[英]Custom Authentication Processing Filter Location in SecurityFilterChain?
I have a custom implementation of AbstractAuthenticationProcessingFilter
that I need to manually insert in the Security Filter Chain.我有一个
AbstractAuthenticationProcessingFilter
的自定义实现,我需要将其手动插入到安全过滤器链中。 I've seen multiple tutorials, each saying to insert it before or after a different filter in the chain.我看过多个教程,每个教程都说要在链中的不同过滤器之前或之后插入它。
Is there a definitive answer on where this filter is supposed to be placed?关于应该放置此过滤器的位置是否有明确的答案? Or, at least, a rule of thumb that can help figure it out?
或者,至少,一个可以帮助解决问题的经验法则?
Visual reference below:视觉参考如下:
@Bean
public void SecurityFilterChain configure(HttpSecurity http) {
MyAuthenticationProcessingFilter filter = new MyAuthenticationProcessingFilter();
http
.addFilterBefore(filter, WhateverFilter.class);
// rest of configuration here
}
maybe you can define a AuthenticationProvider bean to process an authentication也许您可以定义一个 AuthenticationProvider bean 来处理身份验证
@Component
public class CustomAuthenticationProvider implements AuthenticationProvider {
}
Per the documentation, implementations of AbstractAuthenticationProcessingFilter
are placed between ConcurrentSessionFilter
and SecurityContextHolderAwareRequestFilter
根据文档,
AbstractAuthenticationProcessingFilter
的实现位于ConcurrentSessionFilter
和SecurityContextHolderAwareRequestFilter
之间
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.