在其他一些帖子之后,我尝试覆盖spring-security处理程序的身份验证成功方法,但是从未调用过它。我的代码如下:
src/groovy/mypackage/MyAuthenticationSuccessHandler.groovy:
package mypackage
import org.springframework.security.core.Authentication
import org.springframework.security.web.authentication.SavedRequestAwareAuthenticationSuccessHandler
import javax.servlet.ServletException
import javax.servlet.http.HttpServletRequest
import javax.servlet.http.HttpServletResponse
public class MyAuthenticationSuccessHandler extends SavedRequestAwareAuthenticationSuccessHandler {
public MyAuthenticationSuccessHandler() {
println("constructed!")
}
@Override
public void onAuthenticationSuccess(HttpServletRequest request, HttpServletResponse response, Authentication authentication) throws ServletException, IOException {
println("override called")
super.onAuthenticationSuccess(request, response, authentication);
}
}
resources.groovy:
authenticationSuccessHandler(MyAuthenticationSuccessHandler) {
def conf = SpringSecurityUtils.securityConfig
requestCache = ref('requestCache')
defaultTargetUrl = conf.successHandler.defaultTargetUrl
alwaysUseDefaultTargetUrl = conf.successHandler.alwaysUseDefault
targetUrlParameter = conf.successHandler.targetUrlParameter
useReferer = conf.successHandler.useReferer
redirectStrategy = ref('redirectStrategy')
}
没有错误,肯定会调用构造函数,并且将MyAuthenticationSuccessHandler注入到测试控制器中,但是永远不会调用onAuthenticationSuccess。我在超类版本中添加了一个断点,并且可以正常工作。我也尝试用Java重写自定义类,但这没用。
我在做什么错了?
答案 0 :(得分:0)
证明另一个登录筛选器已处于活动状态,这阻止了正常方法的工作。有问题的过滤器为org.mitre.openid.connect.client.OIDCAuthenticationFilter,解决方法是通过该过滤器注入成功处理程序,例如:
authenticationSuccessHandler(apipulse.MyAuthenticationSuccessHandler) {
clientRegistrationTemplate = ref(clientRegistrationTemplate)
}
...
openIdConnectAuthenticationFilter(OIDCAuthenticationFilter) {
...
authenticationSuccessHandler = ref('authenticationSuccessHandler')
}
只是浪费一天的时间看这个-谢谢,春天。