编辑:方法getsUsername未被调用。代码进入
doFilter(ServletRequest req, ServletResponse res,
FilterChain chain)
但不在
protected String obtainUsername(HttpServletRequest request)
我在websecurity配置中添加了一个自定义UsernamePasswordAuthenticationFilter,但它不会在调试模式下进入方法方法obtainUsername(所以我猜它没有到达)
WebSecurityConfig
http
.csrf().disable() //TODO Refactor login form
.addFilter(**customAuthenticationFilter**)
.authorizeRequests()
.antMatchers("/static/**").permitAll()
.anyRequest().authenticated()
.and()
.logout()
.logoutSuccessUrl("/logout/success")
.logoutUrl("/logout")
.permitAll()
.and()
.formLogin()
.defaultSuccessUrl("/welcome")
.loginPage("/login")
.failureUrl("/login/failure")
.permitAll();
在我得到的日志中:
Creating filter chain: org.springframework.security.web.util.matcher.AnyRequestMatcher@1,
[org.springframework.security.web.context.request.async.WebAsyncManagerIntegrationFilter@1a70127,
org.springframework.security.web.context.SecurityContextPersistenceFilter@8ea2c0,
org.springframework.security.web.header.HeaderWriterFilter@1cac116,
org.springframework.security.web.authentication.logout.LogoutFilter@3620e6,
**customAuthenticationFilter$$EnhancerByCGLIB$$f8a98275@13cad6b**,
org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter@fe809c,
org.springframework.security.web.savedrequest.RequestCacheAwareFilter@5f0635,
org.springframework.security.web.servletapi.SecurityContextHolderAwareRequestFilter@9081c3,
org.springframework.security.web.authentication.AnonymousAuthenticationFilter@9d4c6f,
org.springframework.security.web.session.SessionManagementFilter@4acbdf,
org.springframework.security.web.access.ExceptionTranslationFilter@1ad3fb8,
org.springframework.security.web.access.intercept.FilterSecurityInterceptor@2dfa56]
感谢