本文详细介绍了Spring Security框架中UserDetails接口的作用及其在系统安全认证中的关键地位。通过实现UserDetails接口,开发者可以自定义存储用户所需细节,如电子邮件、电话、地址等,并在后续通过Authentication对象获取这些信息。
先上一张图,如下图1所示:
图1 UserDetails的类图
UserDetails这个类的目的,《Pro Spring Security》的chapter3中,原文,"The interface org.springframework.security.core.userdetails.UserDetails object is the main abstraction in the system, and it’s used to represent a full user in the context of Spring Security. It is also made available to be accessed later in the system from any point that has access to SecurityContext. Normally, developers create their own implementation of this interface to store particular user details they need or want (like email, telephone, address, and so on). Later, they can access this information, which will be encapsulated in the Authentication object, and they can be obtained by calling the getPrincipal method on it"
我们可以自己实现这个Userdetails接口,保存我们想要的用户信息,之后将这个UserDetails的实现类放在Authentication中,通过Authentication.getPrincipal()获得。
扫一扫
2822
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
