1
我正在使用Spring Security安裝程序開發Spring MVC應用程序,該安裝程序通過LDAP對Active Directory用戶進行身份驗證。我試圖設置AOP來記錄每個被調用的控制器方法。我有一切工作,我可以攔截方法..但我似乎無法訪問SecurityContext獲取執行方法的登錄用戶的用戶名。如何訪問MethodInterceptor中的SecurityContext?
UserInvokedMethodLogger.java
public class UserInvokedMethodLogger implements MethodInterceptor
{
private SecurityContext security = SecurityContextHolder.getContext();
@Override
public Object invoke(MethodInvocation interceptedMethod) throws Throwable
{
long start = System.currentTimeMillis();
Object result = interceptedMethod.proceed();
long end = System.currentTimeMillis();
String dbgMessage =
(security.getAuthentication() != null)
? "User '" + security.getAuthentication().getName() + "' called method '"
: "Unauthenticated user called method '"
+ interceptedMethod.getMethod().getName()
+ "' which executed in " + (end - start) + "ms.";
System.out.println(dbgMessage);
return result;
}
}
即使當我登錄的輸出始終是 「未認證用戶」。
完美!謝謝! – JDiPierro
歡迎您! –