2020年8月11日 00:05:12go评论85阅读模式

英文:

Spring Security - How to get the roles assigned to user

问题

我正在实施基于JWT的角色授权。我正在通过Postman测试我的API。

用户首先发出“POST”请求并在其中注册，我们传递名字，员工ID和密码。用户成功注册后，返回一个响应，包括一个名为“roles”的列，初始值为“null”。然后，我手动分配用户角色。我的“ROLE”表中有两个角色，即ADMIN或USER，我手动分配它们。

在此之后，用户需要进行身份验证或登录，以生成令牌。

到目前为止，一切都正确。令牌已生成，但尽管我手动分配了用户ADMIN角色，但它仍然返回roles的值为null。我如何获取分配给用户的角色？请帮助。我在下面粘贴了一些代码：

以下是用户身份验证的API：AuthenticationController

final Authentication authentication = authenticationManager.authenticate(
    new UsernamePasswordAuthenticationToken(
        authenticationRequest.getEmpID(),
        authenticationRequest.getPswd()
    )
);
SecurityContextHolder.getContext().setAuthentication(authentication);

final String token = jwtTokenUtil.generateToken(userDetails, authentication);

List<String> roles = authentication.getAuthorities().stream()
    .map(item -> item.getAuthority())
    .collect(Collectors.toList());

正如您在这里所看到的，我已经定义了角色。在用户进行身份验证时，我如何获取角色？

我根据上面提到的添加了以下内容：

List<String> roles = authentication.getAuthorities().stream()
    .map(item -> item.getAuthority())
    .collect(Collectors.toList());

它似乎没有起作用。我还缺少什么？

Users.java：

public class Users {

    @Id
    @GeneratedValue(strategy = GenerationType.AUTO)
    @Column(name = "USER_ID")
    private Long id;

    //其他列

    @ManyToMany(cascade = CascadeType.ALL, fetch = FetchType.EAGER)
    @JoinTable(name = "CONFIG_USERROLE", joinColumns = @JoinColumn(name = "USER_ID"), inverseJoinColumns = @JoinColumn(name = "ROLE_ID"))
    private Set<Role> roles;

    public Users() {

    }
}

Role.java：

public class Role {

    @Id
    @GeneratedValue(strategy = GenerationType.AUTO)
    @Column(name = "ROLE_ID")
    private Long id;

    @Column(name = "ROLE")
    private String role;
}

英文:

I am implementing JWT Role Based Authorization. I am testing my apis through postman.

The users first makes a POST request and registers itself where we pass in the firstname, empid and password. The user on successfull registarion returns a response including a column roles which is null in the starting. Then I manually assign the user role. I have two roles in myROLE table i.e ADMIN or USER which I assign them manually.

After this, the user needs to authenticate or sign in in order for the token to be gnenrated.

Upto this point everything is correct. The token is being generated but it returns me the roles values null even though I have assigned the user ADMIN role manually. How do I get the roles assigned to user? please help. I am pasting some code below:

Below is my api for user authentication : AuthenticationController

	final Authentication authentication = authenticationManager.authenticate(
            new UsernamePasswordAuthenticationToken(
				authenticationRequest.getEmpID(),
				authenticationRequest.getPswd()
            )
    );
	SecurityContextHolder.getContext().setAuthentication(authentication);
	
	final String token = jwtTokenUtil.generateToken(userDetails 
      ,authentication);


	List&lt;String&gt; roles = authentication.getAuthorities().stream()
	.map(item -&gt; item.getAuthority())
	.collect(Collectors.toList());

As you can see here I have roles defined. How do I get the roles when authenticating the user?

I added this as mentioned above:

 List&lt;String&gt; roles = authentication.getAuthorities().stream()
	.map(item -&gt; item.getAuthority())
	.collect(Collectors.toList());

It does not seem to do anything. What else I am missing?

Users.java:

public class Users {

@Id
@GeneratedValue(strategy = GenerationType.AUTO)
@Column(name = &quot;USER_ID&quot;)
private Long id;

//other columns

@ManyToMany(cascade = CascadeType.ALL, fetch = FetchType.EAGER)
@JoinTable(name = &quot;CONFIG_USERROLE&quot;, joinColumns = @JoinColumn(name = 
&quot;USER_ID&quot;), inverseJoinColumns = @JoinColumn(name = &quot;ROLE_ID&quot;))
private Set&lt;Role&gt; roles; 

public Users(){

}

Role.java:

 public class Role {

@Id
@GeneratedValue(strategy = GenerationType.AUTO)
@Column(name = &quot;ROLE_ID&quot;)
private Long id;

@Column(name = &quot;ROLE&quot;)
private String role;

答案1

得分: 0

只需将以下行添加到AuthenticationController中，在获取角色列表后，将其设置到UserDetailsWithToken对象中：

UserDetailsWithToken.setRoles(roles);

英文:

You need to set the roles in your UserDetailsWithToken to get them on the response object. They are only set on the JWT object.

Just add the following line to your AuthenticationController, after obtaining the roles list

UserDetailsWithToken.setRoles(roles);

通过集体智慧和协作来改善编程学习和解决问题的方式。致力于成为全球开发者共同参与的知识库，让每个人都能够通过互相帮助和分享经验来进步。

Spring Security – 如何获取分配给用户的角色

问题

答案1

文本转语音在Android Studio中无法正常工作。

尝试在按下回车键时发送一条消息。

单例模式来自库类

更改壁纸使用Java。

What's the correct way to type hint an empty list as a literal in python?

如何在Highcharts Gantt中更改本地化的星期名称

如何在同一个流中使用多个过滤器和映射函数？

如何使用Map/Set来将代码优化到O(n)？

.NET MAUI Android在GitHub Actions上构建失败，错误代码为1。

如何在Playwright视觉比较中屏蔽多个定位器？

在C++中，可以使用可变模板参数来检索类型的内部类型。

selenium.common.exceptions.StaleElementReferenceException: Message: stale element reference: stale element not found

Creating and opening a URL to log in to Website via Basic Auth with Robot Framework/Selenium (Python)

AG Grid 在上下文菜单中以大文本形式打开

发表评论