zoukankan      html  css  js  c++  java
  • 基于Token的授权(with srping mvc)

    @Override
    public void doFilter(ServletRequest sr, ServletResponse sr1, FilterChain fc) throws IOException, ServletException {
        boolean tokenAuthenticated = false;
        HttpServletRequest request = (HttpServletRequest) sr;
        String token = findToken(request);
        if ((null == token) || (!authenticationNeeded(request))) {
            fc.doFilter(sr, sr1);
            return;
        }
        if (needHttps && (! request.isSecure())) {
            TokenAuthenticationToken at = new TokenAuthenticationToken(token);
            try {
                at.setDetails(detailsSource.buildDetails(request));
                Authentication auth = manager.authenticate(at);
                if ((auth != null) && (auth.isAuthenticated())) {
                    SecurityContextHolder.getContext().setAuthentication(auth);
                    tokenAuthenticated = true;
                }
            } catch (AuthenticationException e) {
                logger.debug("Authentication failed :", e);
            }
        }
        else {
            logger.info("Token identification rejected : proto != https");
        }
        fc.doFilter(sr, sr1);
        if (tokenAuthenticated) {
            logger.debug("Token authenticated : invalidate session");
            HttpSession session = request.getSession(false);
            if (session != null) {
                session.invalidate();
            }
        }
    }

    除了filter,应该需要在服务端持久化token,参见http://stackoverflow.com/questions/2608372/spring-security-rememberme-services-with-session-cookie?rq=1
    https://github.com/virgo47/restful-spring-security

    logout的实现
    http://stackoverflow.com/questions/14733418/login-logout-in-rest-with-spring-3/14735345#14735345
  • 相关阅读:
    函数模板
    c#使用多线程的几种方式示例详解
    C#中数组、ArrayList和List三者的区别
    c# Thread类
    IEnumerable和IEnumerator 详解
    C#执行CMD命令并接收返回结果的实现方法
    C# Process.Start()方法详解
    C#Json转Xml格式数据的方法
    sql存储过程
    SQL存储过程基础
  • 原文地址:https://www.cnblogs.com/zlfoak/p/4367625.html
Copyright © 2011-2022 走看看