我有一个自定义的Spring Security过滤器,扩展了GenericFilterBean.
为了进行自动依赖和bean创建,我添加了一个@Component注释.
在我的安全配置中,我也注册过滤器,如:
@Autowired
private RestAuthenticationFilter restAuthenticationFilter;
protected void configure(HttpSecurity http) throws Exception {
// @formatter:off
http
.addFilterBefore(restAuthenticationFilter, LogoutFilter.class)
一切都运行良好,除了我的过滤器被调用两次......似乎Spring也自动将过滤器添加到标准过滤器.
这里最好的方法是什么?
UPDATE
@Dave这是你的意思吗?它似乎工作.
@Configuration
@ComponentScan
@EnableAutoConfiguration
public class Application extends WebMvcConfigurerAdapter {
@Autowired
private RestAuthenticationFilter restAuthenticationFilter;
public static void main(String[] args) {
SpringApplication.run(Application.class, args);
}
@Bean
public ApplicationSecurity applicationSecurity() {
return new ApplicationSecurity();
}
@Bean
public FilterRegistrationBean filterRegistrationBean() {
FilterRegistrationBean filterRegistrationBean = new FilterRegistrationBean();
filterRegistrationBean.setEnabled(false);
filterRegistrationBean.setFilter(restAuthenticationFilter);
return filterRegistrationBean;
}
@Order(SecurityProperties.ACCESS_OVERRIDE_ORDER)
protected static class ApplicationSecurity extends WebSecurityConfigurerAdapter {
@Autowired
private …