I'm working through some of the Spring Security tutorials and trying to implement them without xml and I can't seem to find a anything about replacing the default UsernamePasswordAuthenticationFilter .
Similar to this question I'd like to retrieve an extra parameter from the login form. Where I'm having difficulty is:
<custom-filter ref="customAuthenticationProcessingFilter" position="FORM_LOGIN_FILTER"/>
In order to set this up properly do I need to build from the AuthenticationManagerBuilder down? or am I missing something?
According to the Spring Security documentation found here:
http://docs.spring.io/spring-security/site/docs/3.0.x/reference/ns-config.html#filter-stack
FORM_LOGIN_FILTER is just an alias for the class UsernamePasswordAuthenticationFilter.
So
http.addFilterBefore(new YourFilter(), UsernamePasswordAuthenticationFilter.class);
Should do the trick
Thanks @Juan for good doc link. But you must use addFilterAt
instead of addFilterBefore
.
So, this is correct :
http.addFilterAt(new YourFilter(),UsernamePasswordAuthenticationFilter.class);
This will replace the existing default implementation with your CustomFilter.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.