Springsecurity之UserDetails

    先上一張圖，以下圖1所示:

                                       

                                                                       圖1 UserDetails的類圖

    UserDetails這個類的目的，《Pro Spring Security》的chapter3中，原文，"The interface org.springframework.security.core.userdetails.UserDetails object is the main abstraction in the system, and it’s used to represent a full user in the context of Spring Security. It is also made available to be accessed later in the system from any point that has access to SecurityContext. Normally, developers create their own implementation of this interface to store particular user details they need or want (like email, telephone, address, and so on). Later, they can access this information, which will be encapsulated in the Authentication object, and they can be obtained by calling the getPrincipal method on it"

    咱們能夠本身實現這個Userdetails接口，保存咱們想要的用戶信息，以後將這個UserDetails的實現類放在Authentication中，經過Authentication.getPrincipal()得到。