Warning: file_get_contents(/data/phpspider/zhask/data//catemap/9/java/372.json): failed to open stream: No such file or directory in /data/phpspider/zhask/libs/function.php on line 167

Warning: Invalid argument supplied for foreach() in /data/phpspider/zhask/libs/tag.function.php on line 1116

Notice: Undefined index: in /data/phpspider/zhask/libs/function.php on line 180

Warning: array_chunk() expects parameter 1 to be array, null given in /data/phpspider/zhask/libs/function.php on line 181
如何在自定义筛选器中使用Java配置注入AuthenticationManager_Java_Spring_Spring Security_Spring Java Config - Fatal编程技术网
Fatal编程技术网
  • java/
  • 如何在自定义筛选器中使用Java配置注入AuthenticationManager

如何在自定义筛选器中使用Java配置注入AuthenticationManager

java spring spring-security

如何在自定义筛选器中使用Java配置注入AuthenticationManager,java,spring,spring-security,spring-java-config,Java,Spring,Spring Security,Spring Java Config,我使用的是SpringSecurity3.2和Spring4.0.1 我正在将xml配置转换为Java配置。当我在过滤器中用@Autowired注释AuthenticationManager时,我得到一个异常 Caused by: org.springframework.beans.factory.NoSuchBeanDefinitionException: No qualifying bean of type [org.springframework.security.authenticati

我使用的是SpringSecurity3.2和Spring4.0.1

我正在将xml配置转换为Java配置。当我在过滤器中用
@Autowired
注释
AuthenticationManager
时,我得到一个异常

Caused by: org.springframework.beans.factory.NoSuchBeanDefinitionException: No qualifying bean of type [org.springframework.security.authentication.AuthenticationManager] found for dependency: expected at least 1 bean which qualifies as autowire candidate for this dependency. Dependency annotations: {}
我尝试过注入
AuthenticationManagerFactoryBean
,但也失败了,出现了类似的异常

这是我使用的XML配置
这是我正在尝试的Java配置

@Configuration
@EnableWebSecurity
public class SecurityConfig extends WebSecurityConfigurerAdapter {

    @Autowired
    private UserDetailsService userDetailsService;

    @Autowired
    private PasswordEncoder passwordEncoder;

    @Autowired
    private AuthenticationEntryPoint authenticationEntryPoint;

    @Autowired
    private AccessDeniedHandler accessDeniedHandler;

    @Override
    protected void configure(AuthenticationManagerBuilder auth) throws Exception {
        auth
                .userDetailsService(userDetailsService).passwordEncoder(passwordEncoder);
    }

    @Override
    protected void configure(HttpSecurity http) throws Exception {
        http
                .sessionManagement()
                    .sessionCreationPolicy(SessionCreationPolicy.STATELESS)
                    .and()
                .exceptionHandling()
                    .authenticationEntryPoint(authenticationEntryPoint)
                    .accessDeniedHandler(accessDeniedHandler)
                    .and();
        //TODO: Custom Filters
    }
}
这是自定义过滤器类。给我带来麻烦的是AuthenticationManager的设置程序

@Component
public class TokenAuthenticationProcessingFilter extends AbstractAuthenticationProcessingFilter {


    @Autowired
    public TokenAuthenticationProcessingFilter(@Value("/rest/useAuthenticationManagerr/authenticate") String defaultFilterProcessesUrl) {
        super(defaultFilterProcessesUrl);
    }


    @Override
    public Authentication attemptAuthentication(HttpServletRequest request, HttpServletResponse response) throws AuthenticationException, IOException, ServletException {
      ...
    }

    private String obtainPassword(HttpServletRequest request) {
        return request.getParameter("password");
    }

    private String obtainUsername(HttpServletRequest request) {
        return request.getParameter("username");
    }

    @Autowired
    @Override
    public void setAuthenticationManager(AuthenticationManager authenticationManager) {
        super.setAuthenticationManager(authenticationManager);
    }

    @Autowired
    @Override
    public void setAuthenticationSuccessHandler(AuthenticationSuccessHandler successHandler) {
        super.setAuthenticationSuccessHandler(successHandler);
    }

    @Autowired
    @Override
    public void setAuthenticationFailureHandler(AuthenticationFailureHandler failureHandler) {
        super.setAuthenticationFailureHandler(failureHandler);
    }
}
重写
WebSecurityConfigurerAdapter
中的方法
authenticationManagerBean
,以将使用
configure(AuthenticationManagerBuilder)
构建的AuthenticationManager作为Springbean公开:

例如:

   @Bean(name = BeanIds.AUTHENTICATION_MANAGER)
   @Override
   public AuthenticationManager authenticationManagerBean() throws Exception {
       return super.authenticationManagerBean();
   }
除上述内容外,您可能还希望使用@Import将@Configuration类聚合到另一个类(在我的情况下是AuthenticationController):

Spring文档关于使用@Import:

聚合@Configuration类我可以问一下自动连线在覆盖上面做了什么吗?我以前从未见过这种情况。这与什么有关?您是如何添加自定义过滤器的?我制作了自己的过滤器和身份验证提供程序。但我不知道如何将它们配置为一起工作。下面是我的问题@qxixp“如何将使用configure(AuthenticationManagerBuilder)构建的AuthenticationManager作为Spring bean公开”@Roger,为什么我们需要手动公开AuthenticationManager?@qxixp您只能自动连接Spring管理的bean。如果它不是作为bean公开的,你就不能自动连接它。这个答案真正帮助我的是“name=BeanIds.AUTHENTICATION\u MANAGER”。没有它,它至少在我的环境中不起作用。这种方法不适用于spring security oauth2中的自定义过滤器,
@Bean super.authenticationManagerBean()
这样不会构建
ClientDetailsUserDetailsService
DaoAuthenticationProvider
它与
http.getSharedObject(AuthenticationManager.class)的方式不同。
@Import(SecurityConfig.class)
@RestController
public class AuthenticationController {
@Autowired
private AuthenticationManager authenticationManager;
//some logic
}