自动登录acegi安全

Question

有没有一种方法可以避免使用acegi安全模块的servlet应用程序中基于表单的登录？我想通过某种方式将登录名和密码传递给URL。我试着打电话给这样的事情：

GrantedAuthority[] grantedAuthorities = new GrantedAuthority[] {new GrantedAuthorityImpl("ROLE_ADMIN")}; 
UsernamePasswordAuthenticationToken authentication = new UsernamePasswordAuthenticationToken("admin", "passwordofadmin", grantedAuthorities); 
WebAuthenticationDetails authdetails = (WebAuthenticationDetails) authentication.getDetails(); 
HttpSession session = event.getSession(); 
ProviderManager pm = (ProviderManager)WebApplicationContextUtils.getWebApplicationContext(session.getServletContext()).getBean("authenticationManager"); 
pm.doAuthentication(authentication); 
SecurityContextHolder.getContext().setAuthentication(authentication); 

在 HttpSessionCreatedEvent事件的处理程序

，我收到AuthenticationSuccessEvent事件，但随后Failure事件还接收并显示认证形式。

Answer 1

首先，您必须重写xml中的UserDetailsS​​ervice。事情是这样的：

<bean id="userService" class="com.security.UserSecurityService" > 
    ... 
</bean> 

然后写自己的service.like：

public class UserSecurityService implements UserDetailsService { 
public UserDetails loadUserByUsername(String username) 
     throws UsernameNotFoundException, DataAccessException{ 

User user =userDAO.findByUsername(username); 
GrantedAuthority[] grantedRoles = {new GrantedAuthorityImpl("ROLE_USER")}; 

     secUsr = new User(user.getUsername(), user.getPassword(), true, grantedRoles); 

我希望这将有助于你