我正在尝试使用外部服务在spring中设置pre auth安全性。登录入口点重定向到外部页面,该外部页面在成功登录时将验证信息放入cookie中。之后,外部应用程序重定向回我的应用程序,我的AbstractPreAuthenticatedProcessingFilter被正确调用,我能够返回一个主要值,然后我希望将其传递给我的userdetailservice,在那里我可以创建正确的用户对象,但它最后在此之前抛出一个错误。这是代码
@Configuration
@EnableWebMvcSecurity
public class SecurityConfig extends WebSecurityConfigurerAdapter {
private UserDetailsService userDetailsService;
private PreAuthenticatedAuthenticationProvider preAuthenticatedProvider;
@Autowired
private CspProperties cspProperties;
public SecurityConfig() {
super();
userDetailsService = new CspUserDetailService();
UserDetailsByNameServiceWrapper<PreAuthenticatedAuthenticationToken> wrapper =
new UserDetailsByNameServiceWrapper<PreAuthenticatedAuthenticationToken>(userDetailsService);
preAuthenticatedProvider = new PreAuthenticatedAuthenticationProvider();
preAuthenticatedProvider.setPreAuthenticatedUserDetailsService(wrapper);
}
@Autowired
public void configureGlobal(AuthenticationManagerBuilder auth) throws Exception {
auth.authenticationProvider(preAuthenticatedProvider);
}
@Override
protected void configure(HttpSecurity http) throws Exception {
CspAuthenticationFilter cspFilter = new CspAuthenticationFilter();
cspFilter.setAuthenticationManager(authenticationManager());
//entry point
LoginUrlWithReturnUrlEntryPoint entryPoint = new LoginUrlWithReturnUrlEntryPoint(cspProperties.getNoCookieURL());
http
.addFilter(cspFilter)
.authorizeRequests()
.antMatchers("/secure").authenticated()
.anyRequest().permitAll()
.and()
.httpBasic()
.authenticationEntryPoint(entryPoint);
}
}
这是我得到的错误
2014-06-28 12:30:46.522 DEBUG 13752 --- [nio-8080-exec-3] secure.CspAuthenticationFilter : Checking secure context token: null
2014-06-28 12:30:46.524 DEBUG 13752 --- [nio-8080-exec-3] secure.CspAuthenticationFilter : preAuthenticatedPrincipal = 6045656|aeb4b387f41c1557cfb2604
881840b96|W|40|CDTTut,CompXL|xxxxx|PROD|201406290157, trying to authenticate
2014-06-28 12:30:46.524 DEBUG 13752 --- [nio-8080-exec-3] secure.CspAuthenticationFilter : Cleared security context due to exception
org.springframework.security.authentication.ProviderNotFoundException: No AuthenticationProvider found for org.springframework.security.web.authentication.preau
th.PreAuthenticatedAuthenticationToken
at org.springframework.security.authentication.ProviderManager.authenticate(ProviderManager.java:199)
at org.springframework.security.web.authentication.preauth.AbstractPreAuthenticatedProcessingFilter.doAuthenticate(AbstractPreAuthenticatedProcessingFilter.jav
a:121)
at org.springframework.security.web.authentication.preauth.AbstractPreAuthenticatedProcessingFilter.doFilter(AbstractPreAuthenticatedProcessingFilter.java:91)
任何帮助将不胜感激
答案 0 :(得分:-2)
结果证明这个配置是正确的,问题是在预验证过滤器中,在某些情况下它应该没有返回null。