1

我在一个个人项目中工作,我使用 spring web mvc 和 spring security 4,所有基于注释的配置,并且我的自定义 UsernamePasswordAuthenticationFilter 从未达到,我正在丢失它,我已经搜索但我可以解决它,所以如果有人可以帮助,我将非常感激,所以这是我的代码

弹簧初始化

@Order(1)
public class SpringMvcInitializer  extends AbstractAnnotationConfigDispatcherServletInitializer  {

    @Override
    protected Class<?>[] getRootConfigClasses() {
        return new Class[]{AppConfig.class};
    }

    @Override
    protected Class<?>[] getServletConfigClasses() {
        return null;
    }

    @Override
    protected String[] getServletMappings() {
        return new String[]{"/"};
    }


}

安全初始化

@Order(2)
public class SecurityInitializer extends AbstractSecurityWebApplicationInitializer {

}

Spring bean 声明和上下文内容

@EnableWebMvc
@Configuration
@ComponentScan({"app","server"})
@Import({ SecurityContext.class })
public class AppConfig extends WebMvcConfigurerAdapter {

    @Override   
    public void addResourceHandlers(ResourceHandlerRegistry registry) {
           registry.addResourceHandler("/resources/**").addResourceLocations("/META-INF/resources/");
      }
    @Bean
    public InternalResourceViewResolver viewResolver(){
        InternalResourceViewResolver resolver = new  InternalResourceViewResolver();
        resolver.setSuffix(".jsp");
        resolver.setPrefix("/WEB-INF/views/");
        resolver.setContentType("text/html; charset=UTF-8");
        resolver.setViewClass(JstlView.class);
        return resolver;
    }
    @Bean
    public DriverManagerDataSource dataSource(){
        DriverManagerDataSource driver = new DriverManagerDataSource();
        driver.setDriverClassName("com.mysql.jdbc.Driver");
        driver.setUrl("jdbc:mysql://localhost:3306/dberp-1");
        driver.setUsername("root");
        driver.setPassword("123456");
        return driver;
    }
    @Bean
    public LocalSessionFactoryBean sessionFactory(){
        LocalSessionFactoryBean session = new LocalSessionFactoryBean();
        session.setDataSource(dataSource());
        String[] pakages = {"model"};
        session.setPackagesToScan(pakages);
        Properties prop = new Properties();
        prop.put("dialect", MySQLDialect.class);
        session.setHibernateProperties(prop);
        return session;
    }

}

我几乎可以肯定我在这个 SecurityContext 类中做错了什么......

@Configuration
@EnableWebSecurity
public class SecurityContext extends WebSecurityConfigurerAdapter {


    @Override
    protected void configure(HttpSecurity  http) throws Exception{
        http
            .exceptionHandling()
                 .authenticationEntryPoint(authenticationEntryPoint())
                 .and()
            .addFilterBefore(authenticationFilter(), UsernamePasswordAuthenticationFilter.class) 
            .authorizeRequests()
                 .antMatchers("/login","/resources/**").anonymous()
                 .antMatchers("/users").hasAuthority("admin")
                 .antMatchers("/**").hasAnyAuthority("employee","admin")
                 .and()
             .logout()
                .logoutSuccessUrl("/login")
                .invalidateHttpSession(true)
                .logoutUrl("/logout")
                .and()
             .csrf().disable();

    }

    @Bean   
    public AuthenticationEntryPoint authenticationEntryPoint(){
        AuthenticationEntryPoint entryAuth = new LoginUrlAuthenticationEntryPoint("/login");

        return entryAuth;
    } 
    @Bean(name="customAuthenticationManager")
    @Override
    protected AuthenticationManager authenticationManager() throws Exception {
        AuthenticationManager authManager = new CustomAuthenticationManager();
        return authManager;
    };
    @Bean
    public UsernamePasswordAuthenticationFilter authenticationFilter() throws Exception{
        /*UsernamePasswordAuthenticationFilter authFilter = new UsernamePasswordAuthenticationFilter();
        authFilter.setAuthenticationManager(authenticationManager());
        authFilter.setAuthenticationSuccessHandler(new SimpleUrlAuthenticationSuccessHandler("/home"));
        authFilter.setAuthenticationFailureHandler(new SimpleUrlAuthenticationFailureHandler("/login?error"));*/
        UsernamePasswordAuthenticationFilter authFilter = new AuthFilter();
        authFilter.setAuthenticationManager(authenticationManager());
        authFilter.setAuthenticationSuccessHandler(new SimpleUrlAuthenticationSuccessHandler("/home"));
        authFilter.setAuthenticationFailureHandler(new SimpleUrlAuthenticationFailureHandler("/login?error"));
        authFilter.setRequiresAuthenticationRequestMatcher(new AntPathRequestMatcher("/login", "POST"));

        return authFilter;
    }


}
4

0 回答 0