security3不登陆进入系统还要享受权限

需求五花八门,这次做个系统要求在其它系统里登陆,不能单点登陆,还要求按用户名读取用户权限.


但本系统中使用security  3.0.7,先简单修改登陆成自己的action,报如下错:

HTTP Status 500 - java.lang.String cannot be cast to com.huawei.vgop.security.entity.SysUsers

type Exception report

message java.lang.String cannot be cast to com.huawei.vgop.security.entity.SysUsers

description The server encountered an internal error that prevented it from fulfilling this request.

exception

java.lang.ClassCastException: java.lang.String cannot be cast to com.huawei.vgop.security.entity.SysUsers


接着就找源码,看看security能否改动,看了下主要涉及三个类UsernamePasswordAuthenticationFilter、DaoAuthenticationProvider、MessageDigestPasswordEncoder

将其改之,成功!


org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter

                          


org.springframework.security.authentication.dao.DaoAuthenticationProvider



org.springframework.security.authentication.encoding.MessageDigestPasswordEncoder


我的做法很简单,直接把源代码拷出来,按原包原类名覆盖掉原有,把逻辑改成自己需要的;

你可能感兴趣的:(security3不登陆进入系统还要享受权限)