1. 首頁
  2. 問答
  3. 在彈簧安全中創建一個會話範圍的bean

在彈簧安全中創建一個會話範圍的bean

2015-12-03 107 views
0

我需要創建一個POJO類來存儲與用戶有關的信息。在春季安全中,我的權威表中有一個額外的instituionIds列,它是一個CSV字符串,將在各種DAO調用中使用。我需要設置這個類的值,這在查詢數據庫時將需要。在彈簧安全中創建一個會話範圍的bean

@Component 
@Scope("session") 
public class InstitutionList { 

    private String institutionList = ""; 

    public String getInstitutionList() { 
     return institutionList; 
    } 

    public void setInstitutionList(String institutionList) { 
     this.institutionList = institutionList; 
    } 
}

我需要在我自己的UserDetailsS​​ervice實現

@Transactional 
@Service 
public class UserDetailsServiceImpl implements UserDetailsService { 
    private static final Logger logger = LoggerFactory.getLogger(UserDetailsServiceImpl.class); 
    private @Autowired ACSAdminUsersService acsAdminUsersService; 
    private @Autowired ACSAdminAuthoritiesService acsAdminAuthoritiesService; 
    private String[] authority; 

    public ACSAdminUsers getUserByAdminUsername(String username) { 
     logger.info("Getting user by username"); 
     ACSAdminUsers user = acsAdminUsersService.getUserByAdminUsername(username); 
     if(user!=null) acsAdminUsersService.addLogInInfo(username); 
     return user; 
    } 

    @Override 
    public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException { 
     ACSAdminUsers user = getUserByAdminUsername(username); 
     logger.info("Username is : " + username); 
     logger.info("user is : " + user); 

     authority = acsAdminAuthoritiesService.getAuthoritiesForRole(user.getRole()); 
     logger.info("User role is : " + authority); 
     if(authority == null) { 
      throw new UsernameNotFoundException("User : "+username+" has no authorities."); 
     }else { 
     boolean accountNonExpired = true; 
     boolean credentialsNonExpired = true; 
     boolean accountNonLocked = true; 

     return new org.springframework.security.core.userdetails.User(username,user.getAdmin_pass(), 
       true,accountNonExpired,credentialsNonExpired, 
       accountNonLocked, 
       getAuthorities(username)); 
     } 
    } 

    public Collection<? extends GrantedAuthority> getAuthorities(String username) { 
     List<GrantedAuthority> authList = null; 

     authList=new ArrayList<GrantedAuthority>(); 

     for(int i = 0; i < authority.length; i++) { 
      SimpleGrantedAuthority s = new SimpleGrantedAuthority(this.authority[i]); 
      authList.add(s); 
     } 
     return authList; 
    } 
}

使用這個在上面的java類,我需要查詢數據庫並獲取,與有關當局一起,這就需要在查詢中使用institutionIds整個應用程序。

來源

2015-12-03 JavaGuy

回答

0

您可以創建自己的InstitutionContextHolder並使用threadlocal存儲對象。通過這種方式,你可以在每個你想要的課程中使用這個對象。你可以看看SecurityContextHolder的例子。

來源

2015-12-03 09:54:18

相關問題

 相關問題