覆蓋現有的Spring Security身份驗證

如何通過調用Web Service覆蓋現有的Spring Security身份驗證，以及何時失敗，需要重定向某些第三方登錄頁面。覆蓋現有的Spring Security身份驗證

爲了調用這個認證Web服務，我需要得到一些ServletRequest參數和重定向，我需要訪問ServletResponse。

因此，我需要找出一些ServletRequest和ServletResponse參數的身份驗證方法。

但仍然沒有找到這樣的ProcessingFilter或AuthenticationProvider。

根據Spring安全基本，它似乎我必須重寫AuthenticationProvider相關的身份驗證方法。

根據使用的情況下，我必須實現Spring Security的預認證，

但問題是唯一具有認證參數PreAuthenticatedAuthenticationProvider相關的「身份驗證」的方法。

PreAuthenticatedAuthenticationProvider

public class PreAuthenticatedAuthenticationProvider implements 
     AuthenticationProvider, InitializingBean, Ordered { 

    public Authentication authenticate(Authentication authentication) {} 

}

至於解決方案，是否有可能使用的AuthenticationFailureHandler自定義實現？

謝謝。

來源

2017-02-27 Channa

我已經得到解決了這個問題如下方式，

實現自定義AbstractPreAuthenticatedProcessingFilter

覆蓋的的doFilter方法

@Override 
public void doFilter(ServletRequest req, ServletResponse res, FilterChain chain) throws IOException, ServletException { 

    HttpServletRequest request = (HttpServletRequest) req; 
    HttpServletResponse response = (HttpServletResponse) res; 

    try { 

     // Get current Authentication object from SecurityContext 
     Authentication auth = SecurityContextHolder.getContext().getAuthentication(); 

     // Call for third party WS when the Authenticator object is null 
     if (auth == null) { 

      logger.debug("doFilter : Proceed the authentication"); 

      String appId = "My_APP_ID"; 
      String redirectURL = request.getRequestURL().toString(); 

      // Call for third party WS for get authenticate 
      if (WS_Authenticator.isAuthenticated(appId, redirectURL)) { 

       // Successfully authenticated 
       logger.debug("doFilter : WS authentication success"); 

       // Get authenticated username 
       String userName = WS_Authenticator.getUserName();    

       // Put that username to request 
       request.setAttribute("userName", userName); 

      } else { 

       String redirectURL = WS_Authenticator.getAuthorizedURL(); 
       logger.debug("doFilter : WS authentication failed"); 
       logger.debug("doFilter : WS redirect URL : " + redirectURL); 

       ((HttpServletResponse) response).setStatus(HttpServletResponse.SC_MOVED_PERMANENTLY); 
       ((HttpServletResponse) response).sendRedirect(redirectURL); 

       // Return for bypass the filter chain 
       return; 
      } 

     } else { 
      logger.debug("doFilter : Already authenticated"); 
     } 

    } catch (Exception e) { 
     logger.error("doFilter: " + e.getMessage());    
    } 

    super.doFilter(request, response, chain); 
    return; 
}

覆蓋的getPreAuthenticatedCredentials滿足HOD

@Override 
protected Object getPreAuthenticatedCredentials(HttpServletRequest request) { 

    // Get authenticated username 
    String[] credentials = new String[1]; 
    credentials[0] = (String) request.getAttribute("userName"); 

    return credentials; 
}

實現一個CustomAuthenticationUserDetailsServiceImpl

覆蓋的loadUserDetails方法

public class CustomAuthenticationUserDetailsServiceImpl implements AuthenticationUserDetailsService<Authentication> { 

    protected static final Logger logger = Logger.getLogger(CustomAuthenticationUserDetailsServiceImpl.class); 

    @Autowired 
    private UserDataService userDataService; 

    public UserDetails loadUserDetails(Authentication token) throws UsernameNotFoundException { 

     // Get authenticated username 
     String[] credentials = (String[]) token.getCredentials(); 
     String userName = credentials[0]; 

     try { 

      // Get user by username 
      User user = userDataService.getDetailsByUserName(userName); 

      // Get authorities username    
      List<String> roles = userDataService.getRolesByUserName(userName);   
      user.setCustomerAuthorities(roles); 
      return user; 

     } catch (Exception e) { 
      logger.debug("loadUserDetails: User not found! " + e.getMessage()); 
      return null; 
     }  
    } 
}

來源

2017-03-03 08:40:18 Channa

覆蓋現有的Spring Security身份驗證

回答

相關問題