zoukankan      html  css  js  c++  java

  • security自动登陆

    package*.security;

import java.util.ArrayList;

import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServletRequest;

import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.apache.struts2.ServletActionContext;
import org.springframework.security.authentication.AuthenticationManager;
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.core.userdetails.UsernameNotFoundException;
import org.springframework.security.web.authentication.WebAuthenticationDetails;

import com.opensymphony.xwork2.ActionSupport;

import *.security.AutoLoginFilter;

public class Login extends ActionSupport {
	
	private UserDetailsService userDetailService;
	private AuthenticationManager authenticationManager;
	public String poc_auto_login_user;
	public String poc_auto_login_password;
	public String errorMsg;
	private static Log log = LogFactory.getLog(AutoLoginFilter.class);
	
	public String login(){
		String targetUser = getPoc_auto_login_user();
//		String targetUserPassword = getPoc_auto_login_password();
		if (targetUser != null && targetUser.trim().length() > 0
//				&& targetUserPassword != null
//				&& targetUserPassword.trim().length() > 0
				) {

			Authentication oridinalAuth = SecurityContextHolder.getContext()
					.getAuthentication();
			if (oridinalAuth != null) {

				Object prin = oridinalAuth.getPrincipal();
				String user = null;
				if (prin instanceof UserDetails) {

					user = ((UserDetails) prin).getUsername();

				} else {
					user = (String) prin;
				}

				if (targetUser.equals(user)) {
					this.setErrorMsg(targetUser+"账号已经登录!!");
					log.info("尝试自动登录已经登录的账号:" + user + ",自动登录过程已经取消");
					//return INPUT;
				}
			}

			UserDetails user = null;

			// 处理自动登录逻辑,这里没有验证密码,如果要验证密码就在这里进行修改
			try {

				user = userDetailService.loadUserByUsername(targetUser);

			} catch (UsernameNotFoundException e) {
				this.setErrorMsg(targetUser+"账号不存在!!");
				log.info("由于用户账号不存在,已经取消自动登录:" + targetUser);
				//return INPUT;
			}

			// 执行登录,这里没有进行密码比较,直接进行的登录。
//			String realPassword = user.getPassword();
			if (true//targetUserPassword.equals(realPassword)
					) {
				UsernamePasswordAuthenticationToken authentication = new UsernamePasswordAuthenticationToken(
						user, user.getPassword(), new ArrayList(
								user.getAuthorities()));
				authentication.setDetails(new WebAuthenticationDetails(
						(HttpServletRequest) ServletActionContext.getRequest()));

				authentication = (UsernamePasswordAuthenticationToken) authenticationManager
						.authenticate(authentication);

				SecurityContextHolder.getContext().setAuthentication(
						authentication);
				
				/*HttpServletRequest req = ServletActionContext.getRequest();
				String loginParam = req.getParameter("loginParam").trim();
				if(null != loginParam && !loginParam.equals("")){
					Cookie cookie =  new Cookie("loginParam", loginParam);
					cookie.setPath("/");
					ServletActionContext.getResponse().addCookie(cookie);
				}*/
				
				log.info("已经自动登录账号:" + targetUser);
				return SUCCESS;
			} else {
				this.setErrorMsg(targetUser+"密码错误");
				log.info("用户密码错误:" + targetUser);
				//return INPUT;
			}

		}else{
			this.setErrorMsg("请输入用户名和密码");
		}
		
		return SUCCESS;
	}

	public String getPoc_auto_login_user() {
		return poc_auto_login_user;
	}

	public void setPoc_auto_login_user(String poc_auto_login_user) {
		this.poc_auto_login_user = poc_auto_login_user;
	}

	public String getPoc_auto_login_password() {
		return poc_auto_login_password;
	}

	public void setPoc_auto_login_password(String poc_auto_login_password) {
		this.poc_auto_login_password = poc_auto_login_password;
	}

	public String getErrorMsg() {
		return errorMsg;
	}

	public void setErrorMsg(String errorMsg) {
		this.errorMsg = errorMsg;
	}

	public void setUserDetailService(UserDetailsService userDetailService) {
		this.userDetailService = userDetailService;
	}

	public void setAuthenticationManager(AuthenticationManager authenticationManager) {
		this.authenticationManager = authenticationManager;
	}
	
}

      
  • 相关阅读:
    P4213【模板】杜教筛
    【SDOI2006】线性方程组
    【AHOI2018】排列
    【NOI2001】炮兵阵地
    【NOIP2012】疫情控制
    【AHKOI2017】rexp
    【十二省联考2019】春节十二响
    【TJOI2014】匹配
    【AT2645】Exhausted?
    P3809 【模板】后缀排序
  • 原文地址:https://www.cnblogs.com/jifeng/p/3903554.html
Copyright © 2011-2022 走看看