Spring Authentication对象为null

时间:2015-10-22 16:06:30

标签: java spring spring-security

我正在尝试访问Authentication对象以获取用户名,但Authentication对象为null。

    Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
    if (authentication == null) {
        log.warn("Authentication was null during get current user name!");
        return ANONYMOUS_USER;
    }
    return authentication.getName();

但我们可以打电话(来自同一方法):

HttpServletRequest req = (HttpServletRequest)inRequest;
String user = req.getRemoteUser();

发现用户设置正确。

修改 所以我发现一些事情表明问题可能是由于没有通过安全过滤器链。

所以我添加了一个过滤器链,但没有成功。

这是我的web.xml:

<filter>
  <filter-name>springSecurityFilterChainProxy</filter-name>
  <filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
</filter>

<filter-mapping>
  <filter-name>springSecurityFilterChainProxy</filter-name>
  <url-pattern>/*</url-pattern>
</filter-mapping>

  <filter>
    <filter-name>cors</filter-name>
    <filter-class>com.us.tsp.rest.CorsFilter</filter-class>
  </filter>
  <filter-mapping>
    <filter-name>cors</filter-name>
    <url-pattern>/jaxrs/*</url-pattern>
  </filter-mapping>

这是我的spring config xml:

    <bean id="securityContextPersistenceFilter" 
        class="org.springframework.security.web.context.SecurityContextPersistenceFilter"/>

<bean id="springSecurityFilterChainProxy" class="org.springframework.security.web.FilterChainProxy">
  <sec:filter-chain-map >
     <sec:filter-chain pattern="/**" filters="
           securityContextPersistenceFilter" />
  </sec:filter-chain-map>
</bean>

结束编辑

这是我的security.xml:

<beans 
    xmlns="http://www.springframework.org/schema/beans"
    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
    xmlns:context="http://www.springframework.org/schema/context"
    xmlns:sec="http://www.springframework.org/schema/security"
    xsi:schemaLocation="http://www.springframework.org/schema/beans
        http://www.springframework.org/schema/beans/spring-beans.xsd
        http://www.springframework.org/schema/context 
        http://www.springframework.org/schema/context/spring-context.xsd
        http://www.springframework.org/schema/security
        http://www.springframework.org/schema/security/spring-security.xsd">

    <sec:http use-expressions="true">
        <sec:intercept-url pattern="/**" access="isAuthenticated()" />
        <sec:http-basic />
    </sec:http>

    <sec:ldap-server
        url="xxxxxxxxxxxxxxxx"
        manager-dn="xxxxxxxxxxxx"
        manager-password="xxxxxxxxx"
    />

    <sec:authentication-manager alias="authenticationManager">
        <sec:ldap-authentication-provider
            user-search-base="xxxxx"
            user-search-filter="xxxxxx"
            group-search-filter="member={0}"
            group-search-base="xxxxxxxxx"
            role-prefix="ROLE_"
        />
    </sec:authentication-manager>

</beans>

0 个答案:

没有答案
相关问题
最新问题