Java 配置 Spring Security FORM_LOGIN_FILTER
[英]Java Config Spring Security FORM_LOGIN_FILTER
问题描述
I'm working through some of the Spring Security tutorials and trying to implement them without xml and I can't seem to find a anything about replacing the default UsernamePasswordAuthenticationFilter .
我正在阅读一些 Spring Security 教程并尝试在没有 xml 的情况下实现它们,但我似乎找不到任何关于替换默认UsernamePasswordAuthenticationFilter 的内容。
Similar to this question I'd like to retrieve an extra parameter from the login form.与这个问题类似,我想从登录表单中检索一个额外的参数。 Where I'm having difficulty is:我遇到困难的地方是:
<custom-filter ref="customAuthenticationProcessingFilter" position="FORM_LOGIN_FILTER"/>
In order to set this up properly do I need to build from the AuthenticationManagerBuilder down?为了正确设置它,我是否需要从 AuthenticationManagerBuilder 向下构建? or am I missing something?或者我错过了什么?
2 个解决方案
解决方案1
14 2014-07-16 14:39:19
According to the Spring Security documentation found here:根据此处找到的 Spring Security 文档:
http://docs.spring.io/spring-security/site/docs/3.0.x/reference/ns-config.html#filter-stack http://docs.spring.io/spring-security/site/docs/3.0.x/reference/ns-config.html#filter-stack
FORM_LOGIN_FILTER is just an alias for the class UsernamePasswordAuthenticationFilter. FORM_LOGIN_FILTER 只是 UsernamePasswordAuthenticationFilter 类的别名。
So所以
http.addFilterBefore(new YourFilter(), UsernamePasswordAuthenticationFilter.class);
Should do the trick应该做的伎俩
解决方案2
3 2018-04-01 04:29:06
Thanks @Juan for good doc link.感谢@Juan 提供良好的文档链接。 But you must use addFilterAt instead of addFilterBefore .但是您必须使用addFilterAt而不是addFilterBefore 。
So, this is correct :所以,这是正确的:
http.addFilterAt(new YourFilter(),UsernamePasswordAuthenticationFilter.class);
This will replace the existing default implementation with your CustomFilter.这将用您的 CustomFilter 替换现有的默认实现。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.