Spring mvc 在SpringSecurity中创建会话范围的bean
我需要创建一个POJO类来存储与用户相关的信息。在SpringSecurity中,MyAuthorities表有一个额外的instituionIds列,它是一个CSV字符串,在各种DAO调用中都需要它。我需要设置这个类的值,在查询数据库时需要这些值Spring mvc 在SpringSecurity中创建会话范围的bean,spring-mvc,spring-security,Spring Mvc,Spring Security,我需要创建一个POJO类来存储与用户相关的信息。在SpringSecurity中,MyAuthorities表有一个额外的instituionIds列,它是一个CSV字符串,在各种DAO调用中都需要它。我需要设置这个类的值,在查询数据库时需要这些值 @Component @Scope("session") public class InstitutionList { private String institutionList = ""; public String getI
@Component
@Scope("session")
public class InstitutionList {
private String institutionList = "";
public String getInstitutionList() {
return institutionList;
}
public void setInstitutionList(String institutionList) {
this.institutionList = institutionList;
}
}
我需要在自定义UserDetailsService实现中使用它
@Transactional
@Service
public class UserDetailsServiceImpl implements UserDetailsService {
private static final Logger logger = LoggerFactory.getLogger(UserDetailsServiceImpl.class);
private @Autowired ACSAdminUsersService acsAdminUsersService;
private @Autowired ACSAdminAuthoritiesService acsAdminAuthoritiesService;
private String[] authority;
public ACSAdminUsers getUserByAdminUsername(String username) {
logger.info("Getting user by username");
ACSAdminUsers user = acsAdminUsersService.getUserByAdminUsername(username);
if(user!=null) acsAdminUsersService.addLogInInfo(username);
return user;
}
@Override
public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException {
ACSAdminUsers user = getUserByAdminUsername(username);
logger.info("Username is : " + username);
logger.info("user is : " + user);
authority = acsAdminAuthoritiesService.getAuthoritiesForRole(user.getRole());
logger.info("User role is : " + authority);
if(authority == null) {
throw new UsernameNotFoundException("User : "+username+" has no authorities." );
}else {
boolean accountNonExpired = true;
boolean credentialsNonExpired = true;
boolean accountNonLocked = true;
return new org.springframework.security.core.userdetails.User(username,user.getAdmin_pass(),
true,accountNonExpired,credentialsNonExpired,
accountNonLocked,
getAuthorities(username));
}
}
public Collection<? extends GrantedAuthority> getAuthorities(String username) {
List<GrantedAuthority> authList = null;
authList=new ArrayList<GrantedAuthority>();
for(int i = 0; i < authority.length; i++) {
SimpleGrantedAuthority s = new SimpleGrantedAuthority(this.authority[i]);
authList.add(s);
}
return authList;
}
}
@Transactional
@服务
公共类UserDetailsServiceImpl实现UserDetailsService{
私有静态最终记录器Logger=LoggerFactory.getLogger(UserDetailsServiceImpl.class);
private@Autowired acsadminservice acsadminservice;
private@Autowired acsadminauthorities服务acsadminauthorities服务;
私人机构;
公共ACSAdminUsers getUserByAdminUsername(字符串用户名){
info(“通过用户名获取用户”);
acsadmusers user=acsadmusersservice.getUserByAdminUsername(用户名);
如果(user!=null)acsadmusersservice.addLogInInfo(用户名);
返回用户;
}
@凌驾
public UserDetails loadUserByUsername(字符串用户名)引发UsernameNotFoundException{
acsadmusers user=getUserByAdminUsername(用户名);
logger.info(“用户名为:”+Username);
logger.info(“用户是:”+用户);
authority=acsAdminAuthoritiesService.getAuthoritiesForRole(user.getRole());
logger.info(“用户角色为:“+权限”);
if(authority==null){
抛出新的UsernameNotFoundException(“用户:“+username+”没有权限”);
}否则{
布尔值accountNonExpired=true;
布尔CredentialsNoExpired=true;
布尔值accountNonLocked=true;
返回新的org.springframework.security.core.userdetails.User(用户名,User.getAdmin\u pass(),
正确,会计无需支出,凭证无需支出,
帐户未锁定,
获取权限(用户名));
}
}
公共集合您可以创建自己的InstitutionContextHolder
并使用threadlocal存储该对象。通过这种方式,您可以在所需的每个类中访问该对象。您可以查看SecurityContextHolder以获取示例