那些遇到过的问题

未触发AuthenticationSuccessEvent或InteractiveAuthenticationSuccessEvent的@EventListener

Ser*_*hez 9 spring spring-mvc spring-security

我在Spring的上下文中有这个监听器:

package listeners;

import java.util.Date;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.event.EventListener;
import org.springframework.security.authentication.event.AbstractAuthenticationEvent;
import org.springframework.security.authentication.event.AuthenticationSuccessEvent;
import org.springframework.security.authentication.event.InteractiveAuthenticationSuccessEvent;
import org.springframework.stereotype.Component;
import services.UserService;
import services.security.CustomUserDetails;

/**
 *
 * @author sergio
 */
@Component
public class AuthenticationSuccessEventHandler{

    private static Logger logger = LoggerFactory.getLogger(AuthenticationSuccessEventHandler.class);

    @Autowired
    private UserService userService;

    @EventListener({AuthenticationSuccessEvent.class, InteractiveAuthenticationSuccessEvent.class})
    public void processAuthenticationSuccessEvent(AbstractAuthenticationEvent  e) {
        logger.info("Autenticación realizada ....");
        // Actualizamos la útltima fecha de acceso
        String username = ((CustomUserDetails) e.getAuthentication().getPrincipal()).getUsername();
        logger.info("Actualizando último acceso para user: " + username);
        userService.updateLastLoginAccess(username, new Date());
    }   
}
Run Code Online (Sandbox Code Playgroud)

根据Spring调试消息,这在上下文中成功创建.

DEBUG DefaultListableBeanFactory:448 - Creating instance of bean 'authenticationSuccessEventHandler'
2016-12-11 11:33:29 DEBUG InjectionMetadata:72 - Registered injected element on class [listeners.AuthenticationSuccessEventHandler]: AutowiredFieldElement for private services.UserService listeners.AuthenticationSuccessEventHandler.userService
Run Code Online (Sandbox Code Playgroud)

当我在应用程序中正确进行身份验证时,Spring Security不会发布任何事件,因此不会调用此事件侦听器.

我的Spring Security配置就是这样

@Configuration
@EnableWebSecurity
@ComponentScan(basePackageClasses = CustomUserDetailsService.class)
public class SecurityConfig extends WebSecurityConfigurerAdapter {

    @Autowired
    private UserDetailsService userDetailsService;

    @Bean
    public PasswordEncoder passwordEncoder() {
        PasswordEncoder encoder = new BCryptPasswordEncoder();
        return encoder;
    }

    @Override
    protected void configure(AuthenticationManagerBuilder auth) throws Exception {
        auth.userDetailsService(userDetailsService).passwordEncoder(passwordEncoder());
    }

    @Override
    protected void configure(HttpSecurity http) throws Exception {
        http.authorizeRequests()
                .antMatchers("/admin/signup").anonymous()
                .antMatchers("/admin/**").authenticated()
                .anyRequest().permitAll()
                .and()
                .formLogin().loginPage("/admin/login").permitAll()
                .usernameParameter("username").passwordParameter("password")
                .and()
                .logout()
                    .logoutRequestMatcher(new AntPathRequestMatcher("/admin/logout"))
                    .logoutSuccessUrl("/admin/login?logout")
                .and()
                .exceptionHandling().accessDeniedPage("/403")
                .and()
                .csrf();
    }
}
Run Code Online (Sandbox Code Playgroud)

SecurityWebApplicationInitializer

package config;

import org.springframework.security.web.context.AbstractSecurityWebApplicationInitializer;

/**
 *
 * @author sergio
 */
public class SecurityWebApplicationInitializer extends AbstractSecurityWebApplicationInitializer {

}
Run Code Online (Sandbox Code Playgroud)

我使用的是Spring Security 4.2.0.RELEASE.

fat*_*ddy 12

您可能需要注册事件发布基础结构(例如,通过配置DefaultAuthenticationEventPublisher).

@Configuration
@EnableWebSecurity
class SecurityConfig extends WebSecurityConfigurerAdapter {

    ...

    @Autowired
    public void configureGlobal(AuthenticationManagerBuilder auth) throws Exception {
        auth
            .authenticationEventPublisher(authenticationEventPublisher())
            .userDetailsService(userDetailsService)
            .passwordEncoder(passwordEncoder());
    }   

    @Bean
    public DefaultAuthenticationEventPublisher authenticationEventPublisher() {
        return new DefaultAuthenticationEventPublisher();
    }
}
Run Code Online (Sandbox Code Playgroud)

归档时间:

查看次数:

3820 次

最近记录:

6 年,5 月 前
相关归档
Hibernate中的EntityNotFoundException多数到一个映射但是存在数据 43
Spring Security中的"主要"是什么? 21
Spring + JSP url构建最佳实践 14
spring security - expiredUrl无效 13
在JSR-303自定义验证器中未自动装配的依赖关系 13
Spring 4 @RequestMapping - 使用vs头文件? 12
@WebMvcTest 测试类中的 NoSuchBeanDefinitionException 7
SwaggerSpringMvcPlugin不适用于Spring MVC 6
javax.persistence.TransactionRequiredException:没有事务正在进行,@Transactional(propagation=Propagation.REQUIRED) 不起作用 6
从 Spring Boot 控制器返回 JAXB 生成的元素 5
难疑归档
如何在本地和远程删除Git分支? 16311
关闭/隐藏Android软键盘 3641
如何在Windows上安装pip? 2469
静态类变量是否可能? 1824
在Vim中复制整行 1555
你什么时候使用git rebase而不是git merge? 1461
忽略git项目中的任何"bin"目录 1172
创建一个带参数的Bash别名? 1164
错误消息"未找到与约束合同名称匹配的导出" 1057
#Hibernate hbm2ddl.auto配置的可能值是什么,它们做了什么 1046