@Component("MyAuthFilter")
public class MyAuthFilter extends UsernamePasswordAuthenticationFilter {
private int errCode = 0;
@Autowired
@Qualifier("authenticationManager")
//@Override
public void setAuthenticationManager(AuthenticationManager authenticationManager, AuthenticationSuccessHandler successHandler, AuthenticationFailureHandler failureHandler) {
super.setAuthenticationManager(authenticationManager);
this.setAuthenticationSuccessHandler(successHandler);
this.setAuthenticationFailureHandler(failureHandler);
}
@Override
public AuthenticationFailureHandler getFailureHandler() {
SimpleUrlAuthenticationFailureHandler handler = new SimpleUrlAuthenticationFailureHandler();
handler.setDefaultFailureUrl("/login?error=" + errCode);
return handler;
}
@Override
public AuthenticationSuccessHandler getSuccessHandler() {
SavedRequestAwareAuthenticationSuccessHandler handler = new SavedRequestAwareAuthenticationSuccessHandler();
handler.setDefaultTargetUrl("/courses");
return handler;
}
@Override
public Authentication attemptAuthentication(HttpServletRequest request, HttpServletResponse response)
throws AuthenticationException {
System.out.println("running my own version of UsernmePasswordFilter ... ");
String login = (String) request.getParameter("login");
String password = (String) request.getParameter("password");
errCode = validate(login,password);
UsernamePasswordAuthenticationToken authRequest = new UsernamePasswordAuthenticationToken(login, password);
// Allow subclasses to set the "details" property
setDetails(request, authRequest);
return this.getAuthenticationManager().authenticate(authRequest);
}
private int validate(String login,String password){
if (login.isEmpty() && password.isEmpty()){
return 4;
}
if (login.isEmpty() && !password.isEmpty()){
return 2;
}
if (!login.isEmpty() && password.isEmpty()){
return 3;
}
return 1;
}
}
这是MyAuthFilter。
这里是我的spring-security.xml
<beans:beans xmlns="http://www.springframework.org/schema/security"
xmlns:beans="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://www.springframework.org/schema/beans
http://www.springframework.org/schema/beans/spring-beans-4.2.xsd
http://www.springframework.org/schema/security
http://www.springframework.org/schema/security/spring-security-4.2.xsd">
<http auto-config="false" use-expressions="true">
<intercept-url pattern="/courses*" access="hasRole('ROLE_USER')" />
<custom-filter before="FORM_LOGIN_FILTER" ref="MyAuthFilter" />
<form-login
login-page="/login"
default-target-url="/courses"
authentication-failure-url="/login"
username-parameter="loginField"
password-parameter="passwordField" />
<csrf disabled="true" />
</http>
<authentication-manager alias="authenticationManager">
<authentication-provider>
<user-service>
<user name="ars" password="1234" authorities="ROLE_USER" />
</user-service>
</authentication-provider>
</authentication-manager>
</beans:beans>
当我尝试启动我的应用时,我有
的例外情况没有AuthenticationSuccessHandler类型的限定bean
和FailureHandler的错误相同。我将不胜感激任何帮助。
答案 0 :(得分:1)
您的AuthenticationSuccessHandler未声明为bean。 您应该将其创建为bean并在tag via tag中的spring-security.xml中注册 认证成功处理程序-REF =&#34; nameOfYouSuccessHandlerBean&#34;
所以它看起来像: 一些在配置java文件中的位置:
@Bean
public AuthenticationSuccessHandler mySuccessHandler() {
SavedRequestAwareAuthenticationSuccessHandler handler = new SavedRequestAwareAuthenticationSuccessHandler();
handler.setDefaultTargetUrl("/courses");
return handler;
}
和spring-security.xml
<form-login
login-page="/login"
default-target-url="/courses"
authentication-failure-url="/login"
username-parameter="loginField"
authentication-success-handler-ref="mySuccessHandler"
password-parameter="passwordField" />