找不到UsernamePasswordAuthenticationToken的AuthenticationProvider

时间:2011-11-17 05:48:17

标签: java spring spring-mvc spring-security spring-3

我的web.xml配置是

<filter>
        <filter-name>springSecurityFilterChain</filter-name>
        <filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
    </filter>

    <filter-mapping>
        <filter-name>springSecurityFilterChain</filter-name>
        <url-pattern>/*</url-pattern>
    </filter-mapping>

这是我的安全配置

    <intercept-url pattern="/*" access="ROLE_USER" />
    <intercept-url pattern="/*.ico"  filters="none" />


</http>

 <beans:bean id="customAuthenticationProvider" class="net.spring3.provider.MyAuthProvider"  />

    <authentication-manager>

        <authentication-provider ref="customAuthenticationProvider" /> 

    </authentication-manager>

这是我的customAuthProvider类

public class MyAuthProvider implements AuthenticationProvider  {


    @Override
    public boolean supports(Class<? extends Object> arg0) {
        // TODO Auto-generated method stub
        return false;
    }


     @SuppressWarnings("serial")
        private static Map<String, String> SIMPLE_USERS = new HashMap<String, String>(2) {{
            put("joe", "joe");
            put("bob", "bob");
        }};

        @SuppressWarnings("serial" )
        private static List<GrantedAuthority> AUTHORITIES = new ArrayList<GrantedAuthority>(1) {{
            add(new GrantedAuthorityImpl("ROLE_USER"));
        }};

        @Override
        public Authentication authenticate(Authentication auth) throws AuthenticationException
        {
            // All your user authentication needs
            System.out.println("==Authenticate Me==");
            if (SIMPLE_USERS.containsKey(auth.getPrincipal()) 
                && SIMPLE_USERS.get(auth.getPrincipal()).equals(auth.getCredentials()))
            {
                return new UsernamePasswordAuthenticationToken(auth.getName(), auth.getCredentials(), AUTHORITIES);
            }
            throw new BadCredentialsException("Username/Password does not match for " + auth.getPrincipal());
        }




}

该页面显示登录表单,当我输入bob和bob作为登录时,它会引发以下错误。

Your login attempt was not successful, try again.

Reason: No AuthenticationProvider found for org.springframework.security.authentication.UsernamePasswordAuthenticationToken

我在调试级别ALL检查了日志,这是我得到的。

FINE: Request is to process authentication
Nov 17, 2011 5:37:36 AM org.springframework.context.support.AbstractApplicationContext publishEvent
FINEST: Publishing event in Root WebApplicationContext: org.springframework.security.authentication.event.AuthenticationFailureProviderNotFoundEvent[source=org.springframework.security.authentication.UsernamePasswordAuthenticationToken@ffff8dfd: Principal: sd; Credentials: [PROTECTED]; Authenticated: false; Details: org.springframework.security.web.authentication.WebAuthenticationDetails@fffe3f86: RemoteIpAddress: 127.0.0.1; SessionId: x4lg4vtktpw9; Not granted any authorities]
Nov 17, 2011 5:37:36 AM org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter unsuccessfulAuthentication
FINE: Authentication request failed: org.springframework.security.authentication.ProviderNotFoundException: No AuthenticationProvider found for org.springframework.security.authentication.UsernamePasswordAuthenticationToken

对此有任何帮助......我在这里做错了什么?

2 个答案:

答案 0 :(得分:33)

正如您在评论中写的那样,问题是您始终在您的身份验证提供程序的false方法中返回supports()。但是,不应该总是返回true,而应该检查authentication这样的内容:

public class MyAuthenticationProvider implements AuthenticationProvider, Serializable {

    @Override
    public boolean supports(Class<? extends Object> authentication) {
        return (UsernamePasswordAuthenticationToken.class.isAssignableFrom(authentication));
    }

    // ...
}

答案 1 :(得分:2)

我有同样的问题。对于我而言,解决方案是在身份验证通过后将AbstractAuthenticationToken.setAuthenticated设置为true。