使用spring security进行身份验证后如何基于角色重定向
我使用spring安全性、spring、hibernate和jsf 身份验证工作正常,但它总是将我重定向到home.jsf页面 我想在身份验证后管理用户的访问 我想在身份验证后管理用户的访问 如果authority=ROLE\u ADMIN.jsf 如果authority=ROLE_RH.jsf 如果authority=ROLE\u EXCUTIVE redirect ves homeex.jsf 如果authority=ROLE\u MANAGER重定向ves homem.jsf 如果authority=ROLE\u GP重定向ves homegp.jsf Collabour表中的autority字段 Colaborateur类是使用spring security进行身份验证后如何基于角色重定向,spring,spring-security,Spring,Spring Security,我使用spring安全性、spring、hibernate和jsf 身份验证工作正常,但它总是将我重定向到home.jsf页面 我想在身份验证后管理用户的访问 我想在身份验证后管理用户的访问 如果authority=ROLE\u ADMIN.jsf 如果authority=ROLE_RH.jsf 如果authority=ROLE\u EXCUTIVE redirect ves homeex.jsf 如果authority=ROLE\u MANAGER重定向ves homem.jsf 如果auth
private Integer idColaborateur;
private Rolecol rolecol;
private String matriculeColaborateur;
private String nomColaborateur;
private String prenomColaborateur;
private String mailColaborateur;
private String pwdColaboratuer;
private String loginColaborateur;
private String adresseColaborateur;
private Boolean flgSuspendu;
private Set<HistoriqueNoteObjctif> historiqueNoteObjctifs = new HashSet<HistoriqueNoteObjctif>(
0);
private Set<Note> notes = new HashSet<Note>(0);
private Set<NoteObjectifs> noteObjectifses = new HashSet<NoteObjectifs>(0);
private Set<CompagneDevaluation> compagneDevaluations = new HashSet<CompagneDevaluation>(
0);
private Set<ColaborateurHierarchique> colaborateurHierarchiques = new HashSet<ColaborateurHierarchique>(
0);
private String authority;
//getter and seter
public class User implements UserDetails {
private static final long serialVersionUID = 1L;
private String name;
private String password;
private Colaborateur user;
public void setUser(Colaborateur user) {
this.user = user;
}
public User(String name) {
FacesContext fc=FacesContext.getCurrentInstance();
UserBean userBean=(UserBean) fc.getApplication().createValueBinding("#{UserBean}").getValue(fc);
userBean.chargerUtilisateur(name);
user = userBean.getUtilisateur();
System.err.println("USERS >>> "+user);
PasswordSupport pswdSupport = new PasswordSupport();
if (user!=null){
System.out.println("User.getLogin() :"+user.getLoginColaborateur());
System.out.println("user.getPwd() :"+user.getPwdColaboratuer());
this.name=user.getMatriculeColaborateur();
this.password=user.getPwdColaboratuer();
System.err.println(pswdSupport.getMD5Hash("1"));
}
}
public Collection<GrantedAuthority> getAuthorities() {
List<GrantedAuthority> grantedAuthorities = new ArrayList<GrantedAuthority>();
System.out.println("GrantedAuthorityImpl 1");
System.out.println("GrantedAuthorityImpl 2");
System.out.println("GrantedAuthorityImpl 3");
System.out.println("GrantedAuthorityImpl 4");
grantedAuthorities.add(new GrantedAuthorityImpl("ROLE_VISITEUR"));
return grantedAuthorities;
}
//getter and setter
私有整数idColaborateur;
私人Rolecol Rolecol;
私有字符串矩阵;
私有字符串nomclaborateur;
私有字符串prenomclaborateur;
私有字符串mailColaborateur;
私有字符串pwdcollaboratuer;
私有字符串logincolateur;
私有字符串地址;
私有布尔flgSuspendu;
私有集HistoryQuenoteObjctifs=新哈希集(
0);
私有集注释=新哈希集(0);
私有集noteObjectifses=新哈希集(0);
私有集CompagneValentions=新哈希集(
0);
私有集colaborateurhierarchyques=新哈希集(
0);
私人字符串管理机构;
//吸气剂和塞特
<bean id="dataSource" class="com.mchange.v2.c3p0.ComboPooledDataSource">
<property name="user" value="root" />
<property name="driverClass" value="com.mysql.jdbc.Driver" />
<property name="jdbcUrl" value="jdbc:mysql://localhost:3306/modulevsql" />
<property name="password" value="root" />
<property name="maxStatementsPerConnection" value="0" />
<property name="maxAdministrativeTaskTime" value="0" />
<property name="maxConnectionAge" value="0" />
<property name="maxIdleTime" value="0" />
<property name="maxIdleTimeExcessConnections" value="0" />
<property name="maxPoolSize" value="0" />
<property name="maxStatements" value="0" />
</bean>
private Integer idColaborateur;
private Rolecol rolecol;
private String matriculeColaborateur;
private String nomColaborateur;
private String prenomColaborateur;
private String mailColaborateur;
private String pwdColaboratuer;
private String loginColaborateur;
private String adresseColaborateur;
private Boolean flgSuspendu;
private Set<HistoriqueNoteObjctif> historiqueNoteObjctifs = new HashSet<HistoriqueNoteObjctif>(
0);
private Set<Note> notes = new HashSet<Note>(0);
private Set<NoteObjectifs> noteObjectifses = new HashSet<NoteObjectifs>(0);
private Set<CompagneDevaluation> compagneDevaluations = new HashSet<CompagneDevaluation>(
0);
private Set<ColaborateurHierarchique> colaborateurHierarchiques = new HashSet<ColaborateurHierarchique>(
0);
private String authority;
//getter and seter
public class User implements UserDetails {
