堆栈内存溢出
  简体   繁体   English

在Spring MVC + AngularJS中管理用户登录的会话

[英]Manage user logged in sessions in Spring MVC + AngularJS

 原文  2016-07-07 20:16:05       java/ angularjs/ spring/ spring-mvc

问题描述

I was making an application with Spring which is providing the backend with the REST Api's and Angular managing the views part of the Application. 我使用Spring制作了一个应用程序,该应用程序为后端提供了REST Api和Angular来管理应用程序的视图部分。 I had a couple of questions. 我有几个问题。

I was thinking of maintaining a sessions in the app so that I can track the logged in Users and also know when they logout and other things. 我当时正在考虑在应用程序中维护会话,以便可以跟踪已登录的用户,还可以知道他们何时注销以及其他情况。 Moreover the Api's should be authenticated using token. 此外,应该使用令牌对Api进行身份验证。

My setup is Spring + Angular and PostgreSQL for Database and Hibernate as ORM. 我的设置是用于数据库的Spring + Angular和PostgreSQL,以及作为ORM的Hibernate。

2 个解决方案

解决方案1
 0  2016-07-07 20:42:10

Take a look into Spring security framework: 看一下Spring安全框架:

spring security official documentation Spring Security官方文档

Spring security getting started example Spring Security入门示例

解决方案2
 0 已采纳  2016-07-07 22:11:02

  1. To track login - You need to define a Spring Bean which implements org.springframework.context.ApplicationListener. 要跟踪登录 -您需要定义一个实现org.springframework.context.ApplicationListener的Spring Bean。

Then, in your code, do something like this: 然后,在您的代码中,执行以下操作: 

import org.springframework.context.ApplicationListener;

@Component
public class myLoginListener implements ApplicationListener<ApplicationEvent> {

public void onApplicationEvent(ApplicationEvent appEvent)
{
    if (appEvent instanceof AuthenticationSuccessEvent)
    {
        AuthenticationSuccessEvent event = (AuthenticationSuccessEvent) appEvent;
        UserDetails userDetails = (UserDetails) event.getAuthentication().getPrincipal();

        //track the logged in Users here ....
    }
}

2.To track logout - write a listener by implementing HttpSessionListener and use Spring Security as below.. 2.要跟踪注销 -通过实现HttpSessionListener编写侦听器并使用Spring Security ,如下所示。

sessionDestroyed() will be called just before the session is going to destroyed. sessionDestroyed()将在会话即将销毁之前被调用。 

@Component
public class mySessionListener implements javax.servlet.http.HttpSessionListener{

   @Override
    public void sessionDestroyed(HttpSessionEvent se) {
        HttpSession session = se.getSession();

    SecurityContextImpl springSecurityContext = (SecurityContextImpl)session.getAttribute("SPRING_SECURITY_CONTEXT");
    if(springSecurityContext!=null){
        Authentication authentication = springSecurityContext.getAuthentication();
        LdapUserDetails userDetails = (LdapUserDetailsImpl)authentication.getPrincipal();
     //track user logout here

}
...

You can refer this tutorial - Secure AnugularJS applications with spring security 您可以参考本教程- 具有Spring Security的安全AnugularJS应用程序

and this tutorial from the official site . 以及本教程来自官方网站

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 如何在Spring MVC中管理登录的会话 - How to manage logged in session in spring mvc Spring MVC获取当前登录用户 - Spring MVC get current logged in user 如何在Spring MVC中管理用户会话 - How to manage user session in Spring MVC Spring MVC - 检查用户是否已经通过 Spring 安全登录? - Spring MVC - Checking if User is already logged in via Spring Security? 如何管理用户身份验证/会话? - How to manage user authentication/sessions? Spring MVC从登录的用户获取用户ID - Spring mvc getting user id from logged user 管理Spring 3 MVC中的会话 - Managing sessions in Spring 3 MVC Spring MVC中的会话 - Sessions in Spring MVC RequestParam和会话Spring MVC - RequestParam and sessions Spring MVC 通过spring security(angularjs)获取登录用户的正确方法是什么 - What is the correct way to get the logged user via spring security (angularjs)
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM