Java 如何将登录表单中的额外参数调用到CustomAuthenticationProvider
我看过其他关于这个的帖子,但仍然没有找到合适的答案 我提交的表单有三个参数,而不是两个 这里是我的CustomAuthenticationProvider:Java 如何将登录表单中的额外参数调用到CustomAuthenticationProvider,java,spring,spring-security,Java,Spring,Spring Security,我看过其他关于这个的帖子,但仍然没有找到合适的答案 我提交的表单有三个参数,而不是两个 这里是我的CustomAuthenticationProvider: @Component public class CustomAuthenticationProvider implements AuthenticationProvider { private static final Logger logger = LoggerFactory.getLogger(CustomAuthenticationP
@Component
public class CustomAuthenticationProvider implements AuthenticationProvider {
private static final Logger logger = LoggerFactory.getLogger(CustomAuthenticationProvider.class);
@Override
public Authentication authenticate(Authentication auth) throws AuthenticationException {
String userName = auth.getName().trim();
String password = auth.getCredentials().toString().trim();
String companyName ;
if (userName.equals("admin") && password.equals("123456")) {
List<GrantedAuthority> grantedAuths = new ArrayList<>();
grantedAuths.add(new SimpleGrantedAuthority("ROLE_ADMIN"));
Authentication upat = new UsernamePasswordAuthenticationToken(userName, password, grantedAuths);
logger.info("{}:{}",userName,grantedAuths);
return upat;
} else {
return null;
}
}
@Override
public boolean supports(Class<?> auth) {
return (UsernamePasswordAuthenticationToken.class.isAssignableFrom(auth));
}
@组件
公共类CustomAuthenticationProvider实现AuthenticationProvider{
私有静态最终记录器Logger=LoggerFactory.getLogger(CustomAuthenticationProvider.class);
@凌驾
公共身份验证(Authentication auth)引发AuthenticationException{
字符串userName=auth.getName().trim();
字符串密码=auth.getCredentials().toString().trim();
字符串公司名称;
if(userName.equals(“admin”)和password.equals(“123456”)){
List grantedAuths=new ArrayList();
grantedAuths.add(新的SimpleGrantedAuthority(“角色管理”);
身份验证upat=新用户名PasswordAuthenticationToken(用户名、密码、授权身份验证);
info(“{}:{}”,用户名,grantedAuths);
返回upat;
}否则{
返回null;
}
}
@凌驾
公共布尔支持(类auth){
返回(UsernamePasswordAuthenticationToken.class.isAssignableFrom(auth));
}
我想从登录表单中获取额外参数,以验证CustomAuthenticationProvider
如何从登录表单中获取参数?经过研究并从另一篇文章中修改了主要内容后,我通过注入
AuthenticationDetailsSource
和WebAuthenticationDetails
找到了解决方案。因此,我将在这里分享解决方案:
首先为自定义筛选器创建新类以获取参数:
class ExtraParam extends WebAuthenticationDetails {
private static final long serialVersionUID = 1L;
private final String company;
public ExtraParam(HttpServletRequest request) {
super(request);
this.company = request.getParameter("company");
}
public String getCompanyName() {
return company;
}
}
然后创建用于注入的源类:
class ExtraParamSource implements AuthenticationDetailsSource<HttpServletRequest, ExtraParam> {
public ExtraParam buildDetails (HttpServletRequest context) {
return new ExtraParam(context);
}
}
别忘了豆子:
<beans:bean id="ExtraParamSource" class="com.xxx.xxx.xxx.ExtraParamSource"/>
参考资料:
1) 请出示您的spring安全配置……感谢您的意图,我已经得到了答案:)
<beans:bean id="ExtraParamSource" class="com.xxx.xxx.xxx.ExtraParamSource"/>
@Component
public class CustomAuthenticationProvider implements AuthenticationProvider{
@Override
public Authentication authenticate(Authentication auth) throws AuthenticationException {
String userName = auth.getName().trim();
String password = auth.getCredentials().toString().trim();
String companyName = ((ExtraParam)auth.getDetails()).getCompanyName();
....