1、deployerConfigContext.xml文件
1.1 登录验证类配置
<!--自定义类,继承自AbstractUsernamePasswordAuthenticationHandler用来进行登录验证-->
<bean id="primaryAuthenticationHandler"
class="com.alan.cas.control.authentication.SessionAcceptUserAuthenticationHandler">
<property name="users">
<map>
<entry key="admin" value="admin"/>
</map>
</property>
<property name="systemUserService" ref="systemUserService"/>
</bean>
1.2凭证解析类配置(给客户端返回更多的信息)
<!-- 凭证解析 -->
<bean id="primaryPrincipalResolver" class="com.alan.cas.service.credential.impl.SessionPersonDirectoryPrincipalResolver" p:principalFactory-ref="principalFactory" p:attributeRepository-ref="attributeRepository">
<property name="systemUserDao" ref="systemUserDao"/>
<property name="proxyPrincipalResolver" ref="proxyPrincipalResolver"/>
</bean>
2.登录验证成功后,我把一些信息保存在principal中,希望在解析类中获取到,但是却不能获取到。希望大神们能帮我分析一下。
2.1登录验证成功后,把信息保存在principal中的代码如下。
@Override
protected final HandlerResult authenticateUsernamePasswordInternal(final UsernamePasswordCredential credential)
throws GeneralSecurityException, PreventedException {
Long userId = null;
String username = null;
String password = null;
try {
UserDTO dto = new UserDTO();
username = credential.getUsername();
password = credential.getPassword();
dto.setSysCode(username);
dto.setPasswd(password);
logger.info("{} 尝试登录验证中心。", username);
userId = systemUserService.check(dto);
} catch(GeneralSecurityException e) {
logger.info("{} 登录验证中心失败,原因是{}。", username, e.getMessage());
throw e;
} catch(Exception e) {
logger.error("{} 登录验证出错了,原因是{}。", username, e.getMessage());
throw new FailedLoginException();
}
logger.info("{} 登录验证中心成功,userId为{}。", username, userId);
Map<String,Object> map = new HashMap<String, Object>();
map.put("userId", userId);
//我该如何在解析凭证类中获取这个Pricipal。
Principal p = this.principalFactory.createPrincipal(username,map);
return createHandlerResult(credential, p, null);
}
2.2在解析凭证类中,获取不到principal,如下
@Override
public final Principal resolve(final Credential credential) {
String userName = credential.getId();//获取用户名
final IPersonAttributes personAttributes = attributeRepository.getPerson(principalId);
if (principalId == null) {
logger.info("用户名为空");
return null;
}
//返回信息的载体
final Map<String, Object> convertedAttributes = new HashMap<String, Object>();
//因为credential.getId()返回的是username。所以我这里需要再查一次数据库
//就是在这里获取不到principal对象,不知道如何获取 ,或者有其他的方法可行?
SystemUser user = systemUserDao.getUserByName(userName);
convertedAttributes.put("userId",user.getSysUserId());
return this.principalFactory.createPrincipal(principalId, convertedAttributes);
}
3、谢谢各位的解惑!
SecurityContextHolder.getContext()
.getAuthentication().getPrincipal()