如何从Java中获取UserPrincipal的角色?
[英]How to get Roles from UserPrincipal in Java?
问题描述
I created a class(Named as CustomRequestWrapper ) which is implementing HttpServletRequestWrapper .In CustomRequestWrapper class i am setting user principal.Now in my code i want to get list of roles from the user principal.I tried to use GenericPrincipal Class from tomcat-catalina jar but i am getting casting exception CustomRequestWrapper cannot be cast to GenericPrincipal . 
我创建了一个实现HttpServletRequestWrapper的类(名为CustomRequestWrapper )。在CustomRequestWrapper类中我设置用户principal.Now在我的代码中我想从用户principal获取角色列表。我试图使用tomcat-catalina jar中的GenericPrincipal类但我得到了铸造异常CustomRequestWrapper无法强制转换为GenericPrincipal 。 Could any one have idea how to get roles from user principal? 有没有人知道如何从用户主体获取角色?
Note: I am using Apache Tomcat Server 注意:我正在使用Apache Tomcat Server
Here's my code: 这是我的代码:
public class CustomRequestWrapper extends javax.servlet.http.HttpServletRequestWrapper {
public CustomRequestWrapper(String User,List<String> roles,HttpServletRequest request) {
super(request);
this.user=User;
this.roles=roles;
this.realRequest=request;
headerMap = new HashMap();
}
String user;
List<String> roles = null;
HttpServletRequest realRequest;
private Map headerMap;
public void addHeader(String name, String value) {
headerMap.put(name, new String(value));
}
public Enumeration getHeaderNames() {
HttpServletRequest request = (HttpServletRequest) getRequest();
List list = new ArrayList();
for (Enumeration e = request.getHeaderNames(); e.hasMoreElements();) {
list.add(e.nextElement().toString());
}
for (Iterator i = headerMap.keySet().iterator(); i.hasNext();) {
list.add(i.next());
}
return Collections.enumeration(list);
}
public String getHeader(String name) {
Object value;
if ((value = headerMap.get("" + name)) != null)
return value.toString();
else
return ((HttpServletRequest) getRequest()).getHeader(name);
}
@override
public boolean isUserInRole(String role) {
if (roles == null) {
return this.realRequest.isUserInRole(role);
}
return roles.contains(role);
}
@override
public Principal getUserPrincipal() {
if (this.user == null) {
return realRequest.getUserPrincipal();
}
// make an anonymous implementation to just return our user
return new Principal() {
public String getName() {
return user;
}
};
}
} }
2 个解决方案
解决方案1
2 2014-06-05 11:46:49
The exception you mentioned may be the key to solve your issue 您提到的例外可能是解决您的问题的关键
CustomRequestWrapper cannot be cast to GenericPrincipal
You have to cast the Principal object and not the CustomRequestWrapper . 您必须转换Principal对象而不是CustomRequestWrapper 。 Here is a sample method that you can add under your CustomRequestWrapper class and which should return the list of user roles under Tomcat AS. 下面是一个示例方法,您可以在CustomRequestWrapper类下添加该方法,该方法应返回Tomcat AS下的用户角色列表。 (I assume that this is a messy method): (我认为这是一个混乱的方法):
private String[] getRolePrincipal() {
final GenericPrincipal genericPrincipal = (GenericPrincipal) getUserPrincipal();
return genericPrincipal.getRoles();
}
So the final CustomRequestWrapper will be as follows: 所以最终的CustomRequestWrapper将如下:
public class CustomRequestWrapper extends javax.servlet.http.HttpServletRequestWrapper
{
public CustomRequestWrapper(String User, List<String> roles, HttpServletRequest request)
{
super(request);
this.user = User;
this.roles = roles;
this.realRequest = request;
headerMap = new HashMap();
}
String user;
List<String> roles = null;
HttpServletRequest realRequest;
private Map headerMap;
public void addHeader(String name, String value)
{
headerMap.put(name, new String(value));
}
public Enumeration getHeaderNames()
{
HttpServletRequest request = (HttpServletRequest) getRequest();
List list = new ArrayList();
for (Enumeration e = request.getHeaderNames(); e.hasMoreElements(); )
{
list.add(e.nextElement().toString());
}
for (Iterator i = headerMap.keySet().iterator(); i.hasNext(); )
{
list.add(i.next());
}
return Collections.enumeration(list);
}
public String getHeader(String name)
{
Object value;
if ((value = headerMap.get("" + name)) != null)
return value.toString();
else
return ((HttpServletRequest) getRequest()).getHeader(name);
}
@Override
public boolean isUserInRole(String role)
{
if (roles == null)
{
return this.realRequest.isUserInRole(role);
}
return roles.contains(role);
}
@Override
public Principal getUserPrincipal()
{
if (this.user == null)
{
return realRequest.getUserPrincipal();
}
// make an anonymous implementation to just return our user
return new Principal()
{
public String getName()
{
return user;
}
};
}
public String[] getRolePrincipal() {
final GenericPrincipal genericPrincipal = (GenericPrincipal) getUserPrincipal();
return genericPrincipal.getRoles();
}
}
解决方案2
2 已采纳 2014-06-05 12:42:02
From your code, you inject the username and the roles into your CustomRequestWrapper in constructor. 从您的代码中,您将用户名和角色注入构造函数中的CustomRequestWrapper 。 As you have overriden getUserPrincipal in CustomRequestWrapper it returns no longer a tomcat GenericPrincipal but your anonymous class that only knows to return the name of the user you gave, this via getName() . 由于您在CustomRequestWrapper覆盖了getUserPrincipal ,因此它不再返回tomcat GenericPrincipal而是只知道返回您给出的用户名的匿名类,通过getName() 。 You should try to return a tomcat GenericPrincipal through 你应该尝试返回一个tomcat GenericPrincipal
@Override
public Principal getUserPrincipal()
{
if (this.user == null)
{
return realRequest.getUserPrincipal();
}
// return a forged GenericPrincipal
return new GenericPrincipal(user, "", roles);
}
Alternatively, you could create a custom implementation of Principal knowing about roles. 或者,您可以创建Principal的自定义实现,了解角色。
That will only work if you successfully inject your user and its roles at CustomRequestWrapper construction. 只有在CustomRequestWrapper构造中成功注入用户及其角色时, CustomRequestWrapper 。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.