getsUsername未调用自定义UsernamePasswordAuthenticationFilter Java配置

时间:2014-01-23 22:58:02

标签: java authentication spring-security

编辑:方法getsUsername未被调用。代码进入

 doFilter(ServletRequest req, ServletResponse res,
            FilterChain chain)

但不在

protected String obtainUsername(HttpServletRequest request)

我在websecurity配置中添加了一个自定义UsernamePasswordAuthenticationFilter,但它不会在调试模式下进入方法方法obtainUsername(所以我猜它没有到达)

WebSecurityConfig
        http
            .csrf().disable() //TODO Refactor login form
            .addFilter(**customAuthenticationFilter**)
            .authorizeRequests()
                .antMatchers("/static/**").permitAll()
                .anyRequest().authenticated()
                .and()
            .logout()
                .logoutSuccessUrl("/logout/success")
                .logoutUrl("/logout")
                .permitAll()
                .and()
            .formLogin()
                .defaultSuccessUrl("/welcome")
                .loginPage("/login")
                .failureUrl("/login/failure")
                .permitAll();

在我得到的日志中:

Creating filter chain: org.springframework.security.web.util.matcher.AnyRequestMatcher@1, 
[org.springframework.security.web.context.request.async.WebAsyncManagerIntegrationFilter@1a70127, 
org.springframework.security.web.context.SecurityContextPersistenceFilter@8ea2c0, 
org.springframework.security.web.header.HeaderWriterFilter@1cac116, 
org.springframework.security.web.authentication.logout.LogoutFilter@3620e6, 
**customAuthenticationFilter$$EnhancerByCGLIB$$f8a98275@13cad6b**, 
org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter@fe809c, 
org.springframework.security.web.savedrequest.RequestCacheAwareFilter@5f0635, 
org.springframework.security.web.servletapi.SecurityContextHolderAwareRequestFilter@9081c3, 
org.springframework.security.web.authentication.AnonymousAuthenticationFilter@9d4c6f, 
org.springframework.security.web.session.SessionManagementFilter@4acbdf, 
org.springframework.security.web.access.ExceptionTranslationFilter@1ad3fb8, 
org.springframework.security.web.access.intercept.FilterSecurityInterceptor@2dfa56]

感谢

0 个答案:

没有答案