[英]How to get Roles from UserPrincipal in Java?
I created a class(Named as CustomRequestWrapper ) which is implementing HttpServletRequestWrapper .In CustomRequestWrapper class i am setting user principal.Now in my code i want to get list of roles from the user principal.I tried to use GenericPrincipal Class from tomcat-catalina jar but i am getting casting exception CustomRequestWrapper cannot be cast to GenericPrincipal . 我创建了一个实现HttpServletRequestWrapper的类(名为CustomRequestWrapper )。在CustomRequestWrapper类中我设置用户principal.Now在我的代码中我想从用户principal获取角色列表。我试图使用tomcat-catalina jar中的GenericPrincipal类但我得到了铸造异常CustomRequestWrapper无法强制转换为GenericPrincipal 。 Could any one have idea how to get roles from user principal?
有没有人知道如何从用户主体获取角色?
Note: I am using Apache Tomcat Server 注意:我正在使用Apache Tomcat Server
Here's my code: 这是我的代码:
public class CustomRequestWrapper extends javax.servlet.http.HttpServletRequestWrapper {
public CustomRequestWrapper(String User,List<String> roles,HttpServletRequest request) {
super(request);
this.user=User;
this.roles=roles;
this.realRequest=request;
headerMap = new HashMap();
}
String user;
List<String> roles = null;
HttpServletRequest realRequest;
private Map headerMap;
public void addHeader(String name, String value) {
headerMap.put(name, new String(value));
}
public Enumeration getHeaderNames() {
HttpServletRequest request = (HttpServletRequest) getRequest();
List list = new ArrayList();
for (Enumeration e = request.getHeaderNames(); e.hasMoreElements();) {
list.add(e.nextElement().toString());
}
for (Iterator i = headerMap.keySet().iterator(); i.hasNext();) {
list.add(i.next());
}
return Collections.enumeration(list);
}
public String getHeader(String name) {
Object value;
if ((value = headerMap.get("" + name)) != null)
return value.toString();
else
return ((HttpServletRequest) getRequest()).getHeader(name);
}
@override
public boolean isUserInRole(String role) {
if (roles == null) {
return this.realRequest.isUserInRole(role);
}
return roles.contains(role);
}
@override
public Principal getUserPrincipal() {
if (this.user == null) {
return realRequest.getUserPrincipal();
}
// make an anonymous implementation to just return our user
return new Principal() {
public String getName() {
return user;
}
};
}
} }
The exception you mentioned may be the key to solve your issue 您提到的例外可能是解决您的问题的关键
CustomRequestWrapper cannot be cast to GenericPrincipal
You have to cast the Principal
object and not the CustomRequestWrapper
. 您必须转换
Principal
对象而不是CustomRequestWrapper
。 Here is a sample method that you can add under your CustomRequestWrapper
class and which should return the list of user roles under Tomcat AS. 下面是一个示例方法,您可以在
CustomRequestWrapper
类下添加该方法,该方法应返回Tomcat AS下的用户角色列表。 (I assume that this is a messy method): (我认为这是一个混乱的方法):
private String[] getRolePrincipal() {
final GenericPrincipal genericPrincipal = (GenericPrincipal) getUserPrincipal();
return genericPrincipal.getRoles();
}
So the final CustomRequestWrapper
will be as follows: 所以最终的
CustomRequestWrapper
将如下:
public class CustomRequestWrapper extends javax.servlet.http.HttpServletRequestWrapper
{
public CustomRequestWrapper(String User, List<String> roles, HttpServletRequest request)
{
super(request);
this.user = User;
this.roles = roles;
this.realRequest = request;
headerMap = new HashMap();
}
String user;
List<String> roles = null;
HttpServletRequest realRequest;
private Map headerMap;
public void addHeader(String name, String value)
{
headerMap.put(name, new String(value));
}
public Enumeration getHeaderNames()
{
HttpServletRequest request = (HttpServletRequest) getRequest();
List list = new ArrayList();
for (Enumeration e = request.getHeaderNames(); e.hasMoreElements(); )
{
list.add(e.nextElement().toString());
}
for (Iterator i = headerMap.keySet().iterator(); i.hasNext(); )
{
list.add(i.next());
}
return Collections.enumeration(list);
}
public String getHeader(String name)
{
Object value;
if ((value = headerMap.get("" + name)) != null)
return value.toString();
else
return ((HttpServletRequest) getRequest()).getHeader(name);
}
@Override
public boolean isUserInRole(String role)
{
if (roles == null)
{
return this.realRequest.isUserInRole(role);
}
return roles.contains(role);
}
@Override
public Principal getUserPrincipal()
{
if (this.user == null)
{
return realRequest.getUserPrincipal();
}
// make an anonymous implementation to just return our user
return new Principal()
{
public String getName()
{
return user;
}
};
}
public String[] getRolePrincipal() {
final GenericPrincipal genericPrincipal = (GenericPrincipal) getUserPrincipal();
return genericPrincipal.getRoles();
}
}
From your code, you inject the username and the roles into your CustomRequestWrapper
in constructor. 从您的代码中,您将用户名和角色注入构造函数中的
CustomRequestWrapper
。 As you have overriden getUserPrincipal
in CustomRequestWrapper
it returns no longer a tomcat GenericPrincipal
but your anonymous class that only knows to return the name of the user you gave, this via getName()
. 由于您在
CustomRequestWrapper
覆盖了getUserPrincipal
,因此它不再返回tomcat GenericPrincipal
而是只知道返回您给出的用户名的匿名类,通过getName()
。 You should try to return a tomcat GenericPrincipal
through 你应该尝试返回一个tomcat
GenericPrincipal
@Override
public Principal getUserPrincipal()
{
if (this.user == null)
{
return realRequest.getUserPrincipal();
}
// return a forged GenericPrincipal
return new GenericPrincipal(user, "", roles);
}
Alternatively, you could create a custom implementation of Principal knowing about roles. 或者,您可以创建Principal的自定义实现,了解角色。
That will only work if you successfully inject your user and its roles at CustomRequestWrapper
construction. 只有在
CustomRequestWrapper
构造中成功注入用户及其角色时, CustomRequestWrapper
。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.