SpringSecurity報錯authenticationManager must be spec的解決
更新時間:2022年11月17日 10:15:14 作者:小樓夜聽雨QAQ
這篇文章主要介紹了SpringSecurity報錯authenticationManager must be spec的解決方案,具有很好的參考價值,希望對大家有所幫助。如有錯誤或未考慮完全的地方,望不吝賜教
在重寫類UsernamePasswordAuthenticationFilter時拋出了這個異常,字面上理解是authenticationManager不明確,所以要顯示的注入。
有兩個地方要改下
首先要在配置文件重寫authenticationManager
@Bean @Override protected AuthenticationManager authenticationManager() throws Exception { return super.authenticationManager(); }
然后在過濾器里面顯示的設(shè)置一下
@Autowired @Override public void setAuthenticationManager(AuthenticationManager authenticationManager) { super.setAuthenticationManager(authenticationManager); }
順便貼一下兩個類的完整代碼
僅供參考:
過濾器
@Component public class TokenLoginFilter extends UsernamePasswordAuthenticationFilter { @Autowired JwtTokenUtils jwtTokenUtils; public TokenLoginFilter() { this.setPostOnly(false); this.setRequiresAuthenticationRequestMatcher(new AntPathRequestMatcher("/login","POST")); } @Override public Authentication attemptAuthentication(HttpServletRequest request, HttpServletResponse response) throws AuthenticationException { //獲取表單提交數(shù)據(jù) try { UserInfo user = new ObjectMapper().readValue(request.getInputStream(), UserInfo.class); return super.getAuthenticationManager().authenticate(new UsernamePasswordAuthenticationToken(user.getLoginName(),user.getPassword(), new ArrayList<>())); } catch (IOException e) { e.printStackTrace(); throw new RuntimeException(); } } @Override protected void successfulAuthentication(HttpServletRequest request, HttpServletResponse response, FilterChain chain, Authentication authResult) throws IOException, ServletException { UserSecurity userSecurity = (UserSecurity) authResult.getPrincipal(); String token = jwtTokenUtils.createToken(userSecurity.getUsername()); ResponseUtils.out(response, R.ok(token)); } @Override protected void unsuccessfulAuthentication(HttpServletRequest request, HttpServletResponse response, AuthenticationException failed) throws IOException, ServletException { ResponseUtils.out(response, R.fail(ServiceError.LOGIN_FAIL)); } @Autowired @Override public void setAuthenticationManager(AuthenticationManager authenticationManager) { super.setAuthenticationManager(authenticationManager); } }
配置文件
@Configuration @EnableWebSecurity @EnableGlobalMethodSecurity(prePostEnabled = true) public class SecurityConfig extends WebSecurityConfigurerAdapter { @Autowired UserInfoServiceImpl userInfoService; @Autowired JwtAuthorizationTokenFilter jwtAuthorizationTokenFilter; @Autowired TokenLoginFilter tokenLoginFilter; @Autowired JwtAuthenticationEntryPoint jwtAuthenticationEntryPoint; @Autowired public void configure(AuthenticationManagerBuilder auth) throws Exception { auth.userDetailsService(userInfoService).passwordEncoder(passwordEncoderBean()); } @Override protected void configure(HttpSecurity http) throws Exception { http.exceptionHandling() .authenticationEntryPoint(jwtAuthenticationEntryPoint) .and().csrf().disable() .authorizeRequests() .antMatchers("/login").permitAll() .antMatchers("/hello").permitAll() .antMatchers(HttpMethod.OPTIONS, "/**").anonymous() .anyRequest().authenticated() .and() .addFilterAt(tokenLoginFilter, UsernamePasswordAuthenticationFilter.class) .addFilterAfter(jwtAuthorizationTokenFilter, TokenLoginFilter.class).httpBasic(); } @Bean public PasswordEncoder passwordEncoderBean() { return new BCryptPasswordEncoder(); } @Bean @Override protected AuthenticationManager authenticationManager() throws Exception { return super.authenticationManager(); } }
以上為個人經(jīng)驗,希望能給大家一個參考,也希望大家多多支持腳本之家。
相關(guān)文章
java?LeetCode刷題稍有難度的貪心構(gòu)造算法
這篇文章主要為大家介紹了java?LeetCode刷題稍有難度的貪心構(gòu)造題解示例,有需要的朋友可以借鑒參考下,希望能夠有所幫助,祝大家多多進步,早日升職加薪2023-02-02Java使用CompletableFuture進行非阻塞IO詳解
這篇文章主要介紹了Java使用CompletableFuture進行非阻塞IO詳解,CompletableFuture是Java中的一個類,用于支持異步編程和處理異步任務(wù)的結(jié)果,它提供了一種方便的方式來處理異步操作,并允許我們以非阻塞的方式執(zhí)行任務(wù),需要的朋友可以參考下2023-09-09java如何將實體類轉(zhuǎn)換成json并在控制臺輸出
這篇文章主要介紹了java如何將實體類轉(zhuǎn)換成json并在控制臺輸出問題,具有很好的參考價值,希望對大家有所幫助,如有錯誤或未考慮完全的地方,望不吝賜教2023-11-11SpringSecurity實現(xiàn)動態(tài)加載權(quán)限信息的方法
這篇文章主要介紹了SpringSecurity實現(xiàn)動態(tài)加載權(quán)限信息,本文給大家介紹的非常詳細,對大家的學(xué)習(xí)或工作具有一定需要的朋友可以參考下2022-01-01Java final static abstract關(guān)鍵字概述
這篇文章主要介紹了Java final static abstract關(guān)鍵字的相關(guān)資料,需要的朋友可以參考下2016-05-05