[英]Spring security filter doesn't work. Spring bug?
I added to spring config my own custom filter: 我添加到spring配置我自己的自定义过滤器:
@Override
public void configure(HttpSecurity http) throws Exception {
http.addFilterBefore(filter, BasicAuthenticationFilter.class);
http.csrf().disable();
http.authorizeRequests().antMatchers("/oauth/token").fullyAuthenticated();
}
but doFilter(...) doesn't invoke. 但doFilter(...)不会调用。 I need to proccess request before it will be "eaten" by spring-security-oauth. 我需要处理请求才能被spring-security-oauth“吃掉”。 How to make it work? 如何使它工作?
According to the documentation, addFilterBefore
configuration method "allows adding a filter before one of the known Filter classes. The known Filter instances are either a Filter listed in HttpSecurityBuilder.addFilter(Filter)
or a Filter that has already been added using HttpSecurityBuilder.addFilterAfter(Filter, Class)
or HttpSecurityBuilder.addFilterBefore(Filter, Class)
" 根据文档, addFilterBefore
配置方法“允许在其中一个已知的Filter类之前添加过滤器。已知的Filter实例是HttpSecurityBuilder.addFilter(Filter)
列出的HttpSecurityBuilder.addFilter(Filter)
或已使用HttpSecurityBuilder.addFilterAfter(Filter, Class)
添加的过滤器HttpSecurityBuilder.addFilterAfter(Filter, Class)
或HttpSecurityBuilder.addFilterBefore(Filter, Class)
“
HttpSecurity documentaion HttpSecurity文档
This basically means that your filter will be applied if and only if BasicAuthenticationFilter
is already registered to process your requests, which is probably not. 这基本上意味着当且仅当已注册BasicAuthenticationFilter
来处理您的请求时才会应用您的过滤器,这可能不是。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.