我正在使用 Spring 3.1.0.RELEASE 和 Spring Security 3.1。我想将我的 Spring 用户(即当前登录的用户)注入(inject)到 Controller 中。我想这样做而不是使用
SecurityContextHolder.getContext().getAuthentication().getPrincipal();
因为它允许我使用 JUnit 更轻松地测试 Controller 。但是,我当前的设置有问题。我的问题是,将我的用户(每个请求)注入(inject)到我的 Controller 中的正确方法是什么?在我的应用程序上下文文件中,我有...
<bean id="userDetails" class="com.myco.eventmaven.security.SecurityHolder" factory-method="getUserDetails" scope="request">
<aop:scoped-proxy />
</bean>
我将工厂类定义为...
public class SecurityHolder {
@Autowired
private static UserService userService;
public static MyUserDetails getUserDetails() {
final Authentication a = SecurityContextHolder.getContext().getAuthentication();
if (a == null) {
return null;
} else {
final MyUserDetails reg = (MyUserDetails) a.getPrincipal();
final int userId = reg.getId();
final MyUserDetails foundUser = userService.findUserById(userId);
return foundUser;
} // if
} // getUserDetails
}
但是工厂类反复死掉,因为“userService”无法 Autowiring (该值始终为空)。我正在寻找一种更好的方法来完成这一切,并且可以轻松集成到我的 JUnit 测试中。有什么想法吗?
编辑:这是我想要使用的 JUnit 测试...
@RunWith(SpringJUnit4ClassRunner.class)
@ContextConfiguration({ "file:src/test/resources/testApplicationContext.xml" })
public class UserEventFeedsControllerTest extends AbstractTransactionalJUnit4SpringContextTests {
private MockHttpServletRequest request;
private MockHttpServletResponse response;
...
@Autowired
private RequestMappingHandlerAdapter handlerAdapter;
@Autowired
private RequestMappingHandlerMapping handlerMapping;
@Before
public void setUp() {
...
request = new MockHttpServletRequest();
response = new MockHttpServletResponse();
}
...
@Test
public void testSubmitUserEventFeedsForm() throws Exception {
request.setRequestURI("/eventfeeds.jsp");
request.setMethod("POST");
final List<EventFeed> allEventFeeds = getAllEventFeeds();
request.setParameter("userEventFeeds", allEventFeeds.get(0).getId().toString());
final Object handler = handlerMapping.getHandler(request).getHandler();
final ModelAndView mav = handlerAdapter.handle(request, response, handler);
assertViewName(mav, "user/eventfeeds");
}
最佳答案
您无法 Autowiring 静态
字段。有一些解决方法,但我不想向您展示......
有很多方法可以更轻松、更优雅地访问当前用户:
将
Principal
注入(inject)您的 Controller (请参阅 When using Spring Security, what is the proper way to obtain current username (i.e. SecurityContext) information in a bean? ):public ModelAndView showResults(final HttpServletRequest request, Principal principal) { final String currentUser = principal.getName(); UserDetails ud = ((Authentication)principal).getPrincipal()
开发您的定制facade通过
SecurityContext
替换
SecurityContextHolder
中的内置contextHolderStrategy
以进行测试
另请参阅
关于spring - 将 Spring 安全用户注入(inject) Controller 时遇到问题,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/9793863/