Have you ever lost in the stage, what will not feel that they will not, life has no direction, no goal, I do not know where to go next, next to a small circle ape Java instructor for you to share some of how to use Spring Security Manual examples of methods to authenticate users, I hope for your help.
SpringSecurity, short SpringSecurity save the main information for each authenticated user in a ThreadLocal - saved is Authentication object.
In order to construct and set this Authentication object, usually we constructed the same way SpringSecurity object on standard authentication is required.
We want to manually trigger authentication, then the resulting object to the authentication framework used to save the currently logged on user's current SecurityContext:
UsernamePasswordAuthenticationToken authReq
= new UsernamePasswordAuthenticationToken(user, pass);
Authentication auth = authManager.authenticate(authReq);
SecurityContext sc = SecurityContextHolder.getContext();
securityContext.setAuthentication(auth);
After setting the authentication context, we can now use securityContext.getAuthentication (). isAuthenticated () checks whether the user is currently authenticated.
SpringMVC, default SpringSecurity add an additional filter SpringSecurity filter chain. It is possible persistence Security context (the SecurityContextPersistenceFilter class).
In turn, it will Security context persistence delegate to an instance SecurityContextRepository default is HttpSessionSecurityContextRepository class.
Accordingly, in order to set the identity verification request and therefore it can be used for all subsequent requests from the client, we need to manually set the authentication contained in the HTTP session SecurityContext:
public void login(HttpServletRequest req, String user, String pass) {
UsernamePasswordAuthenticationToken authReq
= new UsernamePasswordAuthenticationToken(user, pass);
Authentication auth = authManager.authenticate(authReq);
SecurityContext sc = SecurityContextHolder.getContext();
sc.setAuthentication(auth);
HttpSession session = req.getSession(true);
session.setAttribute(SPRING_SECURITY_CONTEXT_KEY, sc);
}
SPRING_SECURITY_CONTEXT_KEY is static imports HttpSessionSecurityContextRepository.SPRING_SECURITY_CONTEXT_KEY.
It should be noted that we can not directly use HttpSessionSecurityContextRepository- because it is used with SecurityContextPersistenceFilter.
This is because the filter repository is used to load and store the previous Security context, the implementation of the remaining filters are defined in the rear, but it is passed on in response to the use of a custom package chain in the chain. .
Thus, in this case, you should know the type of the wrapper class to be used, and passes it to the appropriate repository save method.
In this quick tutorial, we discuss how to set up user authentication manually SpringSecurity context and how it can be used to target the SpringMVC. Focus on code examples that demonstrate that the easiest way to achieve.
These are the small apes circle to share with you how to use Spring Security user manual method validation example, we want to help small partners, want to learn more little friends can log small ape circle. There are times of course system Java and Java video tutorials for all to learn, want to learn Java development technology of small partners quickly to your actions.