Luchosuseadicto: How To getRoles in Spring Security

Hi i am building an application some kind of hr portal, here i need to login three types of users 'hr, employee and admin', i am planning to use spring security , i want these three to be logged in in a single loginpage Now the question is 1 - How to design a login form telling the user to select a user type(hr or emp or admin) 2 - When a user is logged in and control goes to a targeted controlled , how to identify which type of user has logged it (identify logged in user role basically) If any other best practice of getting three type of users logged in with a single login form and identify the login role ..plesae suggest Thanks

Example: JSF2.0+ Spring Security


import java.io.IOException;

import javax.faces.application.FacesMessage;
import javax.faces.bean.ManagedBean;
import javax.faces.bean.RequestScoped;
import javax.faces.context.ExternalContext;
import javax.faces.context.FacesContext;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.validation.constraints.Size;

import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Qualifier;
import org.springframework.security.authentication.AuthenticationManager;
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.AuthenticationException;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.security.web.savedrequest.HttpSessionRequestCache;
import org.springframework.security.web.savedrequest.SavedRequest;
import org.springframework.stereotype.Component;
import java.security.Principal;
import javax.security.auth.Subject;

import java.util.Collection;
import java.util.HashMap;
import java.util.List;
import java.util.Set;
import java.util.ArrayList;

@ManagedBean(name = "authenticationBean")
@RequestScoped
@Component
public class AuthenticationBean {
 public Principal principals ;
  public Set allPrincipals=null;
  public Subject subject=null;
  public ArrayList roles = new ArrayList();
  public String user = "";

 @Autowired
 @Qualifier("authenticationManager")
 protected AuthenticationManager authenticationManager;

 @Size(min = 1, message = "Username cannot be empty")
 private String username;

 @Size(min = 1, message = "Password cannot be empty")
 private String password;

 public AuthenticationBean() {

 }

 public void setUsername(String username) {
  this.username = username;
 }

 public String getUsername() {
  return username;
 }

 public void setPassword(String password) {
  this.password = password;
 }

 public String getPassword() {
  return password;
 }

 /**
  * @return
  * @throws IOException
  * @throws ServletException
  */
 public String login() throws IOException, ServletException {
  
  

  try {

   Authentication request = new UsernamePasswordAuthenticationToken(this.username, this.password);
 
   Collection authority = request.getAuthorities();
   
          for (GrantedAuthority granted : authority) {
           
           roles.add(granted.getAuthority());
           
                  
          }
          
          Authentication auth = SecurityContextHolder.getContext().getAuthentication();
          String name = auth.getName(); //get logged in username
          
   Authentication result = authenticationManager.authenticate(request);

   SecurityContextHolder.getContext().setAuthentication(result);
   
   ExternalContext context = FacesContext.getCurrentInstance().getExternalContext();
   
   HttpServletResponse responseHTTP = (HttpServletResponse) FacesContext.getCurrentInstance().getExternalContext().getResponse();
   
   HttpServletRequest requestHTTP = (HttpServletRequest)FacesContext.getCurrentInstance().getExternalContext().getRequest();

   SavedRequest defaultSavedRequest = new HttpSessionRequestCache().getRequest(requestHTTP, responseHTTP);
   
   context.redirect(defaultSavedRequest.getRedirectUrl());

   FacesContext.getCurrentInstance().responseComplete();

   return null;

  } catch (AuthenticationException e) {

   FacesContext.getCurrentInstance().addMessage(null, new FacesMessage(FacesMessage.SEVERITY_ERROR, e.getMessage(), e.getMessage()));
   return null;
  }



 }

 public String logout() throws IOException {
  this.username = "";
  this.password = "";
  ExternalContext context = FacesContext.getCurrentInstance().getExternalContext();
  context.redirect(context.getRequestContextPath() + "/j_spring_security_logout");
  FacesContext.getCurrentInstance().responseComplete();
  return null;
 }

}

& LOGIN.xhtml

Luchosuseadicto

How To getRoles in Spring Security

No hay comentarios.:

Problemas de activación WIFI6 en LG_OLED55CXPSA

Buscar este blog