spring security 无法获取当前用户
这是我的配置文件内容:<?xml version="1.0" encoding="UTF-8"?>
<beans:beans xmlns="http://www.springframework.org/schema/security"
xmlns:beans="http://www.springframework.org/schema/beans" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://www.springframework.org/schema/beans
http://www.springframework.org/schema/beans/spring-beans-3.0.xsd
http://www.springframework.org/schema/security
http://www.springframework.org/schema/security/spring-security-3.1.xsd">
<!-- 系统安全配置 -->
<http pattern="/example/css/**" security="none" />
<http pattern="/example/images/**" security="none" />
<http pattern="/example/js/**" security="none" />
<http pattern="/login.jsp" security="none" />
<http pattern="/index.jsp" security="none" />
<http pattern="/system/login_Users.do" security="none" />
<http pattern="/j_logout.do" security="none" />
<http auto-config="true" use-expressions="true">
<form-login default-target-url="/index.jsp" login-page="/login.jsp"
authentication-failure-url="/login.jsp?error=true" />
<logout logout-url="/j_logout.do" logout-success-url="/login.jsp" />
<remember-me key="RememberUserInfo" />
<custom-filter ref="securityInterceptorFilter" after="FILTER_SECURITY_INTERCEPTOR" />
</http>
<authentication-manager alias="authenticationManager">
<authentication-provider user-service-ref="userDetailServiceImpl">
<!--<password-encoder hash="sha-256" base64="true" />-->
</authentication-provider>
</authentication-manager>
<!-- 实现了UserDetailsService的Bean -->
<beans:bean id="userDetailServiceImpl"
class="com.dxb.core.security2.UserDetailServiceImpl">
<beans:property name="usersService" ref="usersService"></beans:property>
</beans:bean>
<!-- 自定义验证过滤器 -->
<beans:bean id="securityInterceptorFilter"
class="com.dxb.core.security2.SecurityInterceptorFilter">
<beans:property name="securityDataSource" ref="securityDataSource" />
</beans:bean>
<!-- 验证数据源加载 -->
<beans:bean id="securityDataSource"
class="com.dxb.core.security2.SecurityMetadataSource">
<beans:property name="rolesService" ref="rolesService" />
</beans:bean>
</beans:beans>
在登录action中执行了以下代码:
Authentication authRequest = new UsernamePasswordAuthenticationToken(
user.getAccount(), user.getPassword());
Authentication authentication = authenticationManager
.authenticate(authRequest);
SecurityContextHolder.getContext().setAuthentication(authentication);
登录成功后,在securityInterceptorFilter过滤器中无法获取当前用户。
请问怎么把用户信息放入容器啊????? --------------------编程问答-------------------- 不知道是不是配置的问题 --------------------编程问答-------------------- <http pattern="/index.jsp" security="none" />
<http pattern="/system/login_Users.do" security="none" />
去掉就行了,不知道为什么
补充:Java , Java EE
