设置authenticationFailureHandler时出现此错误:setAuthenticationFailureHandler(authenticationFailureHandler);
java.lang.IllegalArgumentException:failureHandler不能为null org.springframework.util.Assert.notNull(Assert.java:193)在 org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter.setAuthenticationFailureHandler(AbstractAuthenticationProcessingFilter.java:448)
片段web.xml
datacampsecurity.xml
<filter>
<filter-name>springSecurityFilterChain</filter-name>
<filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
</filter>
<filter-mapping>
<filter-name>springSecurityFilterChain</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
CustomAuthenticationFilter
<b:beans xmlns="http://www.springframework.org/schema/security"
xmlns:b="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://www.springframework.org/schema/beans
http://www.springframework.org/schema/beans/spring-beans.xsd
http://www.springframework.org/schema/security
http://www.springframework.org/schema/security/spring-security.xsd">
<global-method-security secured-annotations="enabled" pre-post-annotations="enabled" jsr250-annotations="enabled"/>
<http use-expressions="true" entry-point-ref="loginUrlAuthenticationEntryPoint" authentication-manager-ref="authenticationManager" >
<csrf disabled="true"/>
<custom-filter before="FORM_LOGIN_FILTER" ref="authenticationFilter" />
<intercept-url pattern="/public_home/**" access="permitAll"/>
<intercept-url pattern="/js/**" access="permitAll"/>
<intercept-url pattern="/css/**" access="permitAll"/>
<intercept-url pattern="/image/**" access="permitAll"/>
<intercept-url pattern="/resources/**" access="permitAll"/>
<intercept-url pattern="/" access="permitAll"/>
<intercept-url pattern="/**" access="isAuthenticated()"/>
</http>
<authentication-manager/>
<b:bean id="loginUrlAuthenticationEntryPoint" class="org.springframework.security.web.authentication.LoginUrlAuthenticationEntryPoint">
<b:constructor-arg name="loginFormUrl" value="/public_home"/>
</b:bean>
<b:bean id="authenticationManager" class="n4.security.CustomAuthenticationManager">
</b:bean>
<b:bean id="authenticationFilter" class="n4.security.CustomAuthenticationFilter">
<b:property name="filterProcessesUrl" value="/j_spring_security_check" />
<b:property name="authenticationManager" ref="authenticationManager" />
<b:property name="authenticationSuccessHandler" ref="authenticationSuccessHandler"/>
<b:property name="authenticationFailureHandler" ref="authenticationFailureHandler"/>
</b:bean>
<b:bean name="authenticationSuccessHandler" class="org.springframework.security.web.authentication.SavedRequestAwareAuthenticationSuccessHandler">
<b:property name="defaultTargetUrl" value="/home"></b:property>
<b:property name="alwaysUseDefaultTargetUrl" value="true"></b:property>
<b:property name="useReferer" value="true"></b:property>
</b:bean>
<b:bean name="authenticationFailureHandler" class="org.springframework.security.web.authentication.SimpleUrlAuthenticationFailureHandler">
<b:property name="defaultFailureUrl" value="/public_home/loginfailed"></b:property>
</b:bean>
</b:beans>
CustomAuthenticationManager
public class CustomAuthenticationFilter extends UsernamePasswordAuthenticationFilter {
@Autowired
private AuthenticationManager authenticationManager;
@Autowired
private SimpleUrlAuthenticationFailureHandler authenticationFailureHandler;
@Override
public Authentication attemptAuthentication(HttpServletRequest request,
HttpServletResponse response) throws AuthenticationException {
setAuthenticationManager(authenticationManager);
setAuthenticationFailureHandler(authenticationFailureHandler);
return super.attemptAuthentication(request, response);
}
}