Polish MVC doc
This commit is contained in:
parent
374aceed2b
commit
f09ce267b3
|
@ -5873,10 +5873,26 @@ Refer to the Javadoc for additional integrations with both the Java concurrent A
|
|||
|
||||
Spring Security provides a number of optional integrations with Spring MVC. This section covers the integration in further detail.
|
||||
|
||||
[[mvc-enablewebmvcsecurity]]
|
||||
=== @EnableWebMvcSecurity
|
||||
|
||||
To enable Spring Security integration with Spring MVC add the `@EnableWebMvcSecurity` annotation to your configuration. A typical example will look something like this:
|
||||
|
||||
[source,java]
|
||||
----
|
||||
@Configuration
|
||||
@EnableWebMvcSecurity
|
||||
public class SecurityConfig {
|
||||
// ...
|
||||
}
|
||||
----
|
||||
|
||||
[[mvc-authentication-principal]]
|
||||
=== @AuthenticationPrincipal
|
||||
|
||||
Spring Security provides ability to automatically resolve the current `Authentication.getPrincipal()` for Spring MVC arguments. This means that you can be entirely decoupled from Spring Security in your Spring MVC layer.
|
||||
Spring Security provides `AuthenticationPrincipalArgumentResolver` which can automatically resolve the current `Authentication.getPrincipal()` for Spring MVC arguments. By using <<mvc-enablewebmvcsecurity>> you will automatically have this added to your Spring MVC configuration. If you use XML based configuraiton, you must add this yourself.
|
||||
|
||||
Once `AuthenticationPrincipalArgumentResolver` is properly configured, you can be entirely decoupled from Spring Security in your Spring MVC layer.
|
||||
|
||||
Consider a situation where a custom `UserDetailsService` that returns an `Object` that implements `UserDetails` and your own `CustomUser` `Object`. The `CustomUser` of the currently authenticated user could be accessed using the following code:
|
||||
|
||||
|
|
Loading…
Reference in New Issue