Spring security 从spring security中的链接以编程方式登录
我正在尝试在spring security中无需登录即可自动授权。用户将通过单击网站中的链接获得授权 我有一个类UserLoginService,它从SpringSecurityXML文件调用,如下所示Spring security 从spring security中的链接以编程方式登录,spring-security,Spring Security,我正在尝试在spring security中无需登录即可自动授权。用户将通过单击网站中的链接获得授权 我有一个类UserLoginService,它从SpringSecurityXML文件调用,如下所示 <authentication-manager> <authentication-provider user-service-ref="userLoginService" > <password-encoder ha
<authentication-manager>
<authentication-provider user-service-ref="userLoginService" >
<password-encoder hash="md5"/>
</authentication-provider>
</authentication-manager>
<beans:bean id="userLoginService"
class="tr.com.enlil.formdesigner.server.guvenlik.UserLoginService">
</beans:bean>
。但是我不知道,我从哪里可以调用这个方法,这段代码会帮助我吗
提前谢谢 您必须创建自己的AbstractPreAuthenticatedProcessingFilter实现。方法getPreAuthenticatedPrincipal(HttpServletRequest)将有一个请求,您可以从中获取凭据。如果主题是有效用户,则需要返回该主题;如果不是,则需要返回null。UserDetailsService的实现将主题转换为UserDetails对象
public class UserLoginService implements UserDetailsService {
private static Logger logger = Logger.getLogger(InitServlet.class);
@Autowired
private IKullaniciBusinessManager iKullaniciBusinessManager;
/**
* {@inheritDoc}
*/
@Override
public UserDetails loadUserByUsername(String username) {
try {
Kullanici kullanici = new Kullanici();
kullanici.setKullaniciAdi(username);
Kullanici kullaniciBusinessManager = iKullaniciBusinessManager.getirKullaniciAdinaGore(kullanici);
User user = new User();
if (kullaniciBusinessManager != null && kullaniciBusinessManager.getAktifmi()) {
user.setUsername(kullaniciBusinessManager.getKullaniciAdi());
user.setPassword(kullaniciBusinessManager.getSifre());
user.setKullanici(kullaniciBusinessManager);
List<String> yetkiListesi = new ArrayList<String>();
List<GrantedAuthority> grandAuthorities = new ArrayList<GrantedAuthority>();
//TODO yetkilerle alakalı birşey yapmak gerekebilir.
for (String yetki : yetkiListesi) {
GrantedAuthorityImpl g = new GrantedAuthorityImpl(yetki);
grandAuthorities.add(g);
}
user.setAuthorities(grandAuthorities);
}
return user;
} catch (Exception e) {
logger.error("Kullanici alinirken hata olustu!!", e);
}
return null;
}
public static void autoLogin(User user, HttpServletRequest request, AuthenticationManager authenticationManager) {
UsernamePasswordAuthenticationToken token = new UsernamePasswordAuthenticationToken(user.getUsername(),
user.getPassword(), user.getAuthorities());
// generate session if one doesn't exist
request.getSession();
token.setDetails(new WebAuthenticationDetails(request));
Authentication authenticatedUser = authenticationManager.authenticate(token);
SecurityContextHolder.getContext().setAuthentication(authenticatedUser);
// setting role to the session
request.getSession().setAttribute(HttpSessionSecurityContextRepository.SPRING_SECURITY_CONTEXT_KEY,
SecurityContextHolder.getContext());
}
}