环境:
我有2个身份验证提供程序 - 一个访问ActiveDirectory,然后一个命中我创建的自定义数据库提供程序.以这些环境中的任何一个用户身份登录都可以完美地运行.用户已通过身份验证,应用程序仍在继续.
但是,当输入无效用户且两个提供程序都无法进行身份验证时,我在页面上收到此异常:
java.lang.StackOverflowError
org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter$UserDetailsServiceDelegator.loadUserByUsername(WebSecurityConfigurerAdapter.java:393)
org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter$UserDetailsServiceDelegator.loadUserByUsername(WebSecurityConfigurerAdapter.java:394)
org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter$UserDetailsServiceDelegator.loadUserByUsername(WebSecurityConfigurerAdapter.java:394)
org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter$UserDetailsServiceDelegator.loadUserByUsername(WebSecurityConfigurerAdapter.java:394)
这是我的WebSecurityConfigurerAdapter配置:
@Override
protected void configure(HttpSecurity http) throws Exception {
http
.csrf().disable()
.formLogin().loginPage("/login").failureUrl("/login?error").defaultSuccessUrl("/overview").permitAll()
.and()
.logout().logoutSuccessUrl("/login?logout").permitAll()
.and()
.authorizeRequests()
.antMatchers("/resources/**").permitAll()
.antMatchers("/favicon.ico").permitAll()
.antMatchers("/**").hasRole("AUTH");
}
@Override
protected void configure(AuthenticationManagerBuilder authManagerBuilder) throws Exception {
authManagerBuilder
.authenticationProvider(activeDirectoryLdapAuthenticationProvider())
.userDetailsService(userDetailsService());
authManagerBuilder
.authenticationProvider(databaseAuthenticationProvider())
.userDetailsService(userDetailsService());
}
@Bean
public ActiveDirectoryLdapAuthenticationProvider activeDirectoryLdapAuthenticationProvider() {
ActiveDirectoryLdapAuthenticationProvider provider = new ActiveDirectoryLdapAuthenticationProvider(DOMAIN, URL);
provider.setConvertSubErrorCodesToExceptions(true);
provider.setUseAuthenticationRequestCredentials(true);
provider.setUserDetailsContextMapper(userDetailsContextMapper());
return provider;
}
@Bean
public UserDetailsContextMapper userDetailsContextMapper() {
UserDetailsContextMapper contextMapper = new MyUserDetailsContextMapper();
return contextMapper;
}
@Bean …我有一个Spring MVC(4.3.0)应用程序,并注册了一个VersionResourceResolver,并在ResourceHandlerRegistry中添加了ContentVersionStrategy.我启用了ResourceUrlEncodingFilter.
@Bean
public ResourceUrlEncodingFilter resourceUrlEncodingFilter() {
return new ResourceUrlEncodingFilter();
}
@Override
public void addResourceHandlers(ResourceHandlerRegistry registry) {
boolean devMode = this.env.acceptsProfiles("local");
//boolean useResourceCache = !devMode;
Integer cachePeriod = devMode ? 0 : (60 * 60 * 24 * 365); //If dev clear cache else 1 year
registry.addResourceHandler("/resources/**")
.addResourceLocations("/resources/")
.setCachePeriod(cachePeriod)
.resourceChain(false)
.addResolver(new VersionResourceResolver()
.addContentVersionStrategy("/**"))
.addTransformer(new AppCacheManifestTransformer());
}
当我使用c:url或spring:url标签访问JSP页面上的/ resources(JS,Images,CSS等)中的任何内容时,"versioned"URL不显示(意思是:URL中没有哈希代码) .例:
<link href="<c:url value="/resources/css/views/login.css" />" rel="stylesheet">
在检查页面时生成:/myapp/resources/css/views/login.css作为URL字符串.
但是,如果我在Controller中使用ResourceURLProvider,我确实在URL中看到了哈希码:
@Autowired
private ResourceUrlProvider mvcResourceUrlProvider;
@RequestMapping(value = { "/" }, method = RequestMethod.GET) …