Java 使用spring security进行身份验证后,如何基于角色重定向
我使用spring安全、spring、hibernate和jsf身份验证可以正常工作,但它总是将我重定向到home.jsf页面 我想在身份验证后管理用户的访问 我想在身份验证后管理用户的访问 如果authority=ROLE\u ADMIN.jsf 如果authority=ROLE_RH.jsf 如果authority=ROLE\u EXCUTIVE redirect ves homeex.jsf 如果authority=ROLE\u MANAGER重定向ves homem.jsf 如果authority=ROLE\u GP重定向ves homegp.jsf Collabour表中的autority字段 Colaborateur类是Java 使用spring security进行身份验证后,如何基于角色重定向,java,spring,hibernate,jsf,spring-security,Java,Spring,Hibernate,Jsf,Spring Security,我使用spring安全、spring、hibernate和jsf身份验证可以正常工作,但它总是将我重定向到home.jsf页面 我想在身份验证后管理用户的访问 我想在身份验证后管理用户的访问 如果authority=ROLE\u ADMIN.jsf 如果authority=ROLE_RH.jsf 如果authority=ROLE\u EXCUTIVE redirect ves homeex.jsf 如果authority=ROLE\u MANAGER重定向ves homem.jsf 如果auth
private Integer idColaborateur;
private Rolecol rolecol;
private String matriculeColaborateur;
private String nomColaborateur;
private String prenomColaborateur;
private String mailColaborateur;
private String pwdColaboratuer;
private String loginColaborateur;
private String adresseColaborateur;
private Boolean flgSuspendu;
private Set<HistoriqueNoteObjctif> historiqueNoteObjctifs = new HashSet<HistoriqueNoteObjctif>(
0);
private Set<Note> notes = new HashSet<Note>(0);
private Set<NoteObjectifs> noteObjectifses = new HashSet<NoteObjectifs>(0);
private Set<CompagneDevaluation> compagneDevaluations = new HashSet<CompagneDevaluation>(
0);
private Set<ColaborateurHierarchique> colaborateurHierarchiques = new HashSet<ColaborateurHierarchique>(
0);
private String authority;
//getter and seter
public class User implements UserDetails {
private static final long serialVersionUID = 1L;
private String name;
private String password;
private Colaborateur user;
public void setUser(Colaborateur user) {
this.user = user;
}
public User(String name) {
FacesContext fc=FacesContext.getCurrentInstance();
UserBean userBean=(UserBean) fc.getApplication().createValueBinding("#{UserBean}").getValue(fc);
userBean.chargerUtilisateur(name);
user = userBean.getUtilisateur();
System.err.println("USERS >>> "+user);
PasswordSupport pswdSupport = new PasswordSupport();
if (user!=null){
System.out.println("User.getLogin() :"+user.getLoginColaborateur());
System.out.println("user.getPwd() :"+user.getPwdColaboratuer());
this.name=user.getMatriculeColaborateur();
this.password=user.getPwdColaboratuer();
System.err.println(pswdSupport.getMD5Hash("1"));
}
}
public Collection<GrantedAuthority> getAuthorities() {
List<GrantedAuthority> grantedAuthorities = new ArrayList<GrantedAuthority>();
System.out.println("GrantedAuthorityImpl 1");
System.out.println("GrantedAuthorityImpl 2");
System.out.println("GrantedAuthorityImpl 3");
System.out.println("GrantedAuthorityImpl 4");
grantedAuthorities.add(new GrantedAuthorityImpl("ROLE_VISITEUR"));
return grantedAuthorities;
}
//getter and setter
如何更新类MyAuthSuccessHandler、USer和applicationContext.xml文件
在身份验证后管理用户的访问
如果authority=ROLE\u ADMIN.jsf
如果authority=ROLE_RH.jsf
如果authority=ROLE\u EXCUTIVE redirect ves homeex.jsf
如果authority=ROLE\u MANAGER重定向ves homem.jsf
如果authority=ROLE\u GP重定向ves homegp.jsf
这是UserBean类
@Component("UserBean")
@Scope("session")
public final class UserBean implements Serializable {
/**
*
*/
private static final long serialVersionUID = 1L;
