Clever Geek Handbook

Java.security.Principal - Create in HttpServletRequest and Spring Security

  • I can't seem to find a way to create java.security.Principal in the HttpServletRequest - who is responsible? How it's done? Does it have to be stored in the session?

  • How does it relate to Spring security?

  • Are there any alternatives to Spring Security that uses the Principal to authorize / authenticate the user?

  • How do I implement my own user authorization / authentication so that Principal contains the current user?

+3


source to share


2 answers


  • usually, the main object placing the session after a successful login. See documentation .
  • Sprinter Authentication

    interface extends interfacePrincipal

  • Alternatively, you can use Apache Shiro
  • Implement your own UserDetailsService

    , which will return a User object (it must implement the UserDetails interface). See docs .


+5


source


The principal will be set to Spring Security based on your Spring Security configuration.



To implement this see http://static.springsource.org/spring-security/site/docs/3.1.x/reference/springsecurity.html

-1


source






More articles:


All Articles