mirror of
https://github.com/spring-projects/spring-security.git
synced 2025-06-01 09:42:13 +00:00
Documents the new @AuthenticationPrincipal in more detail.
Fixes gh-3771
This commit is contained in:
parent
95a3e30d9f
commit
2ef3da1b47
@ -30,7 +30,7 @@ import org.springframework.security.core.Authentication;
|
|||||||
* @author Rob Winch
|
* @author Rob Winch
|
||||||
* @since 4.0
|
* @since 4.0
|
||||||
*
|
*
|
||||||
* See: <a href="{@docRoot}/org/springframework/security/messaging/context/AuthenticationPrincipalArgumentResolver.html">
|
* See: <a href="{@docRoot}/org/springframework/security/web/method/annotation/AuthenticationPrincipalArgumentResolver.html">
|
||||||
* AuthenticationPrincipalArgumentResolver
|
* AuthenticationPrincipalArgumentResolver
|
||||||
* </a>
|
* </a>
|
||||||
*/
|
*/
|
||||||
|
@ -6572,7 +6572,13 @@ NOTE: Spring Security provides the configuration using Spring MVC's http://docs.
|
|||||||
[[mvc-authentication-principal]]
|
[[mvc-authentication-principal]]
|
||||||
=== @AuthenticationPrincipal
|
=== @AuthenticationPrincipal
|
||||||
|
|
||||||
Spring Security provides `AuthenticationPrincipalArgumentResolver` which can automatically resolve the current `Authentication.getPrincipal()` for Spring MVC arguments. By using <<mvc-enablewebmvcsecurity>> you will automatically have this added to your Spring MVC configuration. If you use XML based configuraiton, you must add this yourself.
|
Spring Security provides `AuthenticationPrincipalArgumentResolver` which can automatically resolve the current `Authentication.getPrincipal()` for Spring MVC arguments. By using `@EnableWebSecurity` you will automatically have this added to your Spring MVC configuration. If you use XML based configuration, you must add this yourself. For example:
|
||||||
|
|
||||||
|
[source,xml]
|
||||||
|
----
|
||||||
|
<bean class="org.springframework.security.web.method.annotation.AuthenticationPrincipalArgumentResolver" />
|
||||||
|
----
|
||||||
|
|
||||||
|
|
||||||
Once `AuthenticationPrincipalArgumentResolver` is properly configured, you can be entirely decoupled from Spring Security in your Spring MVC layer.
|
Once `AuthenticationPrincipalArgumentResolver` is properly configured, you can be entirely decoupled from Spring Security in your Spring MVC layer.
|
||||||
|
|
||||||
@ -6580,10 +6586,6 @@ Consider a situation where a custom `UserDetailsService` that returns an `Object
|
|||||||
|
|
||||||
[source,java]
|
[source,java]
|
||||||
----
|
----
|
||||||
import org.springframework.security.web.bind.annotation.AuthenticationPrincipal;
|
|
||||||
|
|
||||||
// ...
|
|
||||||
|
|
||||||
@RequestMapping("/messages/inbox")
|
@RequestMapping("/messages/inbox")
|
||||||
public ModelAndView findMessagesForUser() {
|
public ModelAndView findMessagesForUser() {
|
||||||
Authentication authentication =
|
Authentication authentication =
|
||||||
@ -6598,6 +6600,10 @@ As of Spring Security 3.2 we can resolve the argument more directly by adding an
|
|||||||
|
|
||||||
[source,java]
|
[source,java]
|
||||||
----
|
----
|
||||||
|
import org.springframework.security.core.annotation.AuthenticationPrincipal;
|
||||||
|
|
||||||
|
// ...
|
||||||
|
|
||||||
@RequestMapping("/messages/inbox")
|
@RequestMapping("/messages/inbox")
|
||||||
public ModelAndView findMessagesForUser(@AuthenticationPrincipal CustomUser customUser) {
|
public ModelAndView findMessagesForUser(@AuthenticationPrincipal CustomUser customUser) {
|
||||||
|
|
||||||
|
@ -29,8 +29,7 @@ import org.springframework.security.core.Authentication;
|
|||||||
* should be resolved to the current user rather than a user that might be edited on a
|
* should be resolved to the current user rather than a user that might be edited on a
|
||||||
* form.
|
* form.
|
||||||
*
|
*
|
||||||
* @deprecated Use org.springframework.security.core.annotation.AuthenticationPrincipal
|
* @deprecated Use {@link org.springframework.security.core.annotation.AuthenticationPrincipal} instead.
|
||||||
* instead
|
|
||||||
*
|
*
|
||||||
* @author Rob Winch
|
* @author Rob Winch
|
||||||
* @since 3.2
|
* @since 3.2
|
||||||
|
@ -77,8 +77,7 @@ import org.springframework.web.method.support.ModelAndViewContainer;
|
|||||||
* }
|
* }
|
||||||
* </pre>
|
* </pre>
|
||||||
*
|
*
|
||||||
* @deprecated use org.springframework.security.web.method.annotation.
|
* @deprecated Use {@link org.springframework.security.web.method.annotation.AuthenticationPrincipalArgumentResolver} instead.
|
||||||
* AuthenticationPrincipalArgumentResolver
|
|
||||||
*
|
*
|
||||||
* @author Rob Winch
|
* @author Rob Winch
|
||||||
* @since 3.2
|
* @since 3.2
|
||||||
|
Loading…
x
Reference in New Issue
Block a user