找不到UsernamePasswordAuthenticationToken的AuthenticationProvider

Question

我的web.xml配置是

<filter>
        <filter-name>springSecurityFilterChain</filter-name>
        <filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
    </filter>

    <filter-mapping>
        <filter-name>springSecurityFilterChain</filter-name>
        <url-pattern>/*</url-pattern>
    </filter-mapping>

這是我的安全配置

    <intercept-url pattern="/*" access="ROLE_USER" />
    <intercept-url pattern="/*.ico"  filters="none" />


</http>

 <beans:bean id="customAuthenticationProvider" class="net.spring3.provider.MyAuthProvider"  />

    <authentication-manager>

        <authentication-provider ref="customAuthenticationProvider" /> 

    </authentication-manager>

這是我的customAuthProvider類

public class MyAuthProvider implements AuthenticationProvider  {


    @Override
    public boolean supports(Class<? extends Object> arg0) {
        // TODO Auto-generated method stub
        return false;
    }


     @SuppressWarnings("serial")
        private static Map<String, String> SIMPLE_USERS = new HashMap<String, String>(2) {{
            put("joe", "joe");
            put("bob", "bob");
        }};

        @SuppressWarnings("serial" )
        private static List<GrantedAuthority> AUTHORITIES = new ArrayList<GrantedAuthority>(1) {{
            add(new GrantedAuthorityImpl("ROLE_USER"));
        }};

        @Override
        public Authentication authenticate(Authentication auth) throws AuthenticationException
        {
            // All your user authentication needs
            System.out.println("==Authenticate Me==");
            if (SIMPLE_USERS.containsKey(auth.getPrincipal()) 
                && SIMPLE_USERS.get(auth.getPrincipal()).equals(auth.getCredentials()))
            {
                return new UsernamePasswordAuthenticationToken(auth.getName(), auth.getCredentials(), AUTHORITIES);
            }
            throw new BadCredentialsException("Username/Password does not match for " + auth.getPrincipal());
        }




}

該頁面顯示登錄表單，當我輸入bob和bob作為登錄時，它會引發以下錯誤。

Your login attempt was not successful, try again.

Reason: No AuthenticationProvider found for org.springframework.security.authentication.UsernamePasswordAuthenticationToken

我在調試級別ALL檢查了日志，這是我得到的。

FINE: Request is to process authentication
Nov 17, 2011 5:37:36 AM org.springframework.context.support.AbstractApplicationContext publishEvent
FINEST: Publishing event in Root WebApplicationContext: org.springframework.security.authentication.event.AuthenticationFailureProviderNotFoundEvent[source=org.springframework.security.authentication.UsernamePasswordAuthenticationToken@ffff8dfd: Principal: sd; Credentials: [PROTECTED]; Authenticated: false; Details: org.springframework.security.web.authentication.WebAuthenticationDetails@fffe3f86: RemoteIpAddress: 127.0.0.1; SessionId: x4lg4vtktpw9; Not granted any authorities]
Nov 17, 2011 5:37:36 AM org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter unsuccessfulAuthentication
FINE: Authentication request failed: org.springframework.security.authentication.ProviderNotFoundException: No AuthenticationProvider found for org.springframework.security.authentication.UsernamePasswordAuthenticationToken

對此有任何幫助。我在這里做錯了什么？

Answer 1

正如您在評論中所寫的那樣，問題是您始終在您的身份驗證提供程序的supports()方法中返回false 。 但是，不應該總是返回true你應該檢查你得到的authentication ：

public class MyAuthenticationProvider implements AuthenticationProvider, Serializable {

    @Override
    public boolean supports(Class<? extends Object> authentication) {
        return (UsernamePasswordAuthenticationToken.class.isAssignableFrom(authentication));
    }

    // ...
}

Answer 2

我遇到過同樣的問題。 在我的情況下，解決方案是在傳遞身份驗證后將AbstractAuthenticationToken.setAuthenticated設置為true。