SpringSecurity报错authenticationManager must be spec的解决
小楼夜听雨QAQ 人气:0在重写类UsernamePasswordAuthenticationFilter时抛出了这个异常,字面上理解是authenticationManager不明确,所以要显示的注入。
有两个地方要改下
首先要在配置文件重写authenticationManager
@Bean
@Override
protected AuthenticationManager authenticationManager() throws Exception {
return super.authenticationManager();
}然后在过滤器里面显示的设置一下
@Autowired
@Override
public void setAuthenticationManager(AuthenticationManager authenticationManager) {
super.setAuthenticationManager(authenticationManager);
}顺便贴一下两个类的完整代码
仅供参考:
过滤器
@Component
public class TokenLoginFilter extends UsernamePasswordAuthenticationFilter {
@Autowired
JwtTokenUtils jwtTokenUtils;
public TokenLoginFilter() {
this.setPostOnly(false);
this.setRequiresAuthenticationRequestMatcher(new AntPathRequestMatcher("/login","POST"));
}
@Override
public Authentication attemptAuthentication(HttpServletRequest request, HttpServletResponse response) throws AuthenticationException {
//获取表单提交数据
try {
UserInfo user = new ObjectMapper().readValue(request.getInputStream(), UserInfo.class);
return super.getAuthenticationManager().authenticate(new UsernamePasswordAuthenticationToken(user.getLoginName(),user.getPassword(),
new ArrayList<>()));
} catch (IOException e) {
e.printStackTrace();
throw new RuntimeException();
}
}
@Override
protected void successfulAuthentication(HttpServletRequest request, HttpServletResponse response, FilterChain chain, Authentication authResult) throws IOException, ServletException {
UserSecurity userSecurity = (UserSecurity) authResult.getPrincipal();
String token = jwtTokenUtils.createToken(userSecurity.getUsername());
ResponseUtils.out(response, R.ok(token));
}
@Override
protected void unsuccessfulAuthentication(HttpServletRequest request, HttpServletResponse response, AuthenticationException failed) throws IOException, ServletException {
ResponseUtils.out(response, R.fail(ServiceError.LOGIN_FAIL));
}
@Autowired
@Override
public void setAuthenticationManager(AuthenticationManager authenticationManager) {
super.setAuthenticationManager(authenticationManager);
}
}配置文件
@Configuration
@EnableWebSecurity
@EnableGlobalMethodSecurity(prePostEnabled = true)
public class SecurityConfig extends WebSecurityConfigurerAdapter {
@Autowired
UserInfoServiceImpl userInfoService;
@Autowired
JwtAuthorizationTokenFilter jwtAuthorizationTokenFilter;
@Autowired
TokenLoginFilter tokenLoginFilter;
@Autowired
JwtAuthenticationEntryPoint jwtAuthenticationEntryPoint;
@Autowired
public void configure(AuthenticationManagerBuilder auth) throws Exception {
auth.userDetailsService(userInfoService).passwordEncoder(passwordEncoderBean());
}
@Override
protected void configure(HttpSecurity http) throws Exception {
http.exceptionHandling()
.authenticationEntryPoint(jwtAuthenticationEntryPoint)
.and().csrf().disable()
.authorizeRequests()
.antMatchers("/login").permitAll()
.antMatchers("/hello").permitAll()
.antMatchers(HttpMethod.OPTIONS, "/**").anonymous()
.anyRequest().authenticated()
.and()
.addFilterAt(tokenLoginFilter, UsernamePasswordAuthenticationFilter.class)
.addFilterAfter(jwtAuthorizationTokenFilter, TokenLoginFilter.class).httpBasic();
}
@Bean
public PasswordEncoder passwordEncoderBean() {
return new BCryptPasswordEncoder();
}
@Bean
@Override
protected AuthenticationManager authenticationManager() throws Exception {
return super.authenticationManager();
}
}以上为个人经验,希望能给大家一个参考,也希望大家多多支持。
加载全部内容