Fatal编程技术网
  • spring-security/
  • Spring security 从spring security中的链接以编程方式登录

Spring security 从spring security中的链接以编程方式登录

spring-security

Spring security 从spring security中的链接以编程方式登录,spring-security,Spring Security,我正在尝试在spring security中无需登录即可自动授权。用户将通过单击网站中的链接获得授权 我有一个类UserLoginService,它从SpringSecurityXML文件调用,如下所示 <authentication-manager> <authentication-provider user-service-ref="userLoginService" > <password-encoder ha

我正在尝试在spring security中无需登录即可自动授权。用户将通过单击网站中的链接获得授权

我有一个类UserLoginService,它从SpringSecurityXML文件调用,如下所示

     <authentication-manager>
        <authentication-provider user-service-ref="userLoginService" >
            <password-encoder hash="md5"/>   
        </authentication-provider> 
    </authentication-manager>

    <beans:bean id="userLoginService"
        class="tr.com.enlil.formdesigner.server.guvenlik.UserLoginService">

    </beans:bean>

。但是我不知道,我从哪里可以调用这个方法,这段代码会帮助我吗


提前谢谢
 您必须创建自己的AbstractPreAuthenticatedProcessingFilter实现。方法getPreAuthenticatedPrincipal(HttpServletRequest)将有一个请求,您可以从中获取凭据。如果主题是有效用户,则需要返回该主题;如果不是,则需要返回null。UserDetailsService的实现将主题转换为UserDetails对象


public class UserLoginService implements UserDetailsService {
    private static Logger logger = Logger.getLogger(InitServlet.class);

    @Autowired
    private IKullaniciBusinessManager iKullaniciBusinessManager;

    /**
     * {@inheritDoc}
     */
    @Override
    public UserDetails loadUserByUsername(String username) {
        try {
            Kullanici kullanici = new Kullanici();
            kullanici.setKullaniciAdi(username);
            Kullanici kullaniciBusinessManager = iKullaniciBusinessManager.getirKullaniciAdinaGore(kullanici);
            User user = new User();
            if (kullaniciBusinessManager != null && kullaniciBusinessManager.getAktifmi()) {
                user.setUsername(kullaniciBusinessManager.getKullaniciAdi());
                user.setPassword(kullaniciBusinessManager.getSifre());
                user.setKullanici(kullaniciBusinessManager);
                List<String> yetkiListesi = new ArrayList<String>();
                List<GrantedAuthority> grandAuthorities = new ArrayList<GrantedAuthority>();
                //TODO yetkilerle alakalı birşey yapmak gerekebilir.
                for (String yetki : yetkiListesi) {
                    GrantedAuthorityImpl g = new GrantedAuthorityImpl(yetki);
                    grandAuthorities.add(g);
                }
                user.setAuthorities(grandAuthorities);
            }
            return user;
        } catch (Exception e) {
            logger.error("Kullanici alinirken hata olustu!!", e);
        }
        return null;

    }

    public static void autoLogin(User user, HttpServletRequest request, AuthenticationManager authenticationManager) {

        UsernamePasswordAuthenticationToken token = new UsernamePasswordAuthenticationToken(user.getUsername(),
                user.getPassword(), user.getAuthorities());

        // generate session if one doesn't exist
        request.getSession();

        token.setDetails(new WebAuthenticationDetails(request));
        Authentication authenticatedUser = authenticationManager.authenticate(token);

        SecurityContextHolder.getContext().setAuthentication(authenticatedUser);
        // setting role to the session
        request.getSession().setAttribute(HttpSessionSecurityContextRepository.SPRING_SECURITY_CONTEXT_KEY,
                SecurityContextHolder.getContext());

    }
}