java – (自定义)RestAuthenticationProcessingFilter Ordering
我尝试通过令牌将Rest身份验证添加到我的应用程序.
我创建了一个简单的过滤器,其他任何东西都不打印消 public class RestAuthenticationProcessingFilter extends GenericFilterBean { @Override public void doFilter(ServletRequest arg0,ServletResponse arg1,FilterChain arg2) throws IOException,ServletException { System.out.println(arg0); // EDIT 25/02/2014 arg2.doFilter(arg0,arg1); } } 我正在使用Spring 4.0和Spring Security 3.2与JavaConfig. 我在我的适配器中添加了这个: @Override protected void configure(HttpSecurity http) throws Exception { /* * @RemarqueDev Différence entre permitAll et anonymous : permitAll * contient anonymous. Anonymous uniquement pour non connecté */ http.addFilter(new RestAuthenticationProcessingFilter()); http.csrf().disable().headers().disable(); http.exceptionHandling().authenticationEntryPoint(new RestAuthenticationEntryPoint()); 当我运行jetty服务器时,我收到此消息: Nested in org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'springSecurityFilterChain' defined in class org.springframework.security.config.annotation.web.configuration.WebSecurityConfiguration: Instantiation of bean failed; nested exception is org.springframework.beans.factory.BeanDefinitionStoreException: Factory method [public javax.servlet.Filter org.springframework.security.config.annotation.web.configuration.WebSecurityConfiguration.springSecurityFilterChain() throws java.lang.Exception] threw exception; nested exception is java.lang.IllegalArgumentException: The Filter class my.package.config.RestAuthenticationProcessingFilter does not have a registered order and cannot be added without a specified order. Consider using addFilterBefore or addFilterAfter instead.: java.lang.IllegalArgumentException: The Filter class com.jle.athleges.config.RestAuthenticationProcessingFilter does not have a registered order and cannot be added without a specified order. Consider using addFilterBefore or addFilterAfter instead. at org.springframework.security.config.annotation.web.builders.HttpSecurity.addFilter(HttpSecurity.java:1122) 为什么? 谢谢 解决方法
AddFilter:
您的过滤器不是安全框架内的过滤器的实例或扩展. 但是你可以使用addFilterBefore或addFilterAfter. 例如: addFilterBefore(new RestAuthenticationProcessingFilter(),BasicAuthenticationFilter.class) 您可以在文档中找到安全过滤器链的顺序: http://docs.spring.io/spring-security/site/docs/3.2.0.RELEASE/apidocs/org/springframework/security/config/annotation/web/HttpSecurityBuilder.html#addFilter%28javax.servlet.Filter%29 (编辑:李大同) 【声明】本站内容均来自网络,其相关言论仅代表作者个人观点,不代表本站立场。若无意侵犯到您的权利,请及时与联系站长删除相关内容! |