spring-Security acquires user information stored
spring-Security acquires user information stored
Get spring-Security registrant information of three modes
Mode 1: Get in the background session:
public String showUsername(HttpServletRequest request){
//通过SecurityContextHolder获得当前线程上绑定的SecurityContext对象
SecurityContext context = SecurityContextHolder.getContext();
//也可以通过session获得SecurityContext对象
SecurityContext context_session = (SecurityContext) request.getSession().getAttribute("SPRING_SECURITY_CONTEXT");
//证明线程绑定的SecurityContext与session域中存储的SecurityContext是同一个
System.out.println(context==context_session);
//2、获得用户名方式二: 在页面中通过el表达式从session域中获得
//3、获得用户名方式三: 在页面中通过SpringSecurity的标签直接获得
//4、在header.jsp中显示用户名
//获得Authentication认证对象
Authentication authentication = context_session.getAuthentication();
//获得User对象
User user = (User) authentication.getPrincipal(); //获得用户名
return user.getUsername();
}
Embodiment 2: el acquired at a front end by the expression:
${sessionScope.SPRING_SECURITY_CONTEXT.authentication.principal.username}
Embodiment 3: direct access to the front end by using the security tag:
<%@ taglib uri="http://www.springframework.org/security/tags" prefix="security"%> <security:authentication property="principal.username"/>