在完成身份验证之前获取j_username

时间:2022-09-13 20:03:43

I constructed a filter that runs before the "springSecurityFilterChain" and this filter needs the j_username for its doFilter method. Unfortuntaly it's impossible to use a Principal object and get the username throught getName() before the end of a successful authentication.
Is there any other way to get the j_username in this first filter?

我构造了一个在“springSecurityFilterChain”之前运行的过滤器,这个过滤器需要j_username用于其doFilter方法。不幸的是,在成功验证结束之前,不可能使用Principal对象并通过getName()获取用户名。有没有其他方法可以在第一个过滤器中获取j_username?

1 个解决方案

#1


Override

 public class ExUsernamePasswordAuthenticationFilter extends UsernamePasswordAuthenticationFilter {

 @Override
 public Authentication attemptAuthentication(HttpServletRequest request, HttpServletResponse response) throws AuthenticationException {
          final String username = request.getParameter("j_username");

          // delegate your logic
          return super.attemptAuthentication(request, response); 
  } 
}

in security config < http />

在安全配置

<bean id="exUsernamePasswordAuthFilter" class="..." />

<custom-filter ref="exUsernamePasswordAuthFilter" position="FORM_LOGIN_FILTER"/>

http://docs.spring.io/spring-security/site/docs/3.1.x/reference/springsecurity-single.html#ns-custom-filters

#1


Override

 public class ExUsernamePasswordAuthenticationFilter extends UsernamePasswordAuthenticationFilter {

 @Override
 public Authentication attemptAuthentication(HttpServletRequest request, HttpServletResponse response) throws AuthenticationException {
          final String username = request.getParameter("j_username");

          // delegate your logic
          return super.attemptAuthentication(request, response); 
  } 
}

in security config < http />

在安全配置

<bean id="exUsernamePasswordAuthFilter" class="..." />

<custom-filter ref="exUsernamePasswordAuthFilter" position="FORM_LOGIN_FILTER"/>

http://docs.spring.io/spring-security/site/docs/3.1.x/reference/springsecurity-single.html#ns-custom-filters