关于Acegi的使用疑问
现在的项目里,用了Acegi框架做权限管理,但是没弄清楚怎样在业务应用中再次获取用户的全部信息。下面是获取用户名的方法:
Authentication auth = SecurityContextHolder.getContext()
.getAuthentication();
HttpSession session = request.getSession();
session.setAttribute("loginId", auth.getName());
我把用户名存到session里,以后就不用再写这样的方法了,但是,如果需要获取user表里的所有信息,那是否需要用这个用户名来查询一次数据库呢?
1
public void getSecurityContextInformations() {
2
SecurityContext sc = SecurityContextHolder.getContext();
3 Authentication auth = sc.getAuthentication();
4 Object principal = auth.getPrincipal();
5
if (principal instanceof UserDetails) {
6 //用户密码
7 String password = ((UserDetails) principal).getPassword();
8 //用户名称
9 String username = ((UserDetails) principal).getUsername();
10 //用户权限
11 GrantedAuthority[] authorities = ((UserDetails) principal).getAuthorities();
12 for (int i = 0; i < authorities.length; i++) {
13 String authority = authorities[i].getAuthority();
14
}
15 }
16 Object details = auth.getDetails();
17 if (details instanceof WebAuthenticationDetails) {
18 //用户session id
19 String SessionId = ((WebAuthenticationDetails) details).getSessionId();
20 }
21
}
public void getSecurityContextInformations() {
2
SecurityContext sc = SecurityContextHolder.getContext();3
Authentication auth = sc.getAuthentication();4
Object principal = auth.getPrincipal();5
if (principal instanceof UserDetails) {
6
//用户密码7
String password = ((UserDetails) principal).getPassword();8
//用户名称9
String username = ((UserDetails) principal).getUsername();10
//用户权限11
GrantedAuthority[] authorities = ((UserDetails) principal).getAuthorities();12
for (int i = 0; i < authorities.length; i++) {13
String authority = authorities[i].getAuthority();14
}15
}16
Object details = auth.getDetails();17
if (details instanceof WebAuthenticationDetails) {18
//用户session id19
String SessionId = ((WebAuthenticationDetails) details).getSessionId();20
}21
} 电视机9号,此文章在用于非商业性质的情况下,可以任意复制,传阅。
浙公网安备 33010602011771号