我正在尝试创建自定义用户名密码验证过滤器,因为我需要验证来自两个不同来源的密码.我正在使用Spring Boot 1.2.1和Java配置.我在部署时遇到的错误是
Caused by: org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'customUsernamePasswordAuthenticationFilter' defined in file [/Users/rjmilitante/Documents/eclipse-workspace/login-service/bin/com/elsevier/eols/loginservice/CustomUsernamePasswordAuthenticationFilter.class]: Invocation of init method failed; nested exception is java.lang.IllegalArgumentException: authenticationManager must be specified … Caused by: java.lang.IllegalArgumentException: authenticationManager must be specified
我不确定我错过了什么.我一直在尝试在SecurityConfig中为此过滤器设置authenticationManager.我的代码看起来像
我的过滤器:
@Component public class CustomUsernamePasswordAuthenticationFilter extends AbstractAuthenticationProcessingFilter { public CustomUsernamePasswordAuthenticationFilter(RequestMatcher requiresAuthenticationRequestMatcher) { super(requiresAuthenticationRequestMatcher); // TODO Auto-generated constructor stub } public CustomUsernamePasswordAuthenticationFilter() { super(new AntPathRequestMatcher("/login","POST")); // TODO Auto-generated constructor stub } public Authentication attemptAuthentication(HttpServletRequest request, HttpServletResponse response) throws AuthenticationException { // String dbValue = request.getParameter("dbParam"); // request.getSession().setAttribute("dbValue", dbValue); System.out.println("attempting to authentificate"); while (request.getAttributeNames().hasMoreElements()) { String e = (String) request.getAttributeNames().nextElement(); System.out.println("param name : " + e + " and param value : " + request.getAttribute(e)); } return null; } }
我的安全配置:
@Configuration @EnableWebSecurity @EnableGlobalMethodSecurity(prePostEnabled = true) public class SecurityConfig extends WebSecurityConfigurerAdapter{ @Bean public PasswordEncoder passwordEncoder() { return new BCryptPasswordEncoder(); } @Bean(name="loginService") public LoginService loginService(){ return new LoginServiceImpl(); } @Bean( name="myAuthenticationManager") @Override public AuthenticationManager authenticationManagerBean() throws Exception { return super.authenticationManagerBean(); } @Bean CustomUsernamePasswordAuthenticationFilter customUsernamePasswordAuthenticationFilter() throws Exception { CustomUsernamePasswordAuthenticationFilter customUsernamePasswordAuthenticationFilter = new CustomUsernamePasswordAuthenticationFilter(); customUsernamePasswordAuthenticationFilter.setAuthenticationManager(authenticationManagerBean()); return customUsernamePasswordAuthenticationFilter; } @Autowired private myAuthenticationProvider myAuthenticationProvider; protected void configure(HttpSecurity http) throws Exception { http.csrf().disable() .authorizeRequests() .anyRequest().authenticated() .and() /*.addFilterBefore(customUsernamePasswordAuthenticationFilter(), UsernamePasswordAuthenticationFilter.class)*/; } public void configure(AuthenticationManagerBuilder auth) throws Exception { auth.authenticationProvider(myAuthenticationProvider); } }
有人可以看看吗?不确定它是什么.
该文件对AbstractAuthenticationProcessingFilter
必须设置的状态AuthenticationManager
.
我建议你尝试在你的CustomUsernamePasswordAuthenticationFilter
类中添加以下代码:
@Override @Autowired public void setAuthenticationManager(AuthenticationManager authenticationManager) { super.setAuthenticationManager(authenticationManager); }
我实际上已经过了错误.我只需@Component
要从自定义过滤器中删除注释.