spring security在spring mvc的action中获取登录人信息
@RequestMapping("/index")
public ModelAndView login(
@RequestParam(value = "error", required = false) String error,
@RequestParam(value = "logout", required = false) String logout,
HttpServletRequest request) {
ModelAndView model = new ModelAndView();
if (error != null) {
model.addObject("error", "请输入有效的用户名和密码");
}
/* if (logout != null) {
model.addObject("msg", "您已经成功退出");
}*/
model.setViewName("index");
SecurityContextImpl securityContextImpl = (SecurityContextImpl) request
.getSession().getAttribute("SPRING_SECURITY_CONTEXT");
if(securityContextImpl!=null){
String username=securityContextImpl.getAuthentication().getName();// 登录名
request.getSession().setAttribute("username", username);
// 登录密码,未加密的
System.out.println("Credentials:"
+ securityContextImpl.getAuthentication().getCredentials());
WebAuthenticationDetails details = (WebAuthenticationDetails) securityContextImpl
.getAuthentication().getDetails();
// 获得访问地址
//System.out.println("RemoteAddress" + details.getRemoteAddress());
// 获得sessionid
//System.out.println("SessionId" + details.getSessionId());
// 获得当前用户所拥有的权限
/* List<GrantedAuthority> authorities = (List<GrantedAuthority>) securityContextImpl
.getAuthentication().getAuthorities();
for (GrantedAuthority grantedAuthority : authorities) {
System.out.println("Authority" + grantedAuthority.getAuthority());
}*/
}
return model;
}