private Authentication fresh(Authentication authentication, ServletRequest req) {
HttpServletRequest request = (HttpServletRequest) req;
HttpSession session = request.getSession(false);
if (session != null) {
SessionRegistry sessionRegistry =
(SessionRegistry) SpringBeanUtil.getBeanByName("sessionRegistry");
SessionInformation info = sessionRegistry.getSessionInformation(session.getId());
if (info != null) {
// Non-expired - update last request date/time
Object principal = info.getPrincipal();
if (principal instanceof org.springframework.security.core.userdetails.User) {
org.springframework.security.core.userdetails.User userRefresh =
(org.springframework.security.core.userdetails.User) principal;
ServletContext sc = session.getServletContext();
HashSet<String> unrgas = springSecurityService.getUsersNeedRefreshGrantedAuthorities();
if (unrgas.size() > 0) {
HashSet<String> loginedUsernames = new HashSet<String>();
List<Object> loggedUsers = sessionRegistry.getAllPrincipals();
for (Object lUser : loggedUsers) {
if (lUser instanceof org.springframework.security.core.userdetails.User) {
org.springframework.security.core.userdetails.User u =
(org.springframework.security.core.userdetails.User) lUser;
loginedUsernames.add(u.getUsername());
}
}
// 清除已经下线的但需要刷新的username
for (Iterator iterator = unrgas.iterator(); iterator.hasNext(); ) {
String unrgs = (String) iterator.next();
if (!loginedUsernames.contains(unrgs)) {
iterator.remove();
}
}
if (unrgas.contains(userRefresh.getUsername())) {
// 如果需要刷新权限的列表中有当前的用户,刷新登录用户权限
// FIXME:与springSecurityServiceImpl中的功能,相重复,需重构此方法和springSecurityServiceImpl
MyJdbcUserDetailsManager mdudm =
(MyJdbcUserDetailsManager)
SpringBeanUtil.getBeanByType(MyJdbcUserDetailsManager.class);
SecurityContextHolder.getContext()
.setAuthentication(
new UsernamePasswordAuthenticationToken(
userRefresh,
userRefresh.getPassword(),
mdudm.getUserAuthorities(userRefresh.getUsername())));
session.setAttribute(
HttpSessionSecurityContextRepository.SPRING_SECURITY_CONTEXT_KEY,
SecurityContextHolder.getContext());
unrgas.remove(userRefresh.getUsername());
return SecurityContextHolder.getContext().getAuthentication();
}
}
}
}
}
return authentication;
}
@RequestMapping(value = "/home/luis", method = RequestMethod.GET)
public String luis(Model model) {
Util.loginUsuario("*****@*****.**", "garbage1");
User user = Util.getUserLogged();
model.addAttribute("usuario", user.getUsername());
model.addAttribute("password", user.getPassword());
return "home";
}
/** Simply selects the home view to render by returning its name. */
@RequestMapping(value = "/home/client", method = RequestMethod.GET)
public String home(Locale locale, Model model) {
Date date = new Date();
DateFormat dateFormat =
DateFormat.getDateTimeInstance(DateFormat.LONG, DateFormat.LONG, locale);
String formattedDate = dateFormat.format(date);
User user = Util.getUserLogged();
logger.info("usuario " + user.getUsername());
logger.info("password " + user.getPassword());
model.addAttribute("usuario", user.getUsername());
model.addAttribute("password", user.getPassword());
model.addAttribute("serverTime", formattedDate);
return "home";
}
/**
* Turns the users password, granted authorities and enabled state into a property file value
*
* @param user
* @return
*/
String serializeUser(User user) {
StringBuffer sb = new StringBuffer();
sb.append(user.getPassword());
sb.append(",");
for (GrantedAuthority ga : user.getAuthorities()) {
sb.append(ga.getAuthority());
sb.append(",");
}
sb.append(user.isEnabled() ? "enabled" : "disabled");
return sb.toString();
}
/**
* Login a user manually/programmatically.
*
* @param user the user' object
*/
@Transactional
public void login(User user) {
org.springframework.security.core.userdetails.User authUser =
new org.springframework.security.core.userdetails.User(
user.getUsername(),
user.getPassword(),
AuthorityUtils.createAuthorityList("ROLE_USER"));
Authentication auth =
new UsernamePasswordAuthenticationToken(
authUser, authUser.getPassword(), authUser.getAuthorities());
SecurityContextHolder.getContext().setAuthentication(auth);
LOGGER.info("Programmatically logged in user={}", user);
}
public AppUser(
final Office office,
final User user,
final Set<Role> roles,
final String email,
final String firstname,
final String lastname) {
this.office = office;
this.email = email.trim();
this.username = user.getUsername().trim();
this.firstname = firstname.trim();
this.lastname = lastname.trim();
this.password = user.getPassword().trim();
this.accountNonExpired = user.isAccountNonExpired();
this.accountNonLocked = user.isAccountNonLocked();
this.credentialsNonExpired = user.isCredentialsNonExpired();
this.enabled = user.isEnabled();
this.roles = roles;
this.firstTimeLoginRemaining = true;
}
public AuthenticationUserDetails(User user) {
this.login = user.getUsername();
this.passwordHash = user.getPassword();
this.enabled = user.isEnabled();
this.grantedAuthorities.addAll(user.getAuthorities());
}