Spring安全过滤器不起作用。 春虫?
[英]Spring security filter doesn't work. Spring bug?
问题描述
I added to spring config my own custom filter: 
我添加到spring配置我自己的自定义过滤器:
@Override
public void configure(HttpSecurity http) throws Exception {
http.addFilterBefore(filter, BasicAuthenticationFilter.class);
http.csrf().disable();
http.authorizeRequests().antMatchers("/oauth/token").fullyAuthenticated();
}
but doFilter(...) doesn't invoke. 但doFilter(...)不会调用。 I need to proccess request before it will be "eaten" by spring-security-oauth. 我需要处理请求才能被spring-security-oauth“吃掉”。 How to make it work? 如何使它工作?
1 个解决方案
解决方案1
0 2016-12-02 12:18:38
According to the documentation, addFilterBefore configuration method "allows adding a filter before one of the known Filter classes. The known Filter instances are either a Filter listed in HttpSecurityBuilder.addFilter(Filter) or a Filter that has already been added using HttpSecurityBuilder.addFilterAfter(Filter, Class) or HttpSecurityBuilder.addFilterBefore(Filter, Class) " 根据文档, addFilterBefore配置方法“允许在其中一个已知的Filter类之前添加过滤器。已知的Filter实例是HttpSecurityBuilder.addFilter(Filter)列出的HttpSecurityBuilder.addFilter(Filter)或已使用HttpSecurityBuilder.addFilterAfter(Filter, Class)添加的过滤器HttpSecurityBuilder.addFilterAfter(Filter, Class)或HttpSecurityBuilder.addFilterBefore(Filter, Class) “
HttpSecurity documentaion HttpSecurity文档
This basically means that your filter will be applied if and only if BasicAuthenticationFilter is already registered to process your requests, which is probably not. 这基本上意味着当且仅当已注册BasicAuthenticationFilter来处理您的请求时才会应用您的过滤器,这可能不是。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.