如何在spring security和java中注销后获得用户角色?
我想在单击注销按钮后获得用户角色。 如果角色是admin我必须在/logout中返回/login.jsp如何在spring security和java中注销后获得用户角色?,java,spring,spring-security,Java,Spring,Spring Security,我想在单击注销按钮后获得用户角色。 如果角色是admin我必须在/logout中返回/login.jsp 如果角色是user我必须在/logout中返回/index.jsp 提前谢谢 my controller.java: @RequestMapping(value="/logout",method=RequestMethod.GET) public String logout(HttpServletRequest request,ModelMap model)
如果角色是user我必须在/logout中返回/index.jsp 提前谢谢 my controller.java:
@RequestMapping(value="/logout",method=RequestMethod.GET)
public String logout(HttpServletRequest request,ModelMap model)
{
model.addAttribute("userForms",userService.getActiveUserList());
model.addAttribute("Success",true);
return "/login";
}
UserService.java
public List<UserForm> getActiveUserList()
{
List<UserForm> userForms = new ArrayList<UserForm>();
List<User> users = new ArrayList<User>();
users = userDAO.getActiveList();
for (User user : users) {
String crmDomainLink=crmProperties.getProperty("CRMAppDomain");
UserForm userForm = new UserForm(
user.getUserId(),user.getName(), user.getCode(),
CRMConstants.convertUSAFormatWithTime(user.getCreatedDateTime()),
user.getIsEnabled(), null);
userForms.add(userForm);
}
return userForms;
}
public List<User> getActiveList() {
return this.sessionFactory.getCurrentSession().createCriteria(User.class).add(Restrictions.and(Restrictions.eq("isEnabled", 1),Restrictions.ne("userId", 1))).list();
}
公共列表getActiveUserList()
{
List userForms=new ArrayList();
列表用户=新建ArrayList();
users=userDAO.getActiveList();
for(用户:用户){
字符串crmDomainLink=crmProperties.getProperty(“crmappodomain”);
UserForm UserForm=新的UserForm(
user.getUserId(),user.getName(),user.getCode(),
CRMConstants.ConvertusFormatWithTime(user.getCreatedDateTime()),
user.getIsEnabled(),null);
添加(userForm);
}
返回用户表单;
}
MyDAO.java
public List<UserForm> getActiveUserList()
{
List<UserForm> userForms = new ArrayList<UserForm>();
List<User> users = new ArrayList<User>();
users = userDAO.getActiveList();
for (User user : users) {
String crmDomainLink=crmProperties.getProperty("CRMAppDomain");
UserForm userForm = new UserForm(
user.getUserId(),user.getName(), user.getCode(),
CRMConstants.convertUSAFormatWithTime(user.getCreatedDateTime()),
user.getIsEnabled(), null);
userForms.add(userForm);
}
return userForms;
}
public List<User> getActiveList() {
return this.sessionFactory.getCurrentSession().createCriteria(User.class).add(Restrictions.and(Restrictions.eq("isEnabled", 1),Restrictions.ne("userId", 1))).list();
}
公共列表getActiveList(){
返回此.sessionFactory.getCurrentSession().createCriteria(User.class).add(Restrictions.and(Restrictions.eq(“isEnabled”,1),Restrictions.ne(“userId”,1))).list();
}
您可以通过以下操作在控制器中获取
身份验证
对象
@RequestMapping(value="/logout", method = RequestMethod.GET)
public String logout(ModelMap model, Authentication authentication) {
}
然后,您可以通过调用以下方法获取登录用户的角色
authentication.getAuthorities();
您应该实现一个自定义的。比如:
@组件
公共类CustomLogoutSuccessHandler实现LogoutSuccessHandler{
public void onLogoutSuccess(HttpServletRequest请求、HttpServletResponse响应、身份验证)引发IOException、ServletException{
if(AuthorityUtils.authorityListToSet(authentication.getAuthories()).contains(“角色\管理员”)){
sendRedirect(“/login.jsp”);
}否则{
response.sendRedirect(“/index.jsp”);
}
}
}
如果XML: