Question

我正在使用spring security来验证用户身份。我已经实现了自定义身份验证管理器，但在我的身份验证管理器中将凭据和名称视为空白

这是我的安全xml

<security:http auto-config="false" entry-point-ref="authenticationEntryPoint">
    <security:custom-filter position="CONCURRENT_SESSION_FILTER"
        ref="concurrencyFilter" />
    <security:custom-filter ref="authenticationFilter"
        position="FORM_LOGIN_FILTER" />
    <!-- <security:custom-filter after="CONCURRENT_SESSION_FILTER"
        ref="secureFilter" /> -->
    <security:session-management
        session-authentication-strategy-ref="sas" />

</security:http>

<bean id="authenticationFilter"
    class="org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter"
    p:authenticationManager-ref="ahcAuthenticationManager"     p:authenticationFailureHandler-ref="customAuthenticationFailureHandler"
    p:authenticationSuccessHandler-ref="customAuthenticationSuccessHandler"
    p:sessionAuthenticationStrategy-ref="sas">

这是我的身份验证管理器代码

public class AhcAuthenticationManager implements AuthenticationManager {

private UserInfoService userInfoService;

public AhcAuthenticationManager(UserInfoService userInfoService) {
    this.userInfoService = userInfoService;
}

public Authentication authenticate(Authentication arg)
        throws AuthenticationException {
    System.out.println(arg.getName());
    if (userInfoService.authenticateUser(arg.getName(), arg
            .getCredentials().toString())) {
        return new UsernamePasswordAuthenticationToken(arg.getPrincipal(),
                arg.getCredentials());
    }
    return null;

}

}

管理器代码中的sysout始终返回空我在客户端使用jsf，在我的托管bean里面请求我可以在请求parameterMap中看到这些参数知道我可能会出错吗？

由于

Spring Custom Authentication Manager

0 个答案: