/**
* After returning, grab the user, check if they've been modified and reset
* the SecurityContext if they have.
*
* @param returnValue
* the user object
* @param method
* the name of the method executed
* @param args
* the arguments to the method
* @param target
* the target class
* @throws Throwable
* thrown when args[0] is null or not a User object
*/
public void afterReturning(Object returnValue, Method method,
Object[] args, Object target) throws Throwable {
User user = (User) args[0];
if (user.getVersion() != null) {
// reset the authentication object if current user
Authentication auth = SecurityContextHolder.getContext()
.getAuthentication();
AuthenticationTrustResolver resolver = new AuthenticationTrustResolverImpl();
// allow new users to signup - this is OK b/c Signup doesn't allow
// setting of roles
boolean signupUser = resolver.isAnonymous(auth);
if (auth != null && !signupUser) {
User currentUser = getCurrentUser(auth);
if (currentUser.getId().equals(user.getId())) {
auth = new UsernamePasswordAuthenticationToken(user, user
.getPassword(), user.getAuthorities());
SecurityContextHolder.getContext().setAuthentication(auth);
}
}
}
}
UserSecurityAdvice.java 文件源码
java
阅读 31
收藏 0
点赞 0
评论 0
项目:gisgraphy
作者:
评论列表
文章目录
