Spring Security ip验证 当前用户获取不到
渺万里层云 2015-08-04 05:57:09 SecurityContext securityContext = (SecurityContext) hRequest
.getSession().getAttribute(
SystemConstant.SPRING_SECURITY_CONTEXT);
PdsUser user = null;
if (securityContext != null)
user = (PdsUser) securityContext.getAuthentication().getPrincipal();
我用这个代码来获取登录用户。使用的是ip验证。使用密码验证获取登录用户没问题,ip验证确有问题。
具体是这样的,ip通过spring验证之后登录进来,session里是有用户的,此后对所执行的方法要一一过滤验证,要获取用户,但是获取不到。
网上说这种写法有问题,但没搜到正确的写法。各位大神谁知道怎么获取呢?
我尝试debug的时候,发现debug状态下有时候能够获取到用户,于是在验证登录的时候加了线程延迟,这样就可以获取到用户了,但我不敢确定这样一定能在特定时间内获取到,怕是治标不治本,不知各位大神可有什么办法,不胜感激!!!
@Override
public Authentication attemptAuthentication(HttpServletRequest request,
HttpServletResponse response) throws AuthenticationException {
log.info("====>attemptAuthentication!!!!!!!拦截登录!!!");
String type = request.getParameter("type");
Md5PasswordEncoder md5PasswordEncoder = new Md5PasswordEncoder();
if (ELoginType.IP.name().equals(type)) {
try {
Thread.sleep(100);
} catch (InterruptedException e) {
e.printStackTrace();
}
UsernamePasswordAuthenticationToken authRequest = new UsernamePasswordAuthenticationToken(
SystemUtil.parseClientIp(request) + ","
+ SystemConstant.PDS_IP_USER,
md5PasswordEncoder.encodePassword(
request.getParameter("j_password"), null));
AuthenticationManager authenticationManager = this
.getAuthenticationManager();
setDetails(request, authRequest);
return authenticationManager.authenticate(authRequest);