欢迎您访问程序员文章站本站旨在为大家提供分享程序员计算机编程知识!
您现在的位置是: 首页

Spring Security判断用户是否已经登录 博客分类: Spring实践技术笔记 springsecurity 

程序员文章站 2024-03-17 08:09:28
...

方法一、JSP中检查user principal

<c:if test="${pageContext.request.userPrincipal.name != null}">
    <label>
     Hi ${pageContext.request.userPrincipal.name} ! Welcome to our site
    </label>
</c:if>

<c:choose>
  <c:when test="${pageContext.request.userPrincipal.authenticated}">Show something</c:when>
  <c:otherwise>Show something else</c:otherwise>
</c:choose>

方法二、检查角色

<%@ taglib prefix="sec" uri="http://www.springframework.org/security/tags" %>
<%@ taglib prefix="c" uri="http://java.sun.com/jsp/jstl/core"%>

    <sec:authorize access="hasAnyAuthority('ROLE_ADMIN', 'ROLE_USER')" var="isAuthenticated">
    </sec:authorize>

    <c:out value="${isAuthenticated}"/>

和这个

<sec:authorize access="hasAnyRole('ROLE_ADMIN')">
    <a href="delete/${file.id}">Delete</a>
</sec:authorize>

方法三、 还是查询用户

Authentication auth = SecurityContextHolder.getContext().getAuthentication(); 
if (!(auth instanceof AnonymousAuthenticationToken)) { 
     // do something...
}

方法四、 使用标签库

<%@taglib uri="http://www.springframework.org/security/tags" prefix="sec"%>
<sec:authorize access="isAuthenticated()">
    <% response.sendRedirect("main"); %>
</sec:authorize>

方法五、 使用注解

需要:<global-method-security secured-annotations="enabled" />

@Secured("ROLE_ADMIN")
@RequestMapping(params = "onlyForAdmins")    
public ModelAndView onlyForAdmins() {
    ....
}

 @PreAuthorize("isAuthenticated()")
 @RequestMapping(params = "onlyForAuthenticated")
 public ModelAndView onlyForAuthenticatedUsers() {
     ....
 }

方法六、 编程

 SecurityContextHolder.getContext().getAuthentication() != null &&
 SecurityContextHolder.getContext().getAuthentication().isAuthenticated() &&
 //when Anonymous Authentication is enabled
 !(SecurityContextHolder.getContext().getAuthentication() 
          instanceof AnonymousAuthenticationToken) 


if (SecurityContextHolder.getContext().getAuthentication().isAuthenticated()) {
  System.out.println("LOGGED IN");
  } else {
  System.out.println("NOT LOGGED IN");
}


if (!SecurityContextHolder.getContext().getAuthentication().getName().
  equals("anonymousUser")) {
  System.out.println("LOGGED IN");
  } else {
  System.out.println("NOT LOGGED IN");
}

 

相关标签: spring security

上一篇: 一道虚树题

下一篇: Codeforces 1342 D. Multiple Testcases

推荐阅读