Bonjour
J'ai utilisé spring security pour l'authentification mais je ne sais pas comment récupérer le login de l'employé qui s'est authentifié pour la réalisation des requêtes ?
SVP pouvez vous m'aider ?
voila
servlet-security.xml
Code : Sélectionner tout - Visualiser dans une fenêtre à part
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65 <beans xmlns="http://www.springframework.org/schema/beans" xmlns:security="http://www.springframework.org/schema/security" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-2.5.xsd http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-2.0.4.xsd"> <!-- Déclaration du PropertyPlaceholderConfigurer --> <bean class="org.springframework.beans.factory.config.PropertyPlaceholderConfigurer"> <property name="locations"> <list> <value>classpath:/db.properties</value> </list> </property> </bean> <!-- Déclaration de la DATASOURCE --> <bean id="dataSource" class="org.springframework.jdbc.datasource.DriverManagerDataSource"> <property name="driverClassName" value="${db.driver}" /> <property name="url" value="${db.url}" /> <property name="username" value="${db.username}" /> <property name="password" value="${db.password}" /> </bean> <!-- Stratégie de Sécurité : ressources et Remember me --> <security:http auto-config="true"> <security:intercept-url pattern="/login.jsp" filters="none" /> <security:intercept-url pattern="/logo*" filters="none" /> <security:intercept-url pattern="/objis.css" filters="none" /> <security:intercept-url pattern="/**" access="ROLE_GRH,ROLE_CHEF-DIRECT,ROLE_EMPLOYE" /> <security:form-login login-page='/login.jsp' /> </security:http> <!-- Authentification via Database personalisée : Exemple avec tables 'employes' et 'roles' Attention à la colonne 'enabled' à ajouter --> <security:authentication-provider user-service-ref='myUserDetailsService' /> <bean id="myUserDetailsService" class="org.springframework.security.userdetails.jdbc.JdbcDaoImpl"> <property name="dataSource" ref="dataSource" /> <property name="usersByUsernameQuery" value="SELECT login as username, password, enabled , nom, prenom FROM Employes WHERE login = ?" /> <property name="authoritiesByUsernameQuery" value="SELECT login as username, role FROM roles WHERE login = ?" /> </bean> </beans>
login.jsp
et index.jsp
Code : Sélectionner tout - Visualiser dans une fenêtre à part
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44 <%@ taglib prefix='security' uri='http://www.springframework.org/security/tags' %> <%@ page import="org.springframework.security.context.SecurityContextHolder" %> <%@ page import="org.springframework.security.userdetails.UserDetails" %> <%@ page import="org.springframework.security.GrantedAuthority" %> <%@ include file="include.jsp" %> <%@ page language="java" contentType="text/html; charset=ISO-8859-1" pageEncoding="ISO-8859-1"%> <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"> <HTML> <HEAD><TITLE> Authentification Objis formations </TITLE> <style type="text/css"> @import "objis.css"; </style> </HEAD> <body> <div class="conTenu"> <div class="logoObjisAuthentification"> <a href='http://www.proxym-it.com' target=_blank> <img src="logo_objis.png" border=0 alt="Proxym-it : http://www.proxym-it.com" border="0"> </a></div> <div class="authenTification"> <form method="POST" action="j_spring_security_check" > <table> <tr> <td>Login :</td> <td><input type="text" name="j_username"></td> </tr> <tr> <td>Mot de passe :</td> <td><input type="password" name="j_password"></td> </tr> <tr> <td ><input type="submit" value="Valider"> <input type="reset" value="Annuler"></td> </tr> </table> </form> </div> </div> </body> </HTML>
merci de m'aider
Code : Sélectionner tout - Visualiser dans une fenêtre à part
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106 <%@ taglib prefix='security' uri='http://www.springframework.org/security/tags' %> <%@ page import="org.springframework.security.context.SecurityContextHolder" %> <%@ page import="org.springframework.security.userdetails.UserDetails" %> <%@ page import="org.springframework.security.GrantedAuthority" %> <% Object obj = SecurityContextHolder.getContext().getAuthentication().getPrincipal(); if (obj instanceof UserDetails) { GrantedAuthority[] granted = ((UserDetails)obj).getAuthorities(); String authority = granted[0].getAuthority() ; String username = ((UserDetails)obj).getUsername(); System.out.println("UserName : " + obj.toString()); System.out.println("Authority : " + authority); String role = authority.substring(5); session.setAttribute("role",role); } else { String username = obj.toString(); System.out.println("UserName : " + username); } %> <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"> <html> <head> <meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1"> <title>Démonstration sécurité Spring </title> <style type="text/css"> @import "objis.css"; </style> </head> <body> <div class="conTenu"> <div class="logoObjis"> <a href='http://www.proxym-it.com' target=_blank><img src="logo_objis.png" border=0 alt="Proxym-it : société exportatrice" border="0"></a> </div> <div class="userIdentite"> login : <security:authentication property="principal.username"/> </div> <div class="userRole"> Role : <%=session.getAttribute("role") %> </div> <div class="mnuLogout"> <a href="j_spring_security_logout">Déconnexion</a> </div> <security:authorize ifAnyGranted="ROLE_GRH"> <div class="mnuLien1"> <a href="vacation/listValidateGRH.htm">Validate Vacation</a> </div> <div class="mnuLien2"> <a href="employe/list.htm">Add Employee</a> </div> <div class="mnuLien3"> <a href="vacationtype/list.htm">Add Vacationtype</a> </div> <div class="mnuLien4"> <a href="salary/list.htm">Add salary</a> </div> <div class="mnuLien5"> <a href="vacation/list.htm">Add Vacation</a> </div> </security:authorize> <security:authorize ifAnyGranted="ROLE_CHEF-DIRECT"> <div class="mnuLien1"> <a href="vacation/listValidate.htm">Validate Vacation</a> </div> <div class="mnuLien2"> <a href="vacation/list.htm">Add Vacation</a> </div> </security:authorize> <security:authorize ifAnyGranted="ROLE_EMPLOYE"> <div class="mnuLien2"> <a href="vacation/list.htm">Add Vacation</a> </div> </security:authorize> </div> </body> </html>
Partager