mongodb的Spring会话复制未按预期工作
我正在使用mongodb复制会话 下面是我正在使用的配置mongodb的Spring会话复制未按预期工作,spring,spring-security,spring-session,Spring,Spring Security,Spring Session,我正在使用mongodb复制会话 下面是我正在使用的配置 @Configuration @EnableMongoHttpSession public class MongoSessionReplication { @Bean public AbstractMongoSessionConverter mongoSessionConverter() { List<Module> securityModules = SecurityJackson2Modules.getModul
@Configuration
@EnableMongoHttpSession
public class MongoSessionReplication {
@Bean
public AbstractMongoSessionConverter mongoSessionConverter() {
List<Module> securityModules = SecurityJackson2Modules.getModules(getClass().getClassLoader());
return new JacksonMongoSessionConverter(securityModules);
}
@Bean
public MongoTemplate mongoTemplate(@Qualifier("replicaSet") Datastore replicaSet){
MongoTemplate mongoTemplate = new MongoTemplate(replicaSet.getMongo(),replicaSet.getDB().getName());
return mongoTemplate;
}
}
下面是UserDetailsService
@Service
public class PortalUserDetailService implements UserDetailsService {
@Autowired
private SSOServiceAPI ssoServiceAPI;
@Autowired
private UserProfileService userProfileService;
@Override
public UserDetails loadUserByUsername(String hexId) throws UsernameNotFoundException {
UserProfile userProfile = userProfileService.getUserProfileByUserId(hexId);
List<GrantedAuthority> grantedAuthority = new ArrayList<GrantedAuthority>();
if(userProfile!=null) {
grantedAuthority.add(new SimpleGrantedAuthority(userProfile.getSsmRoles().name()));
} else {
grantedAuthority.add(new SimpleGrantedAuthority("USER"));
}
SSOUsers ssoUser = ssoServiceAPI.findSSOUser(hexId, false);
PortalUser portalUser = new PortalUser(hexId, hexId, true, true, true, true, grantedAuthority);
portalUser.setPrimaryEmailId(ssoUser.getPrimaryUserId());
return portalUser;
}
}
上面突出显示的类型转换失败,因为它返回的是
UserDetails
的实例,而不是我的自定义PortalUser
。但当我禁用spring会话复制时,情况并非如此。您需要实现spring的安全UserDetails,而不是User
将MyUser更新到以下位置:
public class SecUserDetails implements UserDetails {
private User user;
public SecUserDetails(User user) {
this.user = user;
}
......
......
......
}
谢谢你的回复
User
本身实现了UserDetails
。嗨,阿米特,你是说“User”扩展了UserDetails吗?
public String getAllProducts(@RequestParam(value = "callback", required = true) String callback, Principal principal, HttpServletRequest request) {
String hexId = principal.getName();
String primaryEmailId = ((PortalUser) ((UsernamePasswordAuthenticationToken) principal).getPrincipal()).getPrimaryEmailId(); //----->> this line fails
}
public class SecUserDetails implements UserDetails {
private User user;
public SecUserDetails(User user) {
this.user = user;
}
......
......
......
}