0
转发我已经配置了我所有的春季安全和OAuth令牌获取等春天的OAuth拦截REST API的调用,并从一个拦截器
但我必须验证从DB用户在每个REST API调用?
这是我的例子API:
@GET
@Path("/getUUID")
public Response getUUID(@Context HttpServletRequest request, final @Context SecurityContext securityContext) {
//here do i have to do this in each api or there is one filter that can i write and pass this user object from that to api
User loadUser = loadUserFromSecurityContext(securityContext);
}
protected User loadUserFromSecurityContext(SecurityContext securityContext) {
OAuth2Authentication requestingUser = (OAuth2Authentication) (securityContext).getUserPrincipal();
String principal = requestingUser.getUserAuthentication().getName();
User user = null;
user = new UserDAO().getUser(principal);
return user;
}
我有这些确切的设置,但拦截器没有收到请求。任何想法 ? –