我有自定义身份验证提供程序。当我想从其他类调用方法时没有任何反应,我不知道为什么。请帮忙:
package org.sample.web.security;
import java.util.ArrayList;
import java.util.List;
import org.sample.web.service.SimpleService;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.security.authentication.AuthenticationProvider;
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.AuthenticationException;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.core.authority.SimpleGrantedAuthority;
import org.springframework.stereotype.Component;
@Component
public class CustomAuthenticationProvider implements AuthenticationProvider {
protected final Logger logger = LoggerFactory.getLogger(getClass());
private SimpleService simpleService;
@Override
public Authentication authenticate(Authentication authentication) throws AuthenticationException {
logger.error("1111111111111111");
String name = authentication.getName();
String password = authentication.getCredentials().toString();
simpleService.doNothing();
logger.error("2222222222222222");
if (name.equals("admin") && password.equals("system")) {
List<GrantedAuthority> grantedAuths = new ArrayList<GrantedAuthority>();
grantedAuths.add(new SimpleGrantedAuthority("ROLE_USER"));
Authentication auth = new UsernamePasswordAuthenticationToken(name, password, grantedAuths);
return auth;
} else {
return null;
}
}
@Override
public boolean supports(Class<?> authentication) {
return authentication.equals(UsernamePasswordAuthenticationToken.class);
}
public void setSimpleService(SimpleService simpleService) {
this.simpleService = simpleService;
}
}
认证方法的输出只是:
DEBUG - ProviderManager - Authentication attempt using org.sample.web.security.CustomAuthenticationProvider
ERROR - stomAuthenticationProvider - 1111111111111111
当我称赞行无所作为
// simpleService.doNothing();
然后它开始工作为什么?
DEBUG - ProviderManager - Authentication attempt using org.sample.web.security.CustomAuthenticationProvider
ERROR - stomAuthenticationProvider - 1111111111111111
ERROR - stomAuthenticationProvider - 2222222222222222
TRACE - XmlWebApplicationContext - Publishing event in Root WebApplicationContext: org.springframework.security.authentication.event.AuthenticationFailureProviderNotFoundEvent[source=org.springframework.security.authentication.UsernamePasswordAuthenticationToken@9561: Principal: aaa; Credentials: [PROTECTED]; Authenticated: false; Details: org.springframework.security.web.authentication.WebAuthenticationDetails@957e: RemoteIpAddress: 127.0.0.1; SessionId: null; Not granted any authorities]
DEBUG - DefaultListableBeanFactory - Returning cached instance of singleton bean 'methodRegistrar'
DEBUG - BasicAuthenticationFilter - Authentication request for failed: org.springframework.security.authentication.ProviderNotFoundException: No AuthenticationProvider found for org.springframework.security.authentication.UsernamePasswordAuthenticationToken
DEBUG - nSecurityContextRepository - SecurityContext is empty or contents are anonymous - context will not be stored in HttpSession.
DEBUG - tyContextPersistenceFilter - SecurityContextHolder now cleared, as request processing completed
安全背景:
<?xml version="1.0" encoding="UTF-8"?>
<beans:beans xmlns="http://www.springframework.org/schema/security" xmlns:beans="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:p="http://www.springframework.org/schema/p" xmlns:util="http://www.springframework.org/schema/util"
xsi:schemaLocation="http://www.springframework.org/schema/beans
http://www.springframework.org/schema/beans/spring-beans-3.1.xsd
http://www.springframework.org/schema/security
http://www.springframework.org/schema/security/spring-security-3.1.xsd
http://www.springframework.org/schema/util
http://www.springframework.org/schema/util/spring-util-3.1.xsd">
<http use-expressions="true">
<intercept-url pattern="/**" access="isAuthenticated()" />
<http-basic />
</http>
<global-method-security pre-post-annotations="enabled" />
<authentication-manager>
<authentication-provider ref="customAuthenticationProvider" />
</authentication-manager>
</beans:beans>
答案 0 :(得分:1)
从你的描述看来,simpleService.doNothing()方法似乎永远不会返回, 从而导致你的线程卡住, 这就是为什么没有达到authenticate()方法中的其他代码的原因。
顺便说一句,使用调试器进行简单测试可以轻松地揭示问题。
修改强> 因为我知道调试不是一个选项,所以要打印到日志 在调用方法之前,在方法内部和方法之后。
由于您已经完成并且该方法无法打印,因此现在有两个选项:
simpleReceiver为null,使用日志的简单try catch应该显示它。
simpleReceiver不是SimpleReceiver类型,而是一个执行无限长时间工作的派生类 在其功能中,如果是这种情况,实例类型的简单日志打印应该显示它。