我的Spring Boot应用程序中有以下WebSecurityConfig的Spring Security。
@EnableWebSecurity
public class WebSecurityConfig {
@Configuration
@Order(1)
public static class Form1LoginWebSecurityConfigurerAdapter extends WebSecurityConfigurerAdapter {
@Override
protected void configure(HttpSecurity http) throws Exception {
http
.antMatcher("/uid/serverinfo.html")
.authorizeRequests()
.antMatchers("/admins/login")
.permitAll()
.antMatchers("/uid/serverinfo.html")
.authenticated()
.and()
.formLogin()
.loginProcessingUrl("/admins/login")
.loginPage("/admins/login")
.failureUrl("/admins/login?error")
.defaultSuccessUrl("/uid/serverinfo.html");
}
@Override
public void configure(AuthenticationManagerBuilder auth) throws Exception {
auth.authenticationProvider(authenticationProvider());
}
@Bean
public AuthenticationProvider authenticationProvider() {
return new LDAPAuthenticationProvider();
}
}
@Configuration
@Order(2)
public static class Form2LoginWebSecurityConfigurerAdapter extends WebSecurityConfigurerAdapter {
@Override
protected void configure(HttpSecurity http) throws Exception {
http
.antMatcher("/admins/**")
.authorizeRequests()
.antMatchers("/admins/login")
.permitAll()
.antMatchers("/admins/**")
.authenticated()
.and()
.formLogin()
.loginProcessingUrl("/admins/login")
.loginPage("/admins/login")
.failureUrl("/admins/login?error")
.defaultSuccessUrl("/admins/main");
}
@Override
public void configure(AuthenticationManagerBuilder auth) throws Exception {
auth.authenticationProvider(authenticationProvider());
}
@Bean
public AuthenticationProvider authenticationProvider() {
return new RDBAuthenticationProvider();
}
}
}
如果访问http:localhost:8080/admins/main,我的预期结果为RDBAuthenticationProvider.authenticate(),但实际上会调用LDAPAuthenticationProvider.authenticate()。
有谁知道原因以及如何解决?