我的web.xml配置是
<filter>
<filter-name>springSecurityFilterChain</filter-name>
<filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
</filter>
<filter-mapping>
<filter-name>springSecurityFilterChain</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
以下是我的安全配置
<intercept-url pattern="/*" access="ROLE_USER" />
<intercept-url pattern="/*.ico" filters="none" />
</http>
<beans:bean id="customAuthenticationProvider" class="net.spring3.provider.MyAuthProvider" />
<authentication-manager>
<authentication-provider ref="customAuthenticationProvider" />
</authentication-manager>
下面是我的customAuthProvider类
public class MyAuthProvider implements AuthenticationProvider {
@Override
public boolean supports(Class<? extends Object> arg0) {
// TODO Auto-generated method stub
return false;
}
@SuppressWarnings("serial")
private static Map<String, String> SIMPLE_USERS = new HashMap<String, String>(2) {{
put("joe", "joe");
put("bob", "bob");
}};
@SuppressWarnings("serial" )
private static List<GrantedAuthority> AUTHORITIES = new ArrayList<GrantedAuthority>(1) {{
add(new GrantedAuthorityImpl("ROLE_USER"));
}};
@Override
public Authentication authenticate(Authentication auth) throws AuthenticationException
{
// All your user authentication needs
System.out.println("==Authenticate Me==");
if (SIMPLE_USERS.containsKey(auth.getPrincipal())
&& SIMPLE_USERS.get(auth.getPrincipal()).equals(auth.getCredentials()))
{
return new UsernamePasswordAuthenticationToken(auth.getName(), auth.getCredentials(), AUTHORITIES);
}
throw new BadCredentialsException("Username/Password does not match for " + auth.getPrincipal());
}
}
页面显示了登录表单,当我输入bob和bob作为登录名时,它抛出了以下错误。
Your login attempt was not successful, try again.
Reason: No AuthenticationProvider found for org.springframework.security.authentication.UsernamePasswordAuthenticationToken
我在调试级别ALL检查了日志,这是我得到的。
FINE: Request is to process authentication
Nov 17, 2011 5:37:36 AM org.springframework.context.support.AbstractApplicationContext publishEvent
FINEST: Publishing event in Root WebApplicationContext: org.springframework.security.authentication.event.AuthenticationFailureProviderNotFoundEvent[source=org.springframework.security.authentication.UsernamePasswordAuthenticationToken@ffff8dfd: Principal: sd; Credentials: [PROTECTED]; Authenticated: false; Details: org.springframework.security.web.authentication.WebAuthenticationDetails@fffe3f86: RemoteIpAddress: 127.0.0.1; SessionId: x4lg4vtktpw9; Not granted any authorities]
Nov 17, 2011 5:37:36 AM org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter unsuccessfulAuthentication
FINE: Authentication request failed: org.springframework.security.authentication.ProviderNotFoundException: No AuthenticationProvider found for org.springframework.security.authentication.UsernamePasswordAuthenticationToken
有什么帮助吗?我在这里做错了什么?
2条答案
按热度按时间zdwk9cvp1#
正如你在评论中所写的,问题是你总是在你的认证提供者的
supports()
方法中返回false
。但是,与其总是返回true
,你应该像这样检查你得到的authentication
:czq61nw12#
我也有同样的问题。在我的例子中,解决方案是在认证通过后将
AbstractAuthenticationToken.setAuthenticated()
设置为true
。