SecurityFilterChain 中的自定义身份验证处理过滤器位置?
[英]Custom Authentication Processing Filter Location in SecurityFilterChain?
问题描述
I have a custom implementation of AbstractAuthenticationProcessingFilter that I need to manually insert in the Security Filter Chain.
我有一个AbstractAuthenticationProcessingFilter的自定义实现,我需要将其手动插入到安全过滤器链中。 I've seen multiple tutorials, each saying to insert it before or after a different filter in the chain.我看过多个教程,每个教程都说要在链中的不同过滤器之前或之后插入它。
Is there a definitive answer on where this filter is supposed to be placed?关于应该放置此过滤器的位置是否有明确的答案? Or, at least, a rule of thumb that can help figure it out?或者,至少,一个可以帮助解决问题的经验法则?
Visual reference below:视觉参考如下:
@Bean
public void SecurityFilterChain configure(HttpSecurity http) {
MyAuthenticationProcessingFilter filter = new MyAuthenticationProcessingFilter();
http
.addFilterBefore(filter, WhateverFilter.class);
// rest of configuration here
}
2 个解决方案
解决方案1
0 2023-02-02 08:10:36
maybe you can define a AuthenticationProvider bean to process an authentication也许您可以定义一个 AuthenticationProvider bean 来处理身份验证
@Component
public class CustomAuthenticationProvider implements AuthenticationProvider {
}
解决方案2
0 2023-02-02 10:32:11
Per the documentation, implementations of AbstractAuthenticationProcessingFilter are placed between ConcurrentSessionFilter and SecurityContextHolderAwareRequestFilter根据文档, AbstractAuthenticationProcessingFilter的实现位于ConcurrentSessionFilter和SecurityContextHolderAwareRequestFilter之间
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.