本文介绍如何通过Spring Security的SecurityContext及Authentication API动态更改用户的权限角色。主要步骤包括获取SecurityContext实例,创建包含新权限的新UsernamePasswordAuthenticationToken对象,并使用SecurityContext的setAuthentication方法更新当前认证状态。
solution is
you could get
SecurityContext instance via SecurityContextHolder
then via
SecurityContext's setAuthentication(Authentication authentication)
UsernamePasswordAuthenticationToken is subclass of Authentication
so,you have to create a new one which contains new aurhorites(roles) via constructor as below shown
reference url:http://forum.springsource.org/showthread.php?52229-How-to-change-GrantedAuthority-dynamically
you could get
SecurityContext instance via SecurityContextHolder
then via
SecurityContext's setAuthentication(Authentication authentication)
UsernamePasswordAuthenticationToken is subclass of Authentication
so,you have to create a new one which contains new aurhorites(roles) via constructor as below shown
SecurityContext 's setAuthentication. (UsernamePasswordAuthenticationToken(Object principal, Object credentials, GrantedAuthority[] authorities) ) ;
reference url:http://forum.springsource.org/showthread.php?52229-How-to-change-GrantedAuthority-dynamically
转载于:https://blog.51cto.com/wanqiufeng/629549
扫一扫
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
