我只是在 Spring 启动创建过滤器。但是当我使用setter方法而不是使用@autowired时,它是冲突的。
projectconfig类
import com.emon.security.filters.CustomAuthenticationFilter;
import com.emon.security.providers.CustomAuthenticationProvider;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.authentication.AuthenticationManager;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.web.authentication.www.BasicAuthenticationFilter;
@Configuration
public class ProjectConfig extends WebSecurityConfigurerAdapter {
@Autowired
private CustomAuthenticationFilter customAuthenticationFilter;
@Autowired
private CustomAuthenticationProvider customAuthenticationProvider;
@Override
protected void configure(AuthenticationManagerBuilder auth) throws Exception {
auth.authenticationProvider(customAuthenticationProvider);
}
@Override
protected void configure(HttpSecurity http) throws Exception {
http.addFilterAt(customAuthenticationFilter, BasicAuthenticationFilter.class);
http.authorizeRequests().anyRequest().permitAll();
}
@Override
@Bean
public AuthenticationManager authenticationManagerBean() throws Exception {
return super.authenticationManagerBean();
}
}customauthenticationfilter类
import com.emon.security.athentication.CustomAuthentication;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.authentication.AuthenticationManager;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.stereotype.Component;
import javax.servlet.*;
import javax.servlet.http.HttpServletRequest;
import java.io.IOException;
@Component
public class CustomAuthenticationFilter implements Filter {
@Autowired
private AuthenticationManager authenticationManager;
@Override
public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException {
HttpServletRequest httpServletRequest = (HttpServletRequest) request;
String authorization = httpServletRequest.getHeader("Authorization");
CustomAuthentication customAuthentication = new CustomAuthentication(authorization, null);
Authentication authenticate = authenticationManager.authenticate(customAuthentication);
if (authenticate.isAuthenticated()) {
SecurityContextHolder.getContext().setAuthentication(authenticate);
chain.doFilter(request, response);
}
}
}工作正常。。
同样的代码正在实现基于构造函数的方法:
projectconfig类
import com.emon.security.filters.CustomAuthenticationFilter;
import com.emon.security.providers.CustomAuthenticationProvider;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.authentication.AuthenticationManager;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.web.authentication.www.BasicAuthenticationFilter;
@Configuration
public class ProjectConfig extends WebSecurityConfigurerAdapter {
private final CustomAuthenticationFilter customAuthenticationFilter;
private final CustomAuthenticationProvider customAuthenticationProvider;
public ProjectConfig(CustomAuthenticationFilter customAuthenticationFilter, CustomAuthenticationProvider customAuthenticationProvider) {
this.customAuthenticationFilter = customAuthenticationFilter;
this.customAuthenticationProvider = customAuthenticationProvider;
}
@Override
protected void configure(AuthenticationManagerBuilder auth) throws Exception {
auth.authenticationProvider(customAuthenticationProvider);
}
@Override
protected void configure(HttpSecurity http) throws Exception {
http.addFilterAt(customAuthenticationFilter, BasicAuthenticationFilter.class);
http.authorizeRequests().anyRequest().permitAll();
}
@Override
@Bean
public AuthenticationManager authenticationManagerBean() throws Exception {
return super.authenticationManagerBean();
}
}customauthenticationfilter类
import com.emon.security.athentication.CustomAuthentication;
import org.springframework.security.authentication.AuthenticationManager;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.stereotype.Component;
import javax.servlet.*;
import javax.servlet.http.HttpServletRequest;
import java.io.IOException;
@Component
public class CustomAuthenticationFilter implements Filter {
private final AuthenticationManager authenticationManager;
public CustomAuthenticationFilter(AuthenticationManager authenticationManager) {
this.authenticationManager = authenticationManager;
}
@Override
public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException {
HttpServletRequest httpServletRequest = (HttpServletRequest) request;
String authorization = httpServletRequest.getHeader("Authorization");
CustomAuthentication customAuthentication = new CustomAuthentication(authorization, null);
Authentication authenticate = authenticationManager.authenticate(customAuthentication);
if (authenticate.isAuthenticated()) {
SecurityContextHolder.getContext().setAuthentication(authenticate);
chain.doFilter(request, response);
}
}
}但是正在创建此错误:
┌─────┐
| customAuthenticationFilter defined in file [/home/emon/Code/SecutiryDemo/ss-5/target/classes/com/emon/security/filters/CustomAuthenticationFilter.class]
↑ ↓
| projectConfig defined in file [/home/emon/Code/SecutiryDemo/ss-5/target/classes/com/emon/config/ProjectConfig.class]
└─────┘实际上,当我使用基于@autowired的注入时,我并没有遇到循环异常,但是当我使用基于构造函数的注入时,我会遇到这个错误。
暂无答案!
目前还没有任何答案,快来回答吧!