[英]How to replace UsernamePasswordAuthenticationFilter in Spring Security
Using XML configuration would be like 使用XML配置就好
<custom-filter position="FORM_LOGIN_FILTER" ref="SCAAuthenticationFilter" />.
Without XML would be like: 没有XML就像:
httpSecurity.addFilter(new SCAAthenticationFilter())
It seems that spring doesn't replace UsernamePasswordAuthenticationFilter , but adds my filter before. 似乎spring并没有取代UsernamePasswordAuthenticationFilter ,而是之前添加了我的过滤器。
If you take a look to FormLoginConfigurer you will see that the UsernamePasswordAuthenticationFilter is created and inserted to AbstractAuthenticationFilterConfigurer constructor then there it is assigned to final F authFilter so there is no way to replace it in Spring Security 4.1 如果您查看FormLoginConfigurer,您将看到创建了UsernamePasswordAuthenticationFilter并将其插入到AbstractAuthenticationFilterConfigurer构造函数中,然后将其分配给最终的F authFilter,因此无法在Spring Security 4.1中替换它
addFilter() will simply add another filter to filter list addFilter()只会添加另一个过滤器来过滤列表
I'd guess you must have either had <form-login>
or had <http auto-config="true">
in your configuration. 我猜你的配置中必须有
<form-login>
或<http auto-config="true">
。 Unless either of these are present, Spring Security won't add a UsernamePasswordAuthenticationFilter
automatically. 除非存在其中任何一个,否则Spring Security不会自动添加
UsernamePasswordAuthenticationFilter
。 The URL for submitting the form and the parameter names are all configurable properties of the filter, which your custom version didn't override, hence the difference. 提交表单的URL和参数名称都是过滤器的可配置属性,您的自定义版本没有覆盖,因此存在差异。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.