文章目录 环境自定义认证成功处理器,响应 JSON思路项目结构编码测试 环境
操作系统:
Windows 10 x64集成开发环境:
Spring Tool Suite 4 Version: 4.14.0.RELEASE Build Id: 202203131612Postman(客户端):
Postman for Windows Version 9.0.9 win32 10.0.19044 / x64 自定义认证成功处理器,响应 JSON 思路通过实现 AuthenticationSuccessHandler 接口。
项目结构参考:Spring Security - 15 通过 JDBC 获取用户信息进行认证
编码修改 HttpResult 类,添加 toJsonString()(第 33 ~ 35 行),用于将 Java Bean 转换为 JSON 字符串:
package com.mk.web.common; import java.io.Serializable; import com.fasterxml.jackson.annotation.JsonInclude; import com.fasterxml.jackson.core.JsonProcessingException; import com.fasterxml.jackson.databind.ObjectMapper; import lombok.AllArgsConstructor; import lombok.Getter; import lombok.NoArgsConstructor; import lombok.Setter; import lombok.ToString; @NoArgsConstructor @AllArgsConstructor @Getter @Setter @ToString public class HttpResult implements Serializable { private static final long serialVersionUID = 1L; public static final String MESSAGE_OK = "ok"; public static final String MESSAGE_ERROR = "error"; private String message; @JsonInclude(value = JsonInclude.Include.NON_EMPTY) private Object data; public String toJsonString() throws JsonProcessingException { return new ObjectMapper().writeValueAsString(this); } }新建 SimpleJsonAuthenticationSuccessHandler 类,实现 AuthenticationSuccessHandler 接口,当用户认证成功之后,通过此类返回 JSON:
package com.mk.security.web.authentication; import java.io.IOException; import java.io.PrintWriter; import javax.servlet.ServletException; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import org.springframework.security.core.Authentication; import org.springframework.security.web.authentication.AuthenticationSuccessHandler; import org.springframework.stereotype.Component; import com.mk.web.common.HttpResult; import lombok.extern.slf4j.Slf4j; @Component @Slf4j public class SimpleJsonAuthenticationSuccessHandler implements AuthenticationSuccessHandler { private boolean debug = log.isDebugEnabled(); @Override public void onAuthenticationSuccess(HttpServletRequest request, HttpServletResponse response, Authentication authentication) throws IOException, ServletException { if (debug) { log.debug("Authentication: {}", authentication); } response.setCharacterEncoding("UTF-8"); response.setContentType("application/json"); HttpResult result = new HttpResult(HttpResult.MESSAGE_OK, authentication); PrintWriter writer = response.getWriter(); writer.write(result.toJsonString()); writer.flush(); writer.close(); } }修改 WebSecurityConfigurer 配置类,在此类中注入 AuthenticationSuccessHandler 认证成功处理器(第 18 ~ 19 行),并在表单配置中使用(第 28 ~ 30 行):
package com.mk.security.config.annotation.web.configuration; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder; import org.springframework.security.config.annotation.web.builders.HttpSecurity; import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity; import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter; import org.springframework.security.core.userdetails.UserDetailsService; import org.springframework.security.web.authentication.AuthenticationSuccessHandler; //@Configuration @EnableWebSecurity public class WebSecurityConfigurer extends WebSecurityConfigurerAdapter { @Autowired private UserDetailsService userDetailsService; @Autowired private AuthenticationSuccessHandler authenticationSuccessHandler; // 其他,保持不变 @Override protected void configure(HttpSecurity http) throws Exception { // http.formLogin(); // Specifies to support form based authentication. http.formLogin(customizer -> { customizer.successHandler(authenticationSuccessHandler); }); // 其他,保持不变 } } 测试启动应用,使用 Postman 访问 http://127.0.0.1:8080/login,填写正确的用户名和密码等参数,登录成功之后,Spring Security 返回如下信息:
1.本站遵循行业规范,任何转载的稿件都会明确标注作者和来源;2.本站的原创文章,会注明原创字样,如未注明都非原创,如有侵权请联系删除!;3.作者投稿可能会经我们编辑修改或补充;4.本站不提供任何储存功能只提供收集或者投稿人的网盘链接。 |