Geek Answers Handbook

How to add values ​​to Spring SecurityContextHolder

I have login options

1.userName 2.password 3.companyId

I have a username and password using the following code

  Authentication auth = SecurityContextHolder.getContext().getAuthentication(); String name = auth.getName(); String pwd = auth.getCredentials(); String companyId= ???//How can i set and then get company Id here.

My question is: how can I get an additional login parameter (companyId) using SecurityContextHolder?

The extracting class may not be the spring controller. This is why I use SecurityContextHolder instead of HttpSession.

Thanks,

+6
source share
1 answer

Create a simple SpringSecurityFilter filter. Use the setDetails method to add additional information to the user.

 package org.example; public class CustomDeatilsSecurityFilter extends SpringSecurityFilter { protected void doFilterHttp(HttpServletRequest request, HttpServletResponse response, FilterChain chain) { SecurityContext sec = SecurityContextHolder.getContent(); AbstractAuthenticationToken auth = (AbstractAuthenticationToken)sec.getAuthentication(); HashMap<String, Object> info = new HashMap<String, Object>(); info.put("companyId", 42); auth.setDetails(info); } }

Add it to the Spring Security Filter Chain like this (this is NOT web.xml, but something like applicationContext-security.xml):

 <bean id="customDeatilsSecurityFilter" class="org.example.CustomDeatilsSecurityFilter"> <custom-filter position="LAST" /> </bean>

Then somewhere in the code you can do something like this:

 Map<String, Object> info = (Map<String, Object>)SecurityContextHolder.getContext().getAuthentication.getDetails(); int companyId = info.get("companyId");

Basic Spring Security installation in web.xml

 <context-param> <param-name>patchConfigLocation</param-name> <param-value> classpath:/applicationContext.xml /WEB-INF/applicationContext-datasource.xml /WEB-INF/applicationContext-security.xml </param-value> </context-param> <filter> <filter-name>springSecurityFilterChain</filter-name> <filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class> </filter> <filter-mapping> <filter-name>springSecurityFilterChain</filter-name> <url-pattern>/*</url-pattern> </filter-mapping>

in applicationContext-security.xml

 <?xml version="1.0" encoding="UTF-8"?> <beans xmlns="http://www.springframework.org/schema/beans" xmlns:p="http://www.springframework.org/schema/p" xmlns:sec="http://www.springframework.org/schema/security" xmlns:context="http://www.springframework.org/schema/context" xmlns:util="http://www.springframework.org/schema/util" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation=" http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-3.2.xsd http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context-3.2.xsd http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-3.1.xsd http://www.springframework.org/schema/util http://www.springframework.org/schema/util/spring-util-3.2.xsd"> ... <bean id="customDeatilsSecurityFilter" class="org.example.CustomDeatilsSecurityFilter"> <custom-filter position="LAST" /> </bean> ...

in the pom.xml project

  <!-- Spring Security --> <dependency> <groupId>org.springframework.security</groupId> <artifactId>spring-security-web</artifactId> <version>3.1.3.RELEASE</version> </dependency> <dependency> <groupId>org.springframework.security</groupId> <artifactId>spring-security-config</artifactId> <version>3.1.3.RELEASE</version> </dependency> <dependency> <groupId>org.springframework.security</groupId> <artifactId>spring-security-core</artifactId> <version>3.1.3.RELEASE</version> </dependency> <dependency> <groupId>org.springframework.security</groupId> <artifactId>spring-security-acl</artifactId> <version>3.1.3.RELEASE</version> </dependency> <dependency> <groupId>org.springframework.security</groupId> <artifactId>spring-security-taglibs</artifactId> <version>3.1.3.RELEASE</version> </dependency> <!-- !Spring Security -->
+9
source

More articles:


All Articles