我正在使用基于令牌的身份验证。我有一个自定义身份验证筛选器,它执行REST调用以验证用户。我设法创建并配置自定义身份验证提供程序,但无法设置提供程序的顺序。我希望默认的DaoAuthenticationProvider是默认的,而customProvider是辅助的。
这是我配置customAuthenticationProvider
的方式@Inject
private CustomAuthenticationProvider customAuthenticationProvider;
@Inject
public void configureGlobal(AuthenticationManagerBuilder auth) throws Exception {
auth.authenticationProvider(customAuthenticationProvider)
.userDetailsService(userDetailsService)
.passwordEncoder(passwordEncoder());
}
如何将customAuthenticationProvider配置为第二个提供者?
PS:我无法将customAuthenticationProvider注入SecurityConfiguration.java,因为在将以下范围添加到customAuthenticationProvider之前无法创建代理。
@Component("alfrescoAuthenticationProvider")
@Scope(proxyMode = ScopedProxyMode.TARGET_CLASS, value = "prototype")
public class AlfrescoAuthenticationProvider implements AuthenticationProvider {
....
}
答案 0 :(得分:0)
我不明白你说的为什么你不能注射。我的SecurityConfiguration类如下:
@Configuration @EnableWebSecurity @EnableGlobalMethodSecurity(prePostEnabled = true,securedEnabled = true) 公共类SecurityConfiguration扩展了WebSecurityConfigurerAdapter {
@Inject
private Http401UnauthorizedEntryPoint authenticationEntryPoint;
@Inject
private UserDetailsService userDetailsService;
@Inject
private TokenProvider tokenProvider;
@Bean
public PasswordEncoder passwordEncoder() {
return new BCryptPasswordEncoder();
}
@Inject
public void configureGlobal(AuthenticationManagerBuilder auth) throws Exception {
auth
.userDetailsService(userDetailsService)
.passwordEncoder(passwordEncoder());
auth.authenticationProvider(weixinAuthenticationProvider());
}
@Bean
public WeixinAuthenticationProvider weixinAuthenticationProvider() {
WeixinAuthenticationProvider provider = new WeixinAuthenticationProvider(userDetailsService, passwordEncoder());
return provider;
}
@Override
public void configure(WebSecurity web) throws Exception {
......
我希望它可以提供帮助。