如果我正确理解了您的问题,则可以提出建议。
首先,您必须实现类,其中将包含用户信息。此类必须继承自
org.springframework.security.core.userdetails.User:
public class CustomUserDetails extends User { public CustomUserDetails(String username, String password, Collection<? extends GrantedAuthority> authorities) { super(username, password, authorities); } //for example lets add some person data private String firstName; private String lastName; //getters and setters}下一步,您将创建自己的接口实现
org.springframework.security.core.userdetails.UserDetailsService:
@Servicepublic class CustomUserDetailService implements UserDetailsService{ @Override public UserDetails loadUserByUsername(String userName) throws UsernameNotFoundException{ if(StringUtils.isEmpty(userName)) throw new UsernameNotFoundException("User name is empty"); //if you don't use authority based security, just add empty set Set<GrantedAuthority> authorities = new HashSet<>(); CustomUserDetails userDetails = new CustomUserDetails(userName, "", authorities); //here you can load user's data from DB or from //any other source and do: //userDetails.setFirstName(firstName); //userDetails.setLastName(lastName); return userDetails; }}如您所见,此类只有一个方法,您可以在其中加载和设置自定义用户详细信息。注意,我用
@Service注释标记了该类。但是您可以在Java-
config或XML上下文中注册它。
现在,要在成功通过身份验证后访问用户数据,可以使用下一种方法,当Spring将自动通过控制器方法传递主体时:
@Controllerpublic class MyController{ @RequestMapping("/mapping") public String myMethod(Principal principal, ModelMap model){ CustomUserDetails userDetails = (CustomUserDetails)principal; model.addAttribute("firstName", userDetails.getFirstName()); model.addAttribute("lastName", userDetails.getLastName()); }}或另一种方式:
@Controllerpublic class MyController{ @RequestMapping("/mapping") public String myMethod(ModelMap model){ Authentication auth = SecurityContextHolder.getContext().getAuthentication(); CustomUserDetails userDetails = (CustomUserDetails)auth.getPrincipal(); model.addAttribute("firstName", userDetails.getFirstName()); model.addAttribute("lastName", userDetails.getLastName()); }}该方法可以在Spring不自动通过主体的其他地方使用。
要在成功通过身份验证后转到特定地址,可以使用
SimpleUrlAuthenticationSuccessHandler。只需在您的配置中创建它:
@Beanpublic SavedRequestAwareAuthenticationSuccessHandler successHandler() { SavedRequestAwareAuthenticationSuccessHandler successHandler = new SavedRequestAwareAuthenticationSuccessHandler(); successHandler.setTargetUrlParameter("/succeslogin"); return successHandler;}并在您的配置中使用它:
http.formLogin() .loginProcessingUrl("/login") .permitAll() .usernameParameter("email") .passwordParameter("pass") .successHandler(successHandler())之后,您可以创建控制器,它将发送来自特定网址的响应:
@Controller@RequestMapping("/sucesslogin")public class SuccessLoginController{ @RequestMapping(method = RequestMethod.POST) public String index(ModelMap model, Principal principal){ //here you can return view with response }}当然,您不仅可以返回视图,还可以返回JSON响应(使用
@ResponseBody批注)或其他方式,这取决于您的前端。希望这会有所帮助。
