我想这个下实现与Spring Security的定制无国籍身份验证的文章
我面临的问题是框架没有调用我的自定义过滤器,即使我的SecurityConfig看起来与上一个链接看起来几乎相同(稍微简单一点):
@Configuration
@EnableWebMvcSecurity
@EnableGlobalMethodSecurity(prePostEnabled = true)
public class SecurityConfig extends WebSecurityConfigurerAdapter {
@Autowired
@Qualifier("appAuthenticationProvider")
private AuthenticationProvider authenticationProvider;
@Autowired
@Qualifier("appAuthenticationFilter")
private AppAuthenticationFilter appAuthenticationFilter;
@Override
protected void configure(HttpSecurity http) throws Exception {
http
.csrf().disable().
sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS)
.and()
.authorizeRequests().anyRequest().authenticated()
.and()
.anonymous().disable()
.exceptionHandling().authenticationEntryPoint(unauthorizedEntryPoint());
http.addFilterBefore(appAuthenticationFilter, BasicAuthenticationFilter.class);
}
@Bean
public AuthenticationEntryPoint unauthorizedEntryPoint() {
return (request, response, authException) -> response.sendError(HttpServletResponse.SC_UNAUTHORIZED);
}
}
我没有发布authenticationProvider和appAuthenticationFilter的代码,因为前者工作正常(我可以使用/ login端口登录)而后者只是实现了GenericFilterBean而且甚至没有被调用.
任何帮助将非常感激!