在我的控制器中,我有这个,可以 正常 登录用户:
Authentication auth = new UsernamePasswordAuthenticationToken(user, null, user.getAuthorities());SecurityContextHolder.getContext().setAuthentication(auth);
其中user是我新创建的自定义用户对象(实现UserDetails)。该
getAuthorities()方法执行此操作(只是因为我所有的用户都具有相同的角色):
public Collection<GrantedAuthority> getAuthorities() { //make everyone ROLE_USER Collection<GrantedAuthority> grantedAuthorities = new ArrayList<GrantedAuthority>(); GrantedAuthority grantedAuthority = new GrantedAuthority() { //anonymous inner type public String getAuthority() { return "ROLE_USER"; } }; grantedAuthorities.add(grantedAuthority); return grantedAuthorities; }
