spring security自定义filter的问题
用spring boot建的项目。
现在想自定义一个filter,要求实现用户名,密码,公司id一起验证。
下面是我的代码:
//这个是filter
public class UsernamePasswordSubdomainAuthenticationFilter extends AbstractAuthenticationProcessingFilter {
protected UsernamePasswordSubdomainAuthenticationFilter() {
super("/login");
}
@Override
public Authentication attemptAuthentication(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws AuthenticationException, IOException, ServletException {
String username = this.obtainUsername(httpServletRequest);
String password = this.obtainPassword(httpServletRequest);
String subdomain = this.obtainSubDomain(httpServletRequest);
if(username == null) {
username = "";
}
if(password == null) {
password = "";
}
if(subdomain == null){
subdomain = "";
}
username = username.trim();
UsernamePasswordSubdomainAuthenticationToken authRequest = new UsernamePasswordSubdomainAuthenticationToken(username, password, subdomain);
this.setDetails(httpServletRequest, authRequest);
return this.getAuthenticationManager().authenticate(authRequest);
}
protected void setDetails(HttpServletRequest request, UsernamePasswordSubdomainAuthenticationToken authRequest) {
authRequest.setDetails(this.authenticationDetailsSource.buildDetails(request));
}
public String obtainUsername(HttpServletRequest request) {
return request.getParameter("username");
}
public String obtainPassword(HttpServletRequest request) {
return request.getParameter("password");
}
public String obtainSubDomain(HttpServletRequest request) throws MalformedURLException {
URL url = new URL(request.getRequestURL().toString());
String subDomain = url.getHost().split("\\.")[0];
return subDomain;
}
}
//这个是配置
@Configuration
@EnableWebSecurity
public class SecurityConfig extends WebSecurityConfigurerAdapter {
// @Autowired
// private UsernamePasswordSubdomainAuthenticationFilter usernamePasswordSubdomainAuthenticationFilter;
@Bean
public UsernamePasswordSubdomainAuthenticationFilter usernamePasswordSubdomainAuthenticationFilter() {
System.out.println(this.authenticationManager);
UsernamePasswordSubdomainAuthenticationFilter filer = new UsernamePasswordSubdomainAuthenticationFilter();
filer.setAuthenticationManager(authenticationManager);
return filer;
}
// @Autowired
private AuthenticationManager authenticationManager;
@Autowired
public void configureGlobal(AuthenticationManagerBuilder auth) throws Exception {
auth
.inMemoryAuthentication()
.withUser("user") // #1
.password("pass")
.roles("USER")
.and()
.withUser("admin") // #2
.password("password")
.roles("ADMIN","USER");
}
@Override
public void configure(WebSecurity web) throws Exception {
// web
// .ignoring()
// .antMatchers("/resources/**"); // #3
}
@Override
protected void configure(HttpSecurity http) throws Exception {
http
.addFilter(usernamePasswordSubdomainAuthenticationFilter())
.formLogin().disable()
.httpBasic().disable()
.csrf()
.disable();
}
}然后报了下面的错误
Caused by: java.lang.IllegalArgumentException: authenticationManager must be specified
at org.springframework.util.Assert.notNull(Assert.java:112)
at org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter.afterPropertiesSet(AbstractAuthenticationProcessingFilter.java:164)
at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.invokeInitMethods(AbstractAutowireCapableBeanFactory.java:1633)
at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.initializeBean(AbstractA
展开
收起
1
条回答
写回答
写回答
-
我说我不帅他们就打我,还说我虚伪你没有给filter注入authenticationManager,authenticationManager可以从authentication-provider获取。
2019-07-17 18:53:50赞同 展开评论 打赏
版权声明:本文内容由阿里云实名注册用户自发贡献,版权归原作者所有,阿里云开发者社区不拥有其著作权,亦不承担相应法律责任。具体规则请查看《阿里云开发者社区用户服务协议》和《阿里云开发者社区知识产权保护指引》。如果您发现本社区中有涉嫌抄袭的内容,填写侵权投诉表单进行举报,一经查实,本社区将立刻删除涉嫌侵权内容。
相关问答
问答排行榜
最热
最新
相关课程
更多
推荐问答
相关文章
相关电子书
更多
