Spring security principal 多了一个层级

sucanber 发布于 2018/06/21 18:53
阅读 1K+
收藏 0

用户POJO:

public class PhiMember implements UserDetails, CredentialsContainer {

    private static final long serialVersionUID = -814031798199130314L;

    private String username;

    private String password;

    private Collection<? extends GrantedAuthority> authorities;
    /**
     * 头像
     */
    private String avatar;

//    private String authorities;

    public PhiMember(String username, String password, Collection<? extends GrantedAuthority> authorities) {
        setUsername(username);
        setPassword(password);
        setAuthorities(authorities);
    }

自定义userService:

@Service
public class UserService implements UserDetailsService {

   
    @Override
    public UserDetails loadUserByUsername(String userId) {

        Account account = accountConfig.getAccounts().stream().filter(a -> a.getUsername().equals(userId)).findFirst().orElseThrow(() -> new UsernameNotFoundException("用户不存在"));

        List<PhiAuthority> authorities = new ArrayList<>();
        authorities.add(new PhiAuthority("AUTH_001"));

        PhiMember member = new PhiMember(userId, account.getPassword(), authorities);
        member.setAvatar(account.getAvatar());
        return member;
    }
}

在controller里面方法private void test(Principal princial)查看principal 内部多嵌套了一个principal怎么回事?

里面的才是我需要的对象,如何去掉外层principal? 见图:

加载中
0
哎码
哎码

get一下呗,记着这个pricipal有两种实现

哎码
哎码
@GetMapping("/user") public Object getUser(Principal user) { return ((OAuth2Authentication) user).getPrincipal(); } 这种的,还有一个实现忘了,具体碰到的时候端点进去看看吧
sucanber
sucanber
能详细一点吗
0
sucanber
sucanber

没人知道吗

0
sucanber
sucanber

补充,在页面通过 

sec:authentication='authorities'

获得的权限也是一个空数组【】,并不是我所期待的AUTH_001权限

返回顶部
顶部