在OAuth2AuthenticationProcessingFilter之前添加过滤器

时间:2017-10-18 00:23:28

标签: spring-security spring-security-oauth2

我在IDP模式和spring-boot中使用spring-security-oauth2。在从请求中提取oauth令牌之前,我需要做一些工作。如何在OAuth2AuthenticationProcessingFilter之前添加过滤器?

我试过了:

@Configuration
@EnableResourceServer
public class OAuth2ResourceServerConfigurerAdapter extends ResourceServerConfigurerAdapter {

    @Override
    public void configure(HttpSecurity http) throws Exception {

        http.authorizeRequests().anyRequest().authenticated().and()
                .addFilterBefore(new MyFilter(), OAuth2AuthenticationProcessingFilter.class);
    }

}

但我得到以下例外:

  

java.lang.IllegalArgumentException:无法注册未注册的Filter类org.springframework.security.oauth2.provider.authentication.OAuth2AuthenticationProcessingFilter

我想这可能是因为@EnableResourceServer之后执行了configure(HttpSecurity http)

2 个答案:

答案 0 :(得分:1)

我做到了这一点

                .addFilterBefore(new MyTokenFilter(), AbstractPreAuthenticatedProcessingFilter.class)

答案 1 :(得分:0)

以下内容对我有用

   @Override
   public void configure(HttpSecurity http) throws Exception {
       http
         .addFilterBefore(new MyFilter(), AbstractPreAuthenticatedProcessingFilter.class)
         .authorizeRequests().anyRequest().fullyAuthenticated()
       ;
   }

结果

Security filter chain: [
  WebAsyncManagerIntegrationFilter
  SecurityContextPersistenceFilter
  HeaderWriterFilter
  LogoutFilter
  MyFilter
  OAuth2AuthenticationProcessingFilter
  RequestCacheAwareFilter
  SecurityContextHolderAwareRequestFilter
  AnonymousAuthenticationFilter
  SessionManagementFilter
  ExceptionTranslationFilter
  FilterSecurityInterceptor
]
相关问题
最新问题