我有自定义身份验证提供程序。当我想从其他类调用方法时,没有任何反应,我不知道为什么。请帮忙:
package org.sample.web.security;
import java.util.ArrayList;
import java.util.List;
import org.sample.web.service.SimpleService;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.security.authentication.AuthenticationProvider;
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.AuthenticationException;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.core.authority.SimpleGrantedAuthority;
import org.springframework.stereotype.Component;
@Component
public class CustomAuthenticationProvider implements AuthenticationProvider {
protected final Logger logger = LoggerFactory.getLogger(getClass());
private SimpleService simpleService;
@Override
public Authentication authenticate(Authentication authentication) throws AuthenticationException {
logger.error("1111111111111111");
String name = authentication.getName();
String password = authentication.getCredentials().toString();
simpleService.doNothing();
logger.error("2222222222222222");
if (name.equals("admin") && password.equals("system")) {
List<GrantedAuthority> grantedAuths = new ArrayList<GrantedAuthority>();
grantedAuths.add(new SimpleGrantedAuthority("ROLE_USER"));
Authentication auth = new UsernamePasswordAuthenticationToken(name, password, grantedAuths);
return auth;
} else {
return null;
}
}
@Override
public boolean supports(Class<?> authentication) {
return authentication.equals(UsernamePasswordAuthenticationToken.class);
}
public void setSimpleService(SimpleService simpleService) {
this.simpleService = simpleService;
}
}
身份验证方法的输出只是:
DEBUG - ProviderManager - Authentication attempt using org.sample.web.security.CustomAuthenticationProvider
ERROR - stomAuthenticationProvider - 1111111111111111
当我推荐行时什么也不做
// simpleService.doNothing();
然后它开始工作,为什么?
DEBUG - ProviderManager - Authentication attempt using org.sample.web.security.CustomAuthenticationProvider
ERROR - stomAuthenticationProvider - 1111111111111111
ERROR - stomAuthenticationProvider - 2222222222222222
TRACE - XmlWebApplicationContext - Publishing event in Root WebApplicationContext: org.springframework.security.authentication.event.AuthenticationFailureProviderNotFoundEvent[source=org.springframework.security.authentication.UsernamePasswordAuthenticationToken@9561: Principal: aaa; Credentials: [PROTECTED]; Authenticated: false; Details: org.springframework.security.web.authentication.WebAuthenticationDetails@957e: RemoteIpAddress: 127.0.0.1; SessionId: null; Not granted any authorities]
DEBUG - DefaultListableBeanFactory - Returning cached instance of singleton bean 'methodRegistrar'
DEBUG - BasicAuthenticationFilter - Authentication request for failed: org.springframework.security.authentication.ProviderNotFoundException: No AuthenticationProvider found for org.springframework.security.authentication.UsernamePasswordAuthenticationToken
DEBUG - nSecurityContextRepository - SecurityContext is empty or contents are anonymous - context will not be stored in HttpSession.
DEBUG - tyContextPersistenceFilter - SecurityContextHolder now cleared, as request processing completed
安全上下文:
<?xml version="1.0" encoding="UTF-8"?>
<beans:beans xmlns="http://www.springframework.org/schema/security" xmlns:beans="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:p="http://www.springframework.org/schema/p" xmlns:util="http://www.springframework.org/schema/util"
xsi:schemaLocation="http://www.springframework.org/schema/beans
http://www.springframework.org/schema/beans/spring-beans-3.1.xsd
http://www.springframework.org/schema/security
http://www.springframework.org/schema/security/spring-security-3.1.xsd
http://www.springframework.org/schema/util
http://www.springframework.org/schema/util/spring-util-3.1.xsd">
<http use-expressions="true">
<intercept-url pattern="/**" access="isAuthenticated()" />
<http-basic />
</http>
<global-method-security pre-post-annotations="enabled" />
<authentication-manager>
<authentication-provider ref="customAuthenticationProvider" />
</authentication-manager>
</beans:beans>
最佳答案
根据您的描述,方法 simpleService.doNothing() 似乎永远不会返回, 从而导致你的线程被卡住, 这就是为什么您的authenticate() 方法中的其他代码无法访问的原因。
顺便说一下,使用调试器进行简单的测试应该可以轻松揭示问题。
编辑: 因为我知道调试在这里不是一个选项,所以方法是打印到日志 调用方法之前、方法内部和方法之后。
既然您已经完成了该操作并且该方法没有打印,那么现在有 2 个选项:
simpleReceiver 为空,带有日志的简单 try catch 应该会显示它。
simpleReceiver 不是 SimpleReceiver 类型,而是执行无限长时间工作的派生类 在其功能中,如果是这种情况,实例类型的简单日志打印应该会显示它。
关于java - 为什么在实现自定义身份验证提供程序时无法从其他类调用方法,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/17084993/