我无法获取在线用户列表是 spring security
Posted
技术标签:
【中文标题】我无法获取在线用户列表是 spring security【英文标题】:I can't get a list of online users is spring security 【发布时间】:2017-12-19 00:11:18 【问题描述】:我无法获取在线用户列表。
@Override
public void configure(HttpSecurity http) throws Exception
http
.httpBasic()
.realmName("GlxssSecurity")
.and()
.requestMatchers()
.antMatchers("/oauth/authorize")
.and()
.authorizeRequests()
.antMatchers("/oauth/authorize").authenticated()
.and()
.sessionManagement()
.maximumSessions(1)
.sessionRegistry(sessionRegistry());
@Override
@Bean
public AuthenticationManager authenticationManagerBean() throws Exception
return super.authenticationManagerBean();
@Bean
public SecurityEvaluationContextExtension securityEvaluationContextExtension()
return new SecurityEvaluationContextExtension();
@Bean
public SessionRegistry sessionRegistry ()
return new SessionRegistryImpl();
@Bean
public ServletListenerRegistrationBean<HttpSessionEventPublisher> httpSessionEventPublisher()
return new ServletListenerRegistrationBean<HttpSessionEventPublisher>(new HttpSessionEventPublisher());
@Autowired
private SessionRegistry sessionRegistry;
public List getAdminUsers()
List<Object> list = sessionRegistry.getAllPrincipals();
log.info(list.toString());
return list;
【问题讨论】:
请添加您的 SessionRegistryImpl 类 你得到了什么?list
的值是多少?
***.com/questions/11271449/…
【参考方案1】:
@Bean
public HandshakeInterceptor handsUserInterceptor()
return new HandshakeInterceptor()
@Override
public boolean beforeHandshake(ServerHttpRequest request, ServerHttpResponse response, WebSocketHandler wsHandler, Map<String, Object> map) throws Exception
if (request instanceof ServletServerHttpRequest)
ServletServerHttpRequest servletRequest = (ServletServerHttpRequest) request;
Principal principal = request.getPrincipal();
User user= userService.getUserWithAuthoritiesByLogin(principal.getName()).get();
for (Authority authority : user.getAuthorities())
if ("ROLE_ADMIN".equals(authority.getName()))
SecurityUtils.getLoginAdminUsers().add(user);
break;
return true;
@Override
public void afterHandshake(ServerHttpRequest request, ServerHttpResponse response, WebSocketHandler wsHandler, Exception exception)
;
我是这样解决的,但他不太符合规范。
【讨论】:
以上是关于我无法获取在线用户列表是 spring security的主要内容,如果未能解决你的问题,请参考以下文章
如何使用spring security在grails中获取所有当前登录用户的列表(包括rememberme cookie)
无法在 Spring Security 登录事件侦听器中获取“记住我”用户的会话 ID
如何使用 spring-security-rest:1.4.0.RC5 在 grails 中获取 facebook 用户的联系人列表