@Autowired
private Colaborateurservice colaborateurservice;
private Colaborateur utilisateur;
public UserBean() {
super();
// TODO Auto-generated constructor stub
}
@PostConstruct
public void initiate() {
try {
} catch (Exception e) {
e.printStackTrace();
}
}
public void testBean() {
System.out.println("testBean");
}
public void chargerParametreGlob() {
try {
System.out.println("chargerParametreGlob ");
} catch (Exception e) {
// TODO Auto-generated catch block
e.printStackTrace();
}
}
public void chargerUtilisateur(String login) {
System.out.println(login);
try {
utilisateur = new Colaborateur();
List<Colaborateur> list = colaborateurservice
.findByMatriculeColaborateurlo(login);
System.out.println(list);
if (list.size() > 0) {
this.utilisateur = (Colaborateur) list.get(0);
System.out.println("utilisateur.getLogin() :"
+ utilisateur.getMatriculeColaborateur());
System.out.println("utilisateur.getPwd() :"
+ utilisateur.getLoginColaborateur().length());
}
} catch (Exception e) {
e.printStackTrace();
}
}
public String logout() {
FacesContext context = FacesContext.getCurrentInstance();
HttpSession session = (HttpSession) context.getExternalContext()
.getSession(true);
if (session == null) {
return "logout";
} else {
session.invalidate();
return "logout";
}
}
public void setUtilisateur(Colaborateur utilisateur) {
this.utilisateur = utilisateur;
}
public Colaborateur getUtilisateur() {
return utilisateur;
}
}
@组件(“UserBean”)
@范围(“会议”)
公共最终类UserBean实现了可序列化{
/**
*
*/
私有静态最终长serialVersionUID=1L;
@自动连线
专用ColaborateUrse服务ColaborateUrse服务;
私人合作社利用者;
公共用户bean(){
超级();
//TODO自动生成的构造函数存根
}
@施工后
公共空间启动(){
试一试{
}捕获(例外e){
e、 printStackTrace();
}
}
公共void testBean(){
System.out.println(“testBean”);
}
public void chargerParametreGlob(){
试一试{
System.out.println(“chargerParametreGlob”);
}捕获(例外e){
//TODO自动生成的捕捉块
e、 printStackTrace();
}
}
公共无效费用Rutilisateur(字符串登录){
System.out.println(登录);
试一试{
利用率=new Colaborateur();
List List=colaborateurservice
.findByMatriculeColaborateurlo(登录名);
系统输出打印项次(列表);
如果(list.size()>0){
this.usilizateur=(Colaborateur)list.get(0);
System.out.println(“usilisateur.getLogin():”
+usilizateur.getMatriculeColaborateur());
System.out.println(“usilizateur.getPwd():”
+usilizateur.getLogincolateur().length());
}
}捕获(例外e){
e、 printStackTrace();
}
}
公共字符串注销(){
FacesContext context=FacesContext.getCurrentInstance();
HttpSession会话=(HttpSession)上下文。getExternalContext()
.getSession(true);
if(会话==null){
返回“注销”;
}否则{
session.invalidate();
返回“注销”;
}
}
公共无效设置用户(Colaborateur用户){
this.utisulateur=utisulateur;
}
公共合作伙伴关系{
归还提款人;
}
}
您正在扩展一个AuthenticationSuccessHandler
,调用super.onAuthenticationSuccess()
并不能真正帮助您
请尝试以下操作:
public class CustomAuthenticationSuccessHandler implements AuthenticationSuccessHandler {
@Override
public void onAuthenticationSuccess(HttpServletRequest request, HttpServletResponse response, Authentication authResult){
Collection<? extends GrantedAuthority> auths = authResult.getAuthorities();
for (GrantedAuthority authorities : auths)
{
if (authorities.getAuthority().equals("ROLE_ADMIN")){
response.sendRedirect(response.encodeURL("homeadmin.jsf");
}
else if(authorities.getAuthority().equals("ROLE_RH")){
response.sendRedirect(response.encodeURL("homerh.jsf");
. . .
