春季安全authenticationmanager必須指定 - 對於自定義篩選器

Question

我想創建一個自定義用戶名密碼認證過濾器，因爲我需要驗證來自兩個不同來源的密碼。我正在使用Spring Boot 1.2.1和Java配置。部署時出現的錯誤是

Caused by: org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'customUsernamePasswordAuthenticationFilter' defined in file [/Users/rjmilitante/Documents/eclipse-workspace/login-service/bin/com/elsevier/eols/loginservice/CustomUsernamePasswordAuthenticationFilter.class]: Invocation of init method failed; nested exception is java.lang.IllegalArgumentException: authenticationManager must be specified 
… 
Caused by: java.lang.IllegalArgumentException: authenticationManager must be specified 

我不確定我錯過了什麼。我一直試圖在我的SecurityConfig中爲這個過濾器設置authenticationManager。我的代碼看起來像

我的過濾器：

@Component 
public class CustomUsernamePasswordAuthenticationFilter extends AbstractAuthenticationProcessingFilter { 

    public CustomUsernamePasswordAuthenticationFilter(RequestMatcher requiresAuthenticationRequestMatcher) { 
     super(requiresAuthenticationRequestMatcher); 
     // TODO Auto-generated constructor stub 
    } 

    public CustomUsernamePasswordAuthenticationFilter() { 
     super(new AntPathRequestMatcher("/login","POST")); 
     // TODO Auto-generated constructor stub 
    } 

    public Authentication attemptAuthentication(HttpServletRequest request, HttpServletResponse response) 
      throws AuthenticationException { 
     // String dbValue = request.getParameter("dbParam"); 
     // request.getSession().setAttribute("dbValue", dbValue); 
     System.out.println("attempting to authentificate"); 
     while (request.getAttributeNames().hasMoreElements()) { 
      String e = (String) request.getAttributeNames().nextElement(); 
      System.out.println("param name : " + e + " and param value : " + request.getAttribute(e)); 
     } 
     return null; 
    } 
} 

我的安全配置：

@Configuration 
@EnableWebSecurity 
@EnableGlobalMethodSecurity(prePostEnabled = true) 
public class SecurityConfig extends WebSecurityConfigurerAdapter{ 

    @Bean 
    public PasswordEncoder passwordEncoder() { 
     return new BCryptPasswordEncoder(); 
    } 

    @Bean(name="loginService") 
    public LoginService loginService(){ 
     return new LoginServiceImpl(); 
    } 

    @Bean(name="myAuthenticationManager") 
    @Override 
    public AuthenticationManager authenticationManagerBean() throws Exception { 
     return super.authenticationManagerBean(); 
    } 

    @Bean 
    CustomUsernamePasswordAuthenticationFilter customUsernamePasswordAuthenticationFilter() throws Exception { 
     CustomUsernamePasswordAuthenticationFilter customUsernamePasswordAuthenticationFilter = new CustomUsernamePasswordAuthenticationFilter(); 
     customUsernamePasswordAuthenticationFilter.setAuthenticationManager(authenticationManagerBean()); 
     return customUsernamePasswordAuthenticationFilter; 
    } 


    @Autowired 
    private myAuthenticationProvider myAuthenticationProvider; 

    protected void configure(HttpSecurity http) throws Exception { 
     http.csrf().disable() 
     .authorizeRequests() 
     .anyRequest().authenticated() 
     .and() 
     /*.addFilterBefore(customUsernamePasswordAuthenticationFilter(), UsernamePasswordAuthenticationFilter.class)*/; 

    } 

    public void configure(AuthenticationManagerBuilder auth) throws Exception { 

     auth.authenticationProvider(myAuthenticationProvider); 
     } 
} 

任何人都可以看一下嗎？不知道這是怎麼回事。

Answer 1

documentation對於AbstractAuthenticationProcessingFilter類聲明您必須設置AuthenticationManager。

我建議你嘗試加入您的CustomUsernamePasswordAuthenticationFilter類中下面的代碼：

@Override 
@Autowired 
public void setAuthenticationManager(AuthenticationManager authenticationManager) { 
    super.setAuthenticationManager(authenticationManager); 
} 

Answer 2

事實上，我過去的錯誤。我只需從我的自定義過濾器中刪除@Component註釋。