addFilter(getDigestAuthFilter())引发错误,说使getDigestAuthFilter函数返回javax.servlet.Filter而不是DigestAuthenticationFilter。救命!!!
private DigestAuthenticationFilter getDigestAuthFilter() throws Exception {
DigestAuthenticationFilter digestFilter = new DigestAuthenticationFilter();
digestFilter.setUserDetailsService(userDetailsServiceBean());
digestFilter.setAuthenticationEntryPoint(getDigestEntryPoint());
return digestFilter;
}
@Override
protected void configure(HttpSecurity http) throws Exception {
http.antMatcher("/hello/**"). // this filter chain is matching this pattern of request;
addFilter(getDigestAuthFilter()). // add this new filter to the existing chain of filters;
exceptionHandling().authenticationEntryPoint(getDigestEntryPoint()) // when exception occurs auto route to this entrypoint which will give out headers;
.and().authorizeRequests().antMatchers("/hello/**").hasAnyRole("ADMIN","USER");
}