基於Spring安全角色的URL

1

基於角色的登錄重定向的示例。

http://oajamfibia.wordpress.com/2011/07/07/role-based-login-redirect/#comment-12

2012-05-04 12:17:25 mmounirou

+1

請在您提供的鏈接中提供信息摘要，以防將來的鏈接斷開。 http://meta.stackexchange.com/questions/8231/are-answers-that-just-contain-links-elsewhere-really-good-answers – GSee 2012-07-15 23:00:03

2

基於由mmounirou提供的鏈接我剛纔複製的鏈接，我用來建立的情況下，基於角色的重定向的鏈接變爲無效的內容：

public class RoleBasedAuthenticationSuccessHandler implements AuthenticationSuccessHandler { 
    private Map<String, String> roleUrlMap; 

    public void onAuthenticationSuccess(HttpServletRequest request, 
      HttpServletResponse response, 
      Authentication authentication) throws IOException, ServletException { 

     if (authentication.getPrincipal() instanceof UserDetails) { 
      UserDetails userDetails = (UserDetails) authentication.getPrincipal(); 
      String role = userDetails.getAuthorities().isEmpty() ? null : userDetails.getAuthorities().toArray()[0] 
        .toString(); 
      response.sendRedirect(request.getContextPath() + roleUrlMap.get(role)); 
     } 
    } 

    public void setRoleUrlMap(Map<String, String> roleUrlMap) { 
     this.roleUrlMap = roleUrlMap; 
    } 
}

豆初始化這取決於哪個角色應該重定向其中：

<beans:bean id="redirectRoleStrategy" class="dk.amfibia....security.RoleBasedAuthenticationSuccessHandler"> 
    <beans:property name="roleUrlMap"> 
     <beans:map> 
      <beans:entry key="ROLE_SYSTEM" value="/system/index.htm"/> 
      <beans:entry key="ROLE_ADMIN" value="/admin/index.htm"/> 
      <beans:entry key="ROLE_USER" value="/index.htm"/> 
     </beans:map> 
    </beans:property> 
</beans:bean>

最後，我們需要告訴春季安全使用此redirectRoleStrategy。在表單登錄標籤中，設置此屬性： authentication-success-handler-ref =「redirectRoleStrategy」。

來源

2013-04-17 07:47:42 Pete

0

由於是基於角色的URL的例子：

RoleBasedUrlHandler.java

@Component 
    public class RoleBaseUrlHandler extends SimpleUrlAuthenticationSuccessHandler { 

    //provide redirection logic 
     private RedirectStrategy redirectStrategy = new DefaultRedirectStrategy(); 

     public void setRedirectStrategy(RedirectStrategy redirectStrategy) { 
      this.redirectStrategy = redirectStrategy; 
     } 

     protected RedirectStrategy getRedirectStrategy() { 
      return redirectStrategy; 
     } 

     /** 
     * Invokes the configured RedirectStrategy with the URL returned by the 
     * determineTargetUrl method. 
     * */ 
     @Override 
     protected void handle(HttpServletRequest request, 
           HttpServletResponse response, 
           Authentication authentication)throws IOException { 

      String targetUrl = determineTargetUrl(authentication); 

      if (response.isCommitted()) { 
       return; 
      } 
      redirectStrategy.sendRedirect(request, response, targetUrl); 
     } 


     /** 
     * Builds the target URL according to the logic defined 
     * This method extracts the roles of currently logged-in user and returns 
     * appropriate URL according to his/her role. 
     */ 
     protected String determineTargetUrl(Authentication authentication) { 
      String url = ""; 

      Collection<? extends GrantedAuthority> authorities = authentication.getAuthorities(); 

      List<String> roles = new ArrayList<String>(); 

      for (GrantedAuthority a : authorities) { 
       roles.add(a.getAuthority()); 
      } 

      if (isUser(roles)) { 
       url = "/user"; 
      } else if (isAdmin(roles)) { 
       url = "/admin"; 
      } else { 
       url = "/accessDenied"; 
      } 

      return url; 
     } 

     private boolean isUser(List<String> roles) { 
      if (roles.contains("ROLE_User")) { 
       return true; 
      } 
      return false; 
     } 

     private boolean isAdmin(List<String> roles) { 
      if (roles.contains("ROLE_Admin")) { 
       return true; 
      } 
      return false; 
     } 
}

SpringSecurityConfig.java

@EnableWebSecurity 
@Configuration 
public class SpringSecurityConfig extends WebSecurityConfigurerAdapter{ 

    @Autowired 
    RoleBaseUrlHandler urlHandler; 


    @Autowired 
    public void configAuthentication(AuthenticationManagerBuilder auth)throws Exception { 
     auth.inMemoryAuthentication() 
       .withUser("Patel") 
       .password("Patel") 
       .authorities("ROLE_Admin") 
      .and() 
       .withUser("Shah") 
       .password("Shah") 
       .authorities("ROLE_User"); 
    } 



    @Override 
    protected void configure(HttpSecurity http) throws Exception { 
     http 
      .authorizeRequests() 
       .antMatchers("/admin").hasRole("Admin") 
       .antMatchers("/user").hasAnyRole("User","Admin") 
       .anyRequest().authenticated() 
      .and() 
       .formLogin() 
       .loginPage("/login").successHandler(urlHandler).permitAll() 
       .failureUrl("/login?error") 
       .usernameParameter("username").passwordParameter("password") 
      .and() 
       .logout().logoutSuccessUrl("/login?logout") 
      .and() 
       .exceptionHandling().accessDeniedPage("/accessDenied") 
      .and() 
       .csrf() 
      .and() 
       .httpBasic(); 

    } 

}

DemoSecurity.java

@Controller 
public class DemoSecurity { 

    @RequestMapping(value = "/login", method = RequestMethod.GET) 
    public String loginPage(
      @RequestParam(value = "error", required = false) String error, 
      @RequestParam(value = "logout", required = false) String logout, 
      Model model) { 
     if (error != null) { 
      model.addAttribute("error", "Invalid Credentials provided."); 
     } 
     if (logout != null) { 
      model.addAttribute("message", "Logged out successfully."); 
     } 
     return "login"; 
    } 

    @RequestMapping(value="/logout", method = RequestMethod.POST) 
    public String logoutPage (HttpServletRequest request, HttpServletResponse response) { 
     Authentication auth = SecurityContextHolder.getContext().getAuthentication(); 
     if (auth != null){  
      new SecurityContextLogoutHandler().logout(request, response, auth); 
     } 
     return "redirect:/login?logout"; 
    } 

    @RequestMapping(value = { "/admin" }, method = RequestMethod.GET) 
    public String adminPage(Model model) { 
     model.addAttribute("user", getPrincipal()); 
     return "admin"; 
    } 

    @RequestMapping(value = { "/user" }, method = RequestMethod.GET) 
    public String employeePage(Model model) { 
     model.addAttribute("user", getPrincipal()); 
     return "user"; 
    } 

    @RequestMapping(value = { "/accessDenied" }, method = RequestMethod.GET) 
    public String accessDenied(Model model) { 
     model.addAttribute("user", getPrincipal()); 
     return "accessDenied"; 
    } 

    private String getPrincipal(){ 
     String userName = null; 
     Object principal = SecurityContextHolder.getContext().getAuthentication().getPrincipal(); 

     if (principal instanceof UserDetails) { 
      userName = ((UserDetails)principal).getUsername(); 
     } else { 
      userName = principal.toString(); 
     } 
     return userName; 
    } 

}

來源

2016-04-08 12:02:58

基於Spring安全角色的URL

回答

相關問題