Java 调用第二身份验证提供程序的原因
在我的Spring启动应用程序中,我有以下关于Spring安全性的Java 调用第二身份验证提供程序的原因,java,spring-boot,spring-security,Java,Spring Boot,Spring Security,在我的Spring启动应用程序中,我有以下关于Spring安全性的WebSecurityConfig @EnableWebSecurity public class WebSecurityConfig { @Configuration @Order(1) public static class Form1LoginWebSecurityConfigurerAdapter extends WebSecurityConfigurerAdapter { @O
WebSecurityConfig
@EnableWebSecurity
public class WebSecurityConfig {
@Configuration
@Order(1)
public static class Form1LoginWebSecurityConfigurerAdapter extends WebSecurityConfigurerAdapter {
@Override
protected void configure(HttpSecurity http) throws Exception {
http
.antMatcher("/uid/serverinfo.html")
.authorizeRequests()
.antMatchers("/admins/login")
.permitAll()
.antMatchers("/uid/serverinfo.html")
.authenticated()
.and()
.formLogin()
.loginProcessingUrl("/admins/login")
.loginPage("/admins/login")
.failureUrl("/admins/login?error")
.defaultSuccessUrl("/uid/serverinfo.html");
}
@Override
public void configure(AuthenticationManagerBuilder auth) throws Exception {
auth.authenticationProvider(authenticationProvider());
}
@Bean
public AuthenticationProvider authenticationProvider() {
return new LDAPAuthenticationProvider();
}
}
@Configuration
@Order(2)
public static class Form2LoginWebSecurityConfigurerAdapter extends WebSecurityConfigurerAdapter {
@Override
protected void configure(HttpSecurity http) throws Exception {
http
.antMatcher("/admins/**")
.authorizeRequests()
.antMatchers("/admins/login")
.permitAll()
.antMatchers("/admins/**")
.authenticated()
.and()
.formLogin()
.loginProcessingUrl("/admins/login")
.loginPage("/admins/login")
.failureUrl("/admins/login?error")
.defaultSuccessUrl("/admins/main");
}
@Override
public void configure(AuthenticationManagerBuilder auth) throws Exception {
auth.authenticationProvider(authenticationProvider());
}
@Bean
public AuthenticationProvider authenticationProvider() {
return new RDBAuthenticationProvider();
}
}
}
如果访问http:localhost:8080/admins/main
,我的预期结果是RDBAuthenticationProvider.authenticate()
,但实际上调用了ldapaauthenticationprovider.authenticate()
有人知道原因和如何修复吗?检查此项是否使用多个身份验证提供程序:我想保护对/admins/*(通过DB)和/uid/serverinfo.html(通过LDAP)的访问,但是。。。