ps个人网站建设,西宁建设网站的公司,做网站推广员图片处理问题,猎头公司网站模板文章目录 1、用户认证流程AuthenticationSuccessHandler AuthenticationFailureHandlerSecurityFilterChain配置用户认证信息 2、会话并发处理2.1、实现处理器接口2.2、SecurityFilterChain配置 1、用户认证流程
AuthenticationSuccessHandler AuthenticationFailureHandler
… 文章目录 1、用户认证流程AuthenticationSuccessHandler AuthenticationFailureHandlerSecurityFilterChain配置用户认证信息 2、会话并发处理2.1、实现处理器接口2.2、SecurityFilterChain配置 1、用户认证流程
AuthenticationSuccessHandler AuthenticationFailureHandler
登录成功后调用AuthenticationSuccessHandler登录失败后调用AuthenticationFailureHandler public class SecurityAuthenticationSuccessHandler implements AuthenticationSuccessHandler {Overridepublic void onAuthenticationSuccess(HttpServletRequest request, HttpServletResponse response, Authentication authentication) throws IOException, ServletException {//获取用户身份信息Object principal authentication.getPrincipal();//创建结果对象HashMap result new HashMap();result.put(code, 0);result.put(message, 登录成功);result.put(data, principal);//转换成json字符串String json JSON.toJSONString(result);//返回响应response.setContentType(application/json;charsetUTF-8);response.getWriter().println(json);}
}
SecurityFilterChain配置
form.successHandler(new SecurityAuthenticationSuccessHandler()) //认证成功时的处理用户认证信息
RestController
public class IndexController {GetMapping(/)public Map index(){System.out.println(index controller);SecurityContext context SecurityContextHolder.getContext();//存储认证对象的上下文Authentication authentication context.getAuthentication();//认证对象String username authentication.getName();//用户名Object principal authentication.getPrincipal();//身份Object credentials authentication.getCredentials();//凭证(脱敏)Collection? extends GrantedAuthority authorities authentication.getAuthorities();//权限System.out.println(username);System.out.println(principal);System.out.println(credentials);System.out.println(authorities);//创建结果对象HashMap result new HashMap();result.put(code, 0);result.put(data, username);return result;}
}2、会话并发处理
后登录的账号会使先登录的账号失效
2.1、实现处理器接口
实现接口SessionInformationExpiredStrategy
package com.atguigu.securitydemo.config;public class MySessionInformationExpiredStrategy implements SessionInformationExpiredStrategy {Overridepublic void onExpiredSessionDetected(SessionInformationExpiredEvent event) throws IOException, ServletException {//创建结果对象HashMap result new HashMap();result.put(code, -1);result.put(message, 该账号已从其他设备登录);//转换成json字符串String json JSON.toJSONString(result);HttpServletResponse response event.getResponse();//返回响应response.setContentType(application/json;charsetUTF-8);response.getWriter().println(json);}
}2.2、SecurityFilterChain配置
//会话管理
http.sessionManagement(session - {session.maximumSessions(1).expiredSessionStrategy(new MySessionInformationExpiredStrategy());
});
