Python中文网

一个关于 编程问题的解答网站.

有 Java 编程相关的问题?

你可以在下面搜索框中键入要查询的问题!

Spring安全更新身份验证成功时的最后登录日期

9 月 Questions & Answers

如何在认证成功时启动我的方法? 我想更新我的数据库列“上次登录日期”。在谷歌上四处查看,但仍然不明白应该如何做

这是我的春季保安。xml

<beans:beans xmlns="http://www.springframework.org/schema/security"
         xmlns:beans="http://www.springframework.org/schema/beans" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
         xsi:schemaLocation="http://www.springframework.org/schema/beans
http://www.springframework.org/schema/beans/spring-beans-3.0.xsd
http://www.springframework.org/schema/security
http://www.springframework.org/schema/security/spring-security-3.2.xsd"
         xmlns:security="http://www.springframework.org/schema/security">

<beans:bean id="dataSource1" class="org.springframework.jdbc.datasource.DriverManagerDataSource">
    <beans:property name="driverClassName" value="com.mysql.jdbc.Driver"/>
    <beans:property name="url" value="jdbc:mysql://localhost:3306/myDB"/>
    <beans:property name="username" value="root"/>
    <beans:property name="password" value="root"/>
</beans:bean>

<!-- login page are exempted from security-->
<security:http pattern="/login" security="none"/>

<security:http auto-config="true">
    <intercept-url pattern="/page1" access="ROLE_USER_ADMIN,ROLE_ADMIN,ROLE_PAGE1" />
    <intercept-url pattern="/page2" access="ROLE_USER_ADMIN,ROLE_ADMIN,ROLE_PAGE2" />
    <intercept-url pattern="/page3" access="ROLE_USER_ADMIN,ROLE_ADMIN,ROLE_PAGE3" />    
    <intercept-url pattern="/*" access="ROLE_USER_ADMIN,ROLE_ACCOUNT" />  <!--/** all url -->

    <security:session-management>
        <security:concurrency-control
            max-sessions="2"
            expired-url="/login"  />
    </security:session-management>


    <!-- access deny for non privileged user -->
    <access-denied-handler error-page="/access-denied" />

    <!-- Logout -->
    <logout logout-success-url="/login?logout"  />
</security:http>


<beans:bean id="authenticationSuccessHandler" class="org.springframework.security.web.authentication.SavedRequestAwareAuthenticationSuccessHandler">
    <!-- After login, return to the last visited page -->
    <beans:property name="useReferer" value="true" />
</beans:bean>

<beans:bean id="authenticationSuccessHandlerWithoutReferer" class="org.springframework.security.web.authentication.SavedRequestAwareAuthenticationSuccessHandler">
    <!-- After login, stay to the same page -->
    <beans:property name="useReferer" value="false" />
</beans:bean>
<beans:bean class="org.springframework.security.web.access.expression.DefaultWebSecurityExpressionHandler"/>
<authentication-manager>
    <authentication-provider>
        <jdbc-user-service data-source-ref="dataSource1" 
                           users-by-username-query="query-for-username-and-password"
                           authorities-by-username-query="query-for-username-enabled-authority" />
        <password-encoder hash="md5"/>

    </authentication-provider>
</authentication-manager>

我是春天安全的新手。希望有人能帮我

编辑

@Component
public class MyAuthenticationSuccessHandler extends SavedRequestAwareAuthenticationSuccessHandler {

@Autowired
AppUserDAO appUserDAO;

@Override
public void onAuthenticationSuccess(HttpServletRequest request, HttpServletResponse response,
    Authentication authentication) throws IOException, ServletException {

     SimpleDateFormat df = new SimpleDateFormat("yyyy-MM-dd HH:mm:ss");
    String a = df.format(new Date());


    System.out.println(authentication.getName()+"@@@ "+a);

    Authentication auth = SecurityContextHolder.getContext().getAuthentication();

        String username = auth.getPrincipal().toString();

        appUserDAO.updateLastLoginAndIp(a, username);


}
}

共 (0) 个答案