private static final long serialVersionUID = 1L;
private String name;
private String password;
private Colaborateur user;
public void setUser(Colaborateur user) {
this.user = user;
}
public User(String name) {
FacesContext fc=FacesContext.getCurrentInstance();
UserBean userBean=(UserBean) fc.getApplication().createValueBinding("#{UserBean}").getValue(fc);
userBean.chargerUtilisateur(name);
user = userBean.getUtilisateur();
System.err.println("USERS >>> "+user);
PasswordSupport pswdSupport = new PasswordSupport();
if (user!=null){
System.out.println("User.getLogin() :"+user.getLoginColaborateur());
System.out.println("user.getPwd() :"+user.getPwdColaboratuer());
this.name=user.getMatriculeColaborateur();
this.password=user.getPwdColaboratuer();
System.err.println(pswdSupport.getMD5Hash("1"));
}
}
public Collection<GrantedAuthority> getAuthorities() {
List<GrantedAuthority> grantedAuthorities = new ArrayList<GrantedAuthority>();
System.out.println("GrantedAuthorityImpl 1");
System.out.println("GrantedAuthorityImpl 2");
System.out.println("GrantedAuthorityImpl 3");
System.out.println("GrantedAuthorityImpl 4");
grantedAuthorities.add(new GrantedAuthorityImpl("ROLE_VISITEUR"));
return grantedAuthorities;
}
//getter and setter
public类用户实现UserDetails{
私有静态最终长serialVersionUID=1L;
私有字符串名称;
私有字符串密码;
私人Colaborateur用户;
public void setUser(Colaborateur用户){
this.user=用户;
}
公共用户(字符串名称){
FacesContext fc=FacesContext.getCurrentInstance();
UserBean UserBean=(UserBean)fc.getApplication().createValueBinding(“#{UserBean}”).getValue(fc);
userBean.chargerrutilisateur(名称);
user=userBean.getUsilisateur();
System.err.println(“用户>>>”+用户);
PasswordSupport pswdSupport=新的PasswordSupport();
如果(用户!=null){
System.out.println(“User.getLogin():”+User.getlogincolatore());
System.out.println(“user.getPwd():”+user.getpwdcollaboratuer());
this.name=user.getMatriculeColaborateur();
this.password=user.getpwdcollaboratuer();
System.err.println(pswdSupport.getMD5Hash(“1”);
}
}
公共收集机构(){
List GrantedAuthories=new ArrayList();
System.out.println(“授权执行1”);
System.out.println(“授权机构impl 2”);
System.out.println(“授权执行3”);
System.out.println(“授权执行4”);
添加(新的授权机构impl(“角色访问者”);
返回授权机构;
}
//接二连三
<?xml version="1.0" encoding="UTF-8"?>
<beans:beans xmlns="http://www.springframework.org/schema/security"
xmlns:beans="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://www.springframework.org/schema/beans
http://www.springframework.org/schema/beans/spring-beans-3.0.xsd
http://www.springframework.org/schema/security
http://www.springframework.org/schema/security/spring-security-3.1.xsd">
<global-method-security secured-annotations="enabled">
</global-method-security>
<http pattern="/modules/members/**" access-denied-page="/modules/members/accessDenied.jsf" authentication-manager-ref="MembersAuthenticationManager">
<intercept-url pattern="/modules/members/secure/**" access="ROLE_VISITEUR" />
<intercept-url pattern="/modules/members/secure/homeadmin.jsf" access="ROLE_ADMIN" />
<intercept-url pattern="/**" access="IS_AUTHENTICATED_ANONYMOUSLY" />
<form-login login-page="/modules/members/login.jsf"
default-target-url="/modules/members/secure/home.jsf"
login-processing-url="/modules/members/j_spring_security_check"
authentication-failure-url="/modules/members/login.jsf" />
<logout logout-url="/modules/members/secure/logout"
logout-success-url="/modules/members/login.jsf" delete-cookies="true" />
</http>
<authentication-manager alias="MembersAuthenticationManager">
<authentication-provider user-service-ref="securityManager">
<password-encoder hash="md5" />
</authentication-provider>
</authentication-manager>
<beans:bean id="securityManager" class="tn.com.security.SecurityManager" />
</beans:beans>
实现一个
AuthenticationSuccessHandler身份验证授权public class CustomAuthenticationSuccessHandler implements AuthenticationSuccessHandler {
@Override
public void onAuthenticationSuccess(HttpServletRequest request, HttpServletResponse response, Authentication authResult) throws IOException, ServletException {
/* Redirect on the successful authentication of the user */
logger.info("Hit the AuthSuccessHandler");
String redirectAddress = null;
Collection<? extends GrantedAuthority> auths = authResult.getAuthorities();
if(auths.contains("ROLE_ADMIN"){
response.sendRedirect(response.encodeURL("homeadmin.jsf");
}
JamesENL给出的答案是正确的,但只提到一点:
您需要迭代GrantedAuthority集合,然后才检查角色:
收集权限=authResult.getAuthories(); 对于(授权机构授权机构:授权机构){ if(grantedAuthority.getAuthority().equals(“角色用户”)){ response.sendRedirect(“/userHome”); 返回; }else if(grantedAuthority.getAuthority().equals(“角色\管理员”)){ response.sendRedirect(“/adminHome”); 返回; } }