My spring自定义身份验证提供程序取代DaoAuthenticationProvider
我编写了My spring自定义身份验证提供程序取代DaoAuthenticationProvider,spring,authentication,spring-security,Spring,Authentication,Spring Security,我编写了org.springframework.security.authentication.ApplicationProvider-JwtTokenAuthenticationProvider的自定义实现 @Component public class JwtTokenAuthenticationProvider implements AuthenticationProvider { private final UserDetailsService userDetailsServi
org.springframework.security.authentication.ApplicationProvider
-JwtTokenAuthenticationProvider的自定义实现
@Component
public class JwtTokenAuthenticationProvider implements AuthenticationProvider {
private final UserDetailsService userDetailsService;
private final JwtService jwtService;
public Authentication authenticate(Authentication rawAuthentication) throws
AuthenticationException {
...
}
@Override
public boolean supports(Class<?> authentication) {
return JwtTokenAuthentication.class.isAssignableFrom(authentication);
}
}
我在安全配置中注册JwtTokenFilter,如下所示:
@Override
protected void configure(HttpSecurity http) throws Exception {
http
...
.addFilterBefore(jwtTokenFilter(), UsernamePasswordAuthenticationFilter.class)
}
@Bean
@SneakyThrows
public JwtTokenFilter jwtTokenFilter() {
return new JwtTokenFilter(authenticationManagerBean());
}
@Override
@Bean
public AuthenticationManager authenticationManagerBean() throws Exception {
return super.authenticationManagerBean();
}
jwt身份验证工作正常,但如果我现在尝试使用
authenticationManager.authenticate(new UsernamePasswordAuthenticationToken("usr", "pwd"))
我得到一个ProviderNotFoundException
但是如果我从我的JwtTokenAuthenticationProvider中删除@Component注释,UsernamePassword-auth就会工作。但是jwt认证没有。为什么
authenticationManager.authenticate(new UsernamePasswordAuthenticationToken("usr", "pwd"))