时间戳

首页 > 解决方案 > SecurityContextHolder.getContext().getAuthentication() 总是返回“anonymousUser”

spring - SecurityContextHolder.getContext().getAuthentication() 总是返回“anonymousUser”

问题描述

我使用以下配置创建了 Spring Boot 应用程序:

我的项目中有一个AuditConfiguration类,如下所示:

@Configuration
@EnableJpaAuditing(auditorAwareRef = "auditorProvider")
public class AuditConfiguration {

    @Bean
    public AuditorAware<String> auditorProvider() {
        return new AuditorAwareImpl();
    }

    class AuditorAwareImpl implements AuditorAware<String> {
        @Override
        public Optional<String> getCurrentAuditor() {
            Principal principal = 
            SecurityContextHolder.getContext().getAuthentication();
            return Optional.of(principal.getName());
        }
    }
}

并且SecurityContextHolder.getContext().getAuthentication()总是返回anonymousUser

但是,以下代码返回正确的用户名。

@RestController
@RequestMapping("/history")
public class HistoryEndpoint {

    @RequestMapping(value = "/username", method = RequestMethod.GET)
    @ResponseBody
    public String currentUserName(Principal principal) {
        return principal.getName();
    }
}

我需要你的帮助来解决这个问题。

标签: springspring-bootspring-security

解决方案

我使用以下课程获得了经过身份验证的用户。我遇到了 JPA 审计的问题。@CreatedBy 始终保存null。然后我尝试SecurityContextHolder.getContext().getAuthentication()使用此方法获取经过身份验证的用户。该方法返回annonymousUser。但是我的问题是固定的。

@ManagedBean
@EnableJpaAuditing
public class SpringSecurityAuditorAware implements AuditorAware<String> {

private final HttpServletRequest httpServletRequest;

public SpringSecurityAuditorAware(HttpServletRequest httpServletRequest) {
    this.httpServletRequest = httpServletRequest;
}

@Override
public Optional<String> getCurrentAuditor() {
    return Optional.ofNullable(httpServletRequest.getUserPrincipal())
            .map(Principal::getName);
}
}

推荐阅读