spring security 找不到用户信息的原因
折腾了两天,终于解决了,spring security 的用户信息终于可以取出来了.网上的解决办法都没有效果.spring security 2.0.4 把用户信息存入本地线程,通过SecurityContextHolder来获取,第一次请求完成后,则后清空用户信息 如源码:[*]finally {
[*] // This is the only place in this class where SecurityContextHolder.getContext() is called
[*] SecurityContext contextAfterChainExecution = SecurityContextHolder.getContext();
[*]
[*] // Crucial removal of SecurityContextHolder contents - do this before anything else.
[*] SecurityContextHolder.clearContext();
[*]
[*] request.removeAttribute(FILTER_APPLIED);
[*]·········
[*]}
因为我的用的是webwork的action跳转页面,所以又是一个请求这样的话,在action中的方法中就无法取得用户信息了,解决办法就是:写一个servlet来取出用户信息,然后跳转到新页面把用户信息传递过去就样就能实现目的.
如servlet:
/**
*
*/
package com.ztl.book3un.usermanager.user.security;
import java.io.IOException;
import java.util.Map;
import javax.servlet.RequestDispatcher;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import com.opensymphony.xwork.ActionContext;
import com.ztl.book3un.usermanager.domain.UserLogin;
/**
* @author:李剑
* @创作时间:2009-5-27
* @E-mail:lijian_nhy@126.com
* @说明:
* @最后一次修改时间:
* @修改人:
*/
public class LoginToIndex extends HttpServlet
{
private static final long serialVersionUID = -2695430823076562265L;
/*
* (non-Javadoc)
*
* @see javax.servlet.http.HttpServlet#doGet(javax.servlet.http.HttpServletRequest,
* javax.servlet.http.HttpServletResponse)
*/
@Override
protected void doGet(HttpServletRequest request,
HttpServletResponse response) throws ServletException, IOException
{
// 得到当前用户
//String sessionCode = "abc";//模拟设置
// String code = (String) request.getAttribute("code");
// System.out.println(code);
// if(sessionCode.equals(code)){
// System.out.println("对不起,你的验证码不正确!");
// }
UserLogin ul = SecurityUserHolder.getUser();
String userName = ul.getUsername();
String password = ul.getPassword();
//request.setAttribute("ul", ul);
// request.setAttribute("userName", userName);
// request.setAttribute("password", password);
// 跳转到index.jsp页面
String path = request.getContextPath();
String basePath = request.getScheme()+"://"+request.getServerName()+":"+request.getServerPort()+path+"/";
/*RequestDispatcher dispatcher = request
.getRequestDispatcher("/index.ztl?m=login");
dispatcher.forward(request, response);*/
response.sendRedirect(basePath+"index.ztl?m=login&userName="+userName+"&password="+password);
}
/*
* (non-Javadoc)
*
* @see javax.servlet.http.HttpServlet#doPost(javax.servlet.http.HttpServletRequest,
* javax.servlet.http.HttpServletResponse)
*/
@Override
protected void doPost(HttpServletRequest request,
HttpServletResponse response) throws ServletException, IOException
{
doGet(request, response);
}
}
接下来就是你原来项目的操作了,你应该怎么取值怎么取值了.呵呵.
页:
[1]