spring security 切换用户 |

3月 11, 2018 | Nix.Huang

<http use-expressions="false">
	<intercept-url pattern="/switchuser.jsp" access="ROLE_SUPERVISOR"/>
	<intercept-url pattern="/login/impersonate" access="ROLE_SUPERVISOR"/>
	<custom-filter ref="switchUserProcessingFilter" position="SWITCH_USER_FILTER"/>
</http>

<b:bean id="switchUserProcessingFilter" class="org.springframework.security.web.authentication.switchuser.SwitchUserFilter" autowire="byType">
	<b:property name="targetUrl" value="/secure/index.htm"/>
</b:bean>

<intercept-url pattern="/switchuser.jsp" access="ROLE_SUPERVISOR"/>

<intercept-url pattern="/login/impersonate" access="ROLE_SUPERVISOR"/>

<custom-filter ref="switchUserProcessingFilter" position="SWITCH_USER_FILTER"/>

</http>

<b:bean id="switchUserProcessingFilter" class="org.springframework.security.web.authentication.switchuser.SwitchUserFilter" autowire="byType">

<b:property name="targetUrl" value="/secure/index.htm"/>

</b:bean>

用户使用"/login/impersonate"切换用户，使用"/login/impersonate" 退出切换的用户， switchUserProcessingFilter的targetUrl属性指定当退出切换用户后应该重定向的目标地址，"/login/impersonate"路径需要权限保护

Posted in: Spring Security

知行合一，止于至善

spring security 切换用户

站内搜索