityContextPersistenceFilter.java:79)
    at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241)
    at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
    at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:220)
    at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:122)
    at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:501)
    at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:170)
    at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:98)
    at org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java:950)
    at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:116)
    at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:408)
    at org.apache.coyote.http11.AbstractHttp11Processor.process(AbstractHttp11Processor.java:1040)
    at org.apache.coyote.AbstractProtocol$AbstractConnectionHandler.process(AbstractProtocol.java:607)
    at org.apache.tomcat.util.net.JIoEndpoint$SocketProcessor.run(JIoEndpoint.java:315)
    at java.util.concurrent.ThreadPoolExecutor.runWorker(Unknown Source)
    at java.util.concurrent.ThreadPoolExecutor$Worker.run(Unknown Source)
    at java.lang.Thread.run(Unknown Source)

最佳答案

您可以为每个请求编写自己的拦截器,该拦截器将放入登录用户或匿名或其他任何内容的模型和 View 对象模型中。如果你总是需要在 View 中获取登录用户,那么这是一个好方法,但如果你想立即获取它,一个 Controller /页面 - 最好用具体方法来实现。编写方式是 get SecurityContext 并调用方法 getContext().getAuthentication().getPrincipal() ,它会为您提供登录用户。您的代码不起作用,因为您尝试调用的方法不是静态的,而且它很好,因为这不是从 View 中获取经过身份验证的用户的好方法。

我在地下,所以我无法添加一些代码片段。有。 获取登录用户的方法:

SecurityContextHolder.getContext().getAuthentication().getPrincipal()

实现 UserInterceptor 的完整方法:

@Component
public class UserInterceptor implements HandlerInterceptor {
    @Override
    public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object o) throws Exception {
        return true;
    }

    @Override
    public void postHandle(HttpServletRequest request, HttpServletResponse response, Object o, ModelAndView mav)
            throws Exception {
        if (mav != null) {
            SmartUserDetails user = (SmartUserDetails) SecurityContextHolder.getContext().getAuthentication().getPrincipal();
            SmartUser smartUser = user.getSmartUser();
            mav.addObject("smartUser", smartUser);
        }
    }

    @Override
    public void afterCompletion(HttpServletRequest request, HttpServletResponse response, Object o, Exception e)
        throws Exception {

    }
}

我将登录用户转换到我的自定义模型。

关于java - 如何使用jsf获取Spring Security中当前登录的用户名?,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/24145253/

上一篇:java - 如何使用分类器访问 jar?

下一篇:java - 新线程导致 ContextNotActiveException

相关文章:

java - p :dashboard model dynamically update 出现问题

jsf - jsf 的日期+时间选择器

Java 泛型 - 类型删除后的方法

java - 必填字段 'client_protocol' 未设置

java - 如果实现 AutoCloseable,帮助调用 close()?

java - 如何给 ImageIcon 着色

javascript - 无法手动将 DIV 元素的可见性设置为 true。 "TH:IF"问题

java - Spring Boot安全性在https之后阻止静态资源

java - CrudRepository : Save method deletes entry

java - JSF View id 作为请求 token

©2024 IT工具网  联系我们