//Repeat pattern until all roles checked
}
公共类CustomAuthenticationSuccessHandler实现AuthenticationSuccessHandler{
@凌驾
AuthenticationSuccess(HttpServletRequest请求、HttpServletResponse响应、Authentication authResult)上的公共void{
Collection感谢您在尝试实现代码时提供的帮助,但有一个例外:类型集合不是泛型的;它不能用参数参数化
@Component
public class MyAuthSuccessHandler extends SimpleUrlAuthenticationSuccessHandler {
// @Autowired
// private UserService userService;
@Override
public void onAuthenticationSuccess(HttpServletRequest request, HttpServletResponse response,
Authentication authentication) throws IOException, ServletException {
// // changeLastLoginTime(username)
// userService.changeLastLoginTime(authentication.getName());
setDefaultTargetUrl("/modules/members/secure/home.jsf");
super.onAuthenticationSuccess(request, response, authentication);
}
protected boolean hasRole(String role) {
// get security context from thread local
SecurityContext context = SecurityContextHolder.getContext();
if (context == null)
return false;
Authentication authentication = context.getAuthentication();
if (authentication == null)
return false;
for (GrantedAuthority auth : authentication.getAuthorities()) {
if (role.equals(auth.getAuthority()))
return true;
}
return false;
}
}
@Component("UserBean")
@Scope("session")
public final class UserBean implements Serializable {
/**
*
*/
private static final long serialVersionUID = 1L;
@Autowired
private Colaborateurservice colaborateurservice;
private Colaborateur utilisateur;
public UserBean() {
super();
// TODO Auto-generated constructor stub
}
@PostConstruct
public void initiate() {
try {
} catch (Exception e) {
e.printStackTrace();
}
}
public void testBean() {
System.out.println("testBean");
}
public void chargerParametreGlob() {
try {
System.out.println("chargerParametreGlob ");
} catch (Exception e) {
// TODO Auto-generated catch block
e.printStackTrace();
}
}
public void chargerUtilisateur(String login) {
System.out.println(login);
try {
utilisateur = new Colaborateur();
List<Colaborateur> list = colaborateurservice
.findByMatriculeColaborateurlo(login);
System.out.println(list);
if (list.size() > 0) {
this.utilisateur = (Colaborateur) list.get(0);
System.out.println("utilisateur.getLogin() :"
+ utilisateur.getMatriculeColaborateur());
System.out.println("utilisateur.getPwd() :"
+ utilisateur.getLoginColaborateur().length());
}
} catch (Exception e) {
e.printStackTrace();
}
}
public String logout() {
FacesContext context = FacesContext.getCurrentInstance();
HttpSession session = (HttpSession) context.getExternalContext()
.getSession(true);
if (session == null) {
return "logout";
} else {
session.invalidate();
return "logout";
}
}
public void setUtilisateur(Colaborateur utilisateur) {
this.utilisateur = utilisateur;
}
public Colaborateur getUtilisateur() {
return utilisateur;
}
}
public class CustomAuthenticationSuccessHandler implements AuthenticationSuccessHandler {
@Override
public void onAuthenticationSuccess(HttpServletRequest request, HttpServletResponse response, Authentication authResult){
Collection<? extends GrantedAuthority> auths = authResult.getAuthorities();
for (GrantedAuthority authorities : auths)
{
if (authorities.getAuthority().equals("ROLE_ADMIN")){
response.sendRedirect(response.encodeURL("homeadmin.jsf");
}
else if(authorities.getAuthority().equals("ROLE_RH")){
response.sendRedirect(response.encodeURL("homerh.jsf");
. . .
//Repeat pattern until all roles checked
}
<http pattern="/modules/members/**"
<!-- Pass in a reference to your customAuthenticationSuccessHandler -->
authentication-success-handler-ref="customAuthenticationSuccessHandler"
access-denied-page="/modules/members/accessDenied.jsf"
authentication-manager-ref="MembersAuthenticationManager">
<intercept-url pattern="/modules/members/secure/**" access="ROLE_VISITEUR" />
<intercept-url pattern="/modules/members/secure/homeadmin.jsf" access="ROLE_ADMIN" />
<intercept-url pattern="/**" access="IS_AUTHENTICATED_ANONYMOUSLY" />
<form-login login-page="/modules/members/login.jsf"
default-target-url="/modules/members/secure/home.jsf"
login-processing-url="/modules/members/j_spring_security_check"
authentication-failure-url="/modules/members/login.jsf" />
<logout logout-url="/modules/members/secure/logout"
logout-success-url="/modules/members/login.jsf" delete-cookies="true" />
</http>
<beans:bean id="customAuthenticationSuccessHandler"
class="foo.bar.CustomAuthenticationSuccessHandler" />