我有一个securityconfig类,其中定义了安全配置
@Configuration
@EnableWebSecurity
@EnableGlobalMethodSecurity(securedEnabled = true)
public class SecurityConfig extends WebSecurityConfigurerAdapter {
@Autowired
private CustomX509AuthenticationFilter customX509AuthenticationFilter;
@Autowired
private JwtAuthenticationEntryPoint unauthorizedHandler;
@Bean
public JwtAuthenticationFilter jwtAuthenticationFilter() {
return new JwtAuthenticationFilter();
}
@Override
protected void configure(HttpSecurity http) throws Exception {
http.authorizeRequests().anyRequest().authenticated()
.and()
.exceptionHandling().authenticationEntryPoint(unauthorizedHandler)
.and()
.x509().x509AuthenticationFilter(customX509AuthenticationFilter).subjectPrincipalRegex("CN=(.*?)(?:,|$)")
.and()
.authorizeRequests().antMatchers("/").denyAll().anyRequest().authenticated();
}
}
我有CustomX509AuthenticationFilter类
@Component
public class CustomX509AuthenticationFilter extends X509AuthenticationFilter {
@Override
@Autowired
public void setAuthenticationManager(AuthenticationManager authenticationManager) {
super.setAuthenticationManager(authenticationManager);
}
@Override
public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain)
throws IOException, ServletException {
X509Certificate x509Certificate = (X509Certificate) getPreAuthenticatedPrincipal((HttpServletRequest)request);
}
}
在这里,我遇到了一些异常情况,例如
Consider defining a bean of type 'org.springframework.security.authentication.AuthenticationManager' in your configuration.
构建它的正确方法是什么?我需要在这里做些什么改变?