SpringSecurity官方文档阅读翻译1-------结构体系的实现 (版本5.2.1持续连载中~)

SecurityContextHolder, SecurityContext and Authentication Objects这三个是security的核心组件

以下笔记全部出自于springsecurity官方文档:https://docs.spring.io/spring-security/site/docs/5.2.1.BUILD-SNAPSHOT/reference/htmlsingle/#tech-userdetailsservice    

1.SecurityContextHolder:The most fundamental object,This is where we store details of the present security context of the application, which includes details of the principal currently using the application(我们存放当应用的前安全上下文的详情,这个详情包括这个应用的当前主体对象的详情)。

-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------

2.Authentication:Spring Security uses an Authentication object to represent this informationspring security(使用这个对象,来呈现上面说的主体,并且这个身份验证对象不用自己去创建只需要通过)。

Object principal = SecurityContextHolder.getContext().getAuthentication().getPrincipal();

String username = ((UserDetails)principal).getUsername();即可以获取

这个代码需要注意的:

                                1 The object returned by the call to getContext() is an instance of the SecurityContext interface. This is the object that is kept in thread-local storage. As we’ll see below, most authentication mechanisms within Spring Security return an instance of UserDetails as the principal.

                                调用getContext()返回一个SecurityContext接口的对象,这个对象是保存在本地线程里的,大多数身份验证都是返回一个UserDetails接口对象作为主体。

                                2,从Authentication对象可以获得一个主体,并且这个主体基本上都可以转化成UserDetails对象。

-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------

4.UserDetailsService:UserDetails是连接你的数据库对象和springsecurity的SecurityContext的适配器,那么什么时候去提供UserDetails;

我们使用UserDetailsService接口的loadUserByUsername方法去加载用户信息。

UserDetails loadUserByUsername(String username)throwsUsernameNotFoundException;

只要需要用户信息,提供username,springsecurity就可以自动验证密码是否正确,然后加载这个用户。

-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------

5.GrantedAuthority:授权

通过Authentication 的 getAuthorities()方法获取当前用户的角色权限,返回几个collection包含GrantedAuthority对象,

GrantedAuthority objects are usually loaded by the UserDetailsService.

----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------

6总结

SecurityContextHolder, to provide access to the SecurityContext.   提供对SecurityContext的访问

SecurityContext, to hold the Authentication and possibly request-specific security information. 持有一个身份认证对象并且可能请求特定的安全信息

Authentication, to represent the principal in a Spring Security-specific manner.  提供一个在Spring特定安全方式中的主体

GrantedAuthority, to reflect the application-wide permissions granted to a principal.  去反射应用程序对一个主体授予的权限

UserDetails, to provide the necessary information to build an Authentication object from your application’s DAOs or other source of security data.  提供构建一个Authentication对象的必要信息从你的应用框架DAO或者其他安全源。

UserDetailsService, to create a UserDetails when passed in a String-based username (or certificate ID or the like).

你可能感兴趣的:(SpringSecurity官方文档阅读翻译1-------结构体系的实现 (版本5.2.1持续连载中~))