开发者

Spring3, Security3, Hibernate, MYSQL - How to install user tracking into database

开发者 https://www.devze.com 2023-02-21 03:30 出处:网络
First Project: Spring3, Security3, Hibernate, MYSQL - How to install user tracking into database I am working on my first 开发者_StackOverflowproject with Spring3, Security3, Hibernate, MYSQL.

First Project: Spring3, Security3, Hibernate, MYSQL - How to install user tracking into database

I am working on my first 开发者_StackOverflowproject with Spring3, Security3, Hibernate, MYSQL.

I have the system working great I use Spring3 and Security3 goign to MySQL for the login and using Spring3 MVC, Hibernate and MYSQL for system data.

I have a number of questions. Once I login does Spring Security save the user object somewhere that I can have Hibrernate access it. I want Hibernate to put the user name or role into each insert to the database so as I do my searches the system knows to only show data for that user and only that user?

this somes like it should be easy. Spring should be saving the user somewhere the hibernate can access.

please help me out


Once the user is authenticated, you can access the user's authentication session details:

Authentication authentication = SecurityContextHolder.getContext().getAuthentication();

SecurityContext will allow you to grab the Authentication object, and from that you can retrieve the principal (an object representing the authenticated user), roles, etc. You could inspect this information and determine what data should be stored/displayed for each user.

If you can add a request filter or interceptor (the vocabulary may vary between frameworks), you could probably make these security checks abstract/generic enough to be applied across your entire web app (instead of adding a few lines of code to every resource method you're attempting to secure). Either way, SecurityContext should get you closer to what you want.

0

精彩评论

暂无评论...
验证码 换一张
取 消