首页 > 编程语言> > java – Spring安全认证,包含3个字段,而不仅仅是用户名和密码

java – Spring安全认证,包含3个字段,而不仅仅是用户名和密码

2019-06-24 13:49:14 作者：互联网

我想使用用户名密码域(只是一个字符串)进行身份验证.

它不是唯一的用户名,而是用户名域的唯一组合.

做这个的最好方式是什么？

我正在使用grails 2.3.7

解决方法:

尝试这样的事情(代码未经过测试)：

@Component
public class BasicAuthenticationProvider implements AuthenticationProvider {

    @Autowired
    private UserService registerService;

    @Override
    public Authentication authenticate(Authentication authentication) throws AuthenticationException {

        String email = authentication.getName();
        String password = (String) authentication.getCredentials();
        String domain = (String) authentication.getDetails();

        User user = registerService.getUserByEmail(email);

        if (user == null) {
            throw new BadCredentialsException("Username not found.");
        }
        if (!password.equals(user.getPassword()) && !domain.equals(user.getDomain())) {
            throw new BadCredentialsException("Wrong password.");
        }

        Collection<GrantedAuthority> authorities = new HashSet<GrantedAuthority>();
        GrantedAuthority grantedAuthority = new GrantedAuthority() {
            @Override
            public String getAuthority() {
                return user.getAuthority();
            }
        };
        authorities.add(grantedAuthority);

        return new UsernamePasswordAuthenticationToken(email, password, authorities);
    }

    @Override
    public boolean supports(Class<?> arg0) {
        return true;
    }
}

标签：java,grails,spring-security,multi-tenant
来源： https://codeday.me/bug/20190624/1279